ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:14 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x06\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:14 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffff8c, 0x0, 0x0, 0x0)

08:02:14 executing program 0:
r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0xf004, 0x10000)
openat$cgroup_ro(r0, &(0x7f00000000c0)='memo\xf2y.even\x9es\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:14 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2d, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:14 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000040)={<r1=>0x0, 0xfff, 0x3ff, 0xbc, 0x72b, 0x7fffffff}, &(0x7f0000000140)=0x14)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000180)={r1, @in6={{0xa, 0x4e20, 0x5, @mcast1, 0x9c59}}, [0x10000, 0x2, 0x1f, 0x8001, 0x2, 0x0, 0xffffffff, 0x1f, 0xfff, 0x20, 0x3ed, 0x5c3d, 0x0, 0x3, 0xe59]}, &(0x7f0000000280)=0x100)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0xffffffff)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:14 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffeb, 0x0, 0x0, 0x0)

08:02:14 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2e, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  634.144700][T15842] FAT-fs (loop4): bogus number of reserved sectors
[  634.151806][T15830] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  634.171402][T15842] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:14 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xfffffff6, 0x0, 0x0, 0x0)

08:02:14 executing program 0:
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x200, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x105101, 0x0)
syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x20000)
syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x101)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000300)='rdma.current\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  634.236169][T15946] FAT-fs (loop4): bogus number of reserved sectors
08:02:14 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2f, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  634.294233][T15946] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:14 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x45654982f3, 0x0, 0x0, 0x0)

08:02:15 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:15 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x06\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x30, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:15 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x6b6, 0x391042)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040)=0x3, 0x4)

08:02:15 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xedc000000000, 0x0, 0x0, 0x0)

08:02:15 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
getsockopt$inet_buf(r0, 0x0, 0x2d, &(0x7f0000000440)=""/237, &(0x7f0000000300)=0x2e2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000100)={{{@in=@multicast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@initdev}, 0x0, @in6=@initdev}}, &(0x7f0000000040)=0xe8)
r3 = getegid()
syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x3f, 0x200)
fchown(r0, r2, r3)
ioctl$sock_ax25_SIOCDELRT(r1, 0x890c, &(0x7f0000000200)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x3, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]})

08:02:15 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2000000000000, 0x0, 0x0, 0x0)

08:02:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x31, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  635.036345][T16172] FAT-fs (loop4): bogus number of reserved sectors
[  635.044033][T16172] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:15 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x32, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:15 executing program 0:
setxattr$security_evm(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="0408188d9131375517ffc3ec"], 0x11, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:15 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x7, 0x420280)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000400)={&(0x7f0000000240), 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0xf8, r3, 0x800, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}]}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x7}]}, @IPVS_CMD_ATTR_DAEMON={0x44, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x44, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x8001}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @broadcast}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1000}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x6aa2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1000}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4040800}, 0x90)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0xa00, 0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000440), &(0x7f0000000480)=0x4)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000140)="1f1cd1478d568b453efa8b67d2c0bbb4ae681c92fa01da66b042738bbb80c1bc2d3ce5f7ec6ecfb5650d462e36df6e5143cff0ac7e926764af8c478b323a95d3235248cdb3d3da0e", 0x48, r1}, 0x68)

08:02:15 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:15 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x4000000000000, 0x0, 0x0, 0x0)

08:02:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x83, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:15 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = getpgrp(0xffffffffffffffff)
kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000080)={r1, r0, 0x10001})
socket$nl_route(0x10, 0x3, 0x0)

08:02:15 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  635.297391][T16397] FAT-fs (loop4): bogus number of reserved sectors
08:02:15 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xe000000000000, 0x0, 0x0, 0x0)

08:02:15 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:15 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  635.341635][T16397] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:15 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:15 executing program 0:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cgroup.events\x00', 0x26e1, 0x0)
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000100)={@rand_addr, <r2=>0x0}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4efc2d3fc5f0f0d8}, 0xc, &(0x7f0000000400)={&(0x7f0000000180)=@deltfilter={0x278, 0x2d, 0x0, 0x70bd2a, 0x25dfdbfe, {0x0, r2, {0x2, 0x4}, {0xf, 0x10}, {0xfff3, 0xffff}}, [@filter_kind_options=@f_rsvp={{0xc, 0x1, 'rsvp\x00'}, {0xb8, 0x2, [@TCA_RSVP_ACT={0xb4, 0x6, @m_ife={0xb0, 0x12, {{0x8, 0x1, 'ife\x00'}, {0x2c, 0x2, [@TCA_IFE_DMAC={0xc, 0x3, @broadcast}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x80, 0x1, 0x7, 0xfffffffffffffff7, 0x1ff}, 0x9}}]}, {0x74, 0x6, "f316e97fe8d86331de5a3df5a4fa65589433710694ac8aba1dd61936253e085351681f6644eb6198478b69fd2c3d3adfd39f0767bbbfc1f162320fa898a7ce04de156c55e2b201ef0d530ae0c2bdc74d069de7f7596808d3c4a3c1fba556e3a79e265bfbcc112189949844f30250111e"}}}}]}}, @filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x184, 0x2, [@TCA_TCINDEX_MASK={0x8, 0x2, 0x8}, @TCA_TCINDEX_SHIFT={0x8, 0x3, 0x7}, @TCA_TCINDEX_CLASSID={0x8, 0x5, {0xe, 0x10}}, @TCA_TCINDEX_MASK={0x8}, @TCA_TCINDEX_ACT={0x160, 0x7, @m_bpf={0x15c, 0x17, {{0x8, 0x1, 'bpf\x00'}, {0x48, 0x2, [@TCA_ACT_BPF_FD={0x8, 0x5, r0}, @TCA_ACT_BPF_OPS={0x24, 0x4, [{0x3, 0x86, 0x2, 0x2eb2}, {0x8, 0x25, 0x1, 0x42b}, {0x3, 0x4, 0x10001, 0x1ff}, {0x3, 0x5, 0x0, 0x3ff}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x80000000000, 0xfff, 0x5, 0x1f, 0x9}}]}, {0x104, 0x6, "4b597779aa276b4d1c987f18d80c965e4b81202e44337beb41d997036c6893c89d4d7b12203b45de8a64b991d6148746b405d1a46df3c48a43bd75a8ac2835e8789fc7dba69e8c38c900b2fab13c1787f9beca7ea19b5ca0fd177358e191e7d354e1ab9ae7296f13b692aad8414ebc80c10f9f4c1429db806ffe01d9fcbf139039b8242c0c82e2ca402bafa01d88974f02cd72b6dcdc01b708161fe750aab483fb286477076fafadbf19dfc47b159ba15d5ad266b9532c4402d3a4c1137855d6e2f25071b3e5fa70e74c45181c01a78d5fb7099175214236bb157576ac1de8e3cbdc72ed063616ff0f6a726a02f8ec76d83aefbab15a1a17450cfc158325"}}}}]}}]}, 0x278}, 0x1, 0x0, 0x0, 0x20000000}, 0x810)
socket$can_raw(0x1d, 0x3, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
connect$vsock_stream(r3, &(0x7f0000000040), 0x10)

08:02:15 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x100000000000000, 0x0, 0x0, 0x0)

08:02:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x06\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  635.468753][T16623] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:15 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:16 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x200000000000000, 0x0, 0x0, 0x0)

08:02:16 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x06\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:16 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  635.569627][T16630] FAT-fs (loop4): bogus number of reserved sectors
[  635.581554][T16698] x_tables: eb_tables: arpreply target: only valid in nat table, not nat
[  635.600540][T16630] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:16 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:16 executing program 0:
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x8c0c0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:16 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x300000000000000, 0x0, 0x0, 0x0)

08:02:16 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  635.713298][T16849] FAT-fs (loop4): bogus number of reserved sectors
[  635.728875][T16852] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  635.732716][T16849] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:16 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x40000, 0x0)
getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000140)=0x8)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:16 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x400000000000000, 0x0, 0x0, 0x0)

08:02:16 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x4000, 0x0)

08:02:16 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x01\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:16 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:16 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x500000000000000, 0x0, 0x0, 0x0)

08:02:16 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x06\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  635.962965][T17067] FAT-fs (loop4): bogus number of reserved sectors
[  635.982400][T17103] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  636.002350][T17067] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:16 executing program 0:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x80, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='pids.current\x00', 0x26e1, 0x0)
ioctl$PPPIOCGMRU(r1, 0x80047453, &(0x7f0000000040))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:16 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x1, 0x2)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f0000000140)={0x5, 0x7608, 0x2, 0xa87ac813ab6d76a4, 0x1f})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

[  636.117931][T17189] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:16 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x600000000000000, 0x0, 0x0, 0x0)

08:02:16 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x06\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  636.284451][T17295] FAT-fs (loop4): bogus number of reserved sectors
[  636.315137][T17295] FAT-fs (loop4): Can't find a valid FAT filesystem
[  636.338027][T17396] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:17 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:17 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:17 executing program 0:
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f0000000080)={0x9, 0x1, 0x9, 0x6, 0x2})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000140)=0xffffffffffffffff, 0x4)
ioctl$UI_END_FF_ERASE(r1, 0x400c55cb, &(0x7f0000000100)={0x5, 0x7, 0x8})

08:02:17 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x700000000000000, 0x0, 0x0, 0x0)

08:02:17 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x06\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:17 executing program 4:
mkdir(&(0x7f0000000180)='./file0/file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x400000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000100)={0x9, 0x4, 0xff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x4001fc)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000000)='./file0/file0\x00', 0x1, 0x50, 0x0, 0x3ffff, 0x0)

08:02:17 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x01\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:17 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x800000000000000, 0x0, 0x0, 0x0)

[  636.666908][T17405] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:17 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00'}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getpeername(r0, &(0x7f0000000140)=@can, &(0x7f00000001c0)=0x80)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:17 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:17 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x900000000000000, 0x0, 0x0, 0x0)

08:02:17 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  636.850563][T17623] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  636.885462][T17598] FAT-fs (loop4): bogus number of reserved sectors
[  636.913230][T17598] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:17 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:17 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x06\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:17 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xa00000000000000, 0x0, 0x0, 0x0)

08:02:17 executing program 0:
socket$nl_crypto(0x10, 0x3, 0x15)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='memory.events\x00', 0xffffffffffffff9c}, 0x10)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x100, 0x0)
ioctl$UI_SET_SNDBIT(r1, 0x4004556a, 0x2)
r2 = socket$pptp(0x18, 0x1, 0x2)
r3 = dup3(r0, r2, 0x80000)
openat$cgroup_ro(r3, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000180)={<r4=>0x0, 0x68, "870cf50ad64221fe259b72c9c95579d73436e8e2e73762e12cf37375fd27bc603975010f797ef8e278bf559cd7da369fef961685ce13af5de082d4aa9fa4f49f12195bed34dd81725fba25f46d3d578756646871acd6d46f5c1707218e650c1605208a29060ce79e"}, &(0x7f0000000100)=0x70)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000200)={r4, 0x91, "dc6390571bacca22be23a79a95221c2224d9e11195c0699cb8077251d4a16c85885dea50022587e37ea3b9f7a63a23e9e657ecd73d121a37067dc6641a84e0cf4a186aecdacfc805ea760632ba9857514f7d744a96738c51f56760b43b282ad604f2aea4432771b261252a36bdf2bc35eccafa7acc8ee94ce99a44645ad588bc8f3cce34cb88b1033694e5ef124607a723"}, &(0x7f00000002c0)=0x99)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:17 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x3, 0x100)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000001c0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x610, 0x230, 0x320, 0x140, 0x430, 0x230, 0x540, 0x540, 0x540, 0x540, 0x540, 0x6, &(0x7f0000000140), {[{{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@frag={0x30, 'frag\x00', 0x0, {0x417, 0xe8, 0x100000000, 0x1, 0x2}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @ipv4=@empty, 0x3b, 0x32, 0x4}}}, {{@uncond, 0x0, 0xc8, 0xf0}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@ipv6={@rand_addr="04de04f92627cb867122b1331a004c1f", @initdev={0xfe, 0x88, [], 0x0, 0x0}, [0xffffffff, 0xff, 0xff, 0xffffffff], [0x0, 0x0, 0xffffff00, 0xff0000ff], 'bpq0\x00', 'ip6erspan0\x00', {0xff}, {0xff}, 0x8, 0xf73, 0x2, 0x1}, 0x0, 0xc8, 0xf0}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@uncond, 0x0, 0xc8, 0x110}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@ipv4={[], [], @loopback}, @ipv4=@loopback, 0xd, 0x3e, 0x7fffffff}}}, {{@ipv6={@rand_addr="906a29a2737130a03f0c4e416166f21b", @local, [0xffffffff, 0x0, 0xffffffff, 0xffffff00], [0xffffffff, 0xff, 0xffffffff], 'veth1_to_hsr\x00', 'nr0\x00', {}, {0xff}, 0xaf, 0xc203, 0x1, 0xa}, 0x0, 0xc8, 0x110}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@multicast1, @ipv6=@rand_addr="77cc98360973e4f5d498bbb4f142e527", 0x2f, 0x2c, 0x80}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x670)

08:02:17 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:18 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xb00000000000000, 0x0, 0x0, 0x0)

[  637.634605][T17739] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  637.662884][T17747] FAT-fs (loop4): bogus number of reserved sectors
[  637.671964][T17747] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:18 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x06\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:18 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xfffffffffffffffc, 0x30000)
ioctl$RTC_AIE_ON(r1, 0x7001)
write$P9_RFSYNC(r1, &(0x7f0000000040)={0x7, 0x33, 0x1}, 0x7)

08:02:18 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='cgroup.stat\x00', 0x7a05, 0x1700)
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00')
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000300)=@generic={0x3, 0x6, 0x48d87bdd})
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1a1b000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x60, r2, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x81}]}, @TIPC_NLA_MEDIA={0x40, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x60}}, 0x4000000)

08:02:18 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:18 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xc00000000000000, 0x0, 0x0, 0x0)

[  637.906502][T18009] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  637.909939][T17959] FAT-fs (loop4): bogus number of reserved sectors
[  638.004608][T17959] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:18 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:18 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x06\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:18 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:18 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xd00000000000000, 0x0, 0x0, 0x0)

08:02:18 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000040)=0x9)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:18 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0)
sendto$unix(r0, &(0x7f0000000140)="a2db62ec8f6aa275841399387164247e61eab9056a781995dbd6d8a9a8e3ea37c9129d2249127ba372662f538d700451095e8273ec5af2354226e877b862d1b8951b14a81277d59b7fde6654c442479905598210d28d835300513de8a06f8a5e6c233170bf5002e847c452ff1aaaf2eb957ca7eef37edc56638009b22f6bf8b0a29a8f17592c51640e043e5deab7216137f0ec3352f6e4369736754665d73f73988deae9980bc47be8c9df1ae42dc681d8f141761a77bb7c4007f769af2a3557679b138001c0f20d7bb0bf2d83986f85e1e909ce7092e15d5011a2a26c28e931929ef5646a73585c9867d2eff9433e793d3adb66b01be123234c9da0203da1b3498a1a548dfe155cfa2d0f4a20bad354acb72b0ce77148515c312fdc0484d55118d27bda2b63823e5a426dc27911c110aab34166ff9da1e99b60ebb52cd4351c3b1739a1570b2a109c0ce5ab3368dfffbd4c152ea2edb2e4ae77384dda3ee2b94102af9f231b0de5a72dcae2abef2f01f6d18c38f11976a5bd7cda42e279d58355be1f1b5f231f1b62b1c26a192186a5893a6f8b6fa00043c21cd1e2e74f16b81228cd8065289dd6d1e9cd26d242893f8ce5cc80334dd38cf2c173882d5350087c2282e00d562cfe132df6c262c3715d8fc28784dbf43053559dd2464a69bde11f1c4527b504b7177d4b896e3aa2315d1687738e1f1e659b41bff05dbdbc3917986a0d53e7d300fffb021ef0dfeb88f2edf2fc9274991291c7119cd1391bbfb91f7ba2e7c3ca8d3f8c6c653039bd791c0139a960a471b6045259c0d433864a5dda6e5f7f43289ac5bbb60f06a4ad02bfea7053fd1711bebf3aee54a4db409082db1f38a599456337f847afa9b1ffbd43a3fb071a173cb0e8bc7fd772c59527f81493f3d54a6dbce80bedcf68b2e6cbdfe1d7320c76525861424b297bcdead91bc09de38103453c8021297196252ee81c129539a00ee97b9e280ed16d965da1f562be568bd136351a5144c08e321f3fe5852410755fe9ac8f7f1ce0262d5b7313f81ed9e0b02d583f5794fbbdfd6ccbf5d20c4f981d9a3a4e4df291ef467a15caea01710b99e49a4d6421dad48b833e1108dae128cba34f4107f36bcd1b1543f08e0073fd5367a68e41873e206aa9a1a1a3284a1379a528dd512e0fd25923ef0cbbf79e13d4fccd4e6c2448ba1772008797b6d40f9a254cbd115856304446614b4a05c4e0fc2c6db8ec4a38755faf953d39062c1f17e297bf692724b32e8650d6161fd5327d9a7b0a2b2a42508487a6d1ac56faf273eb565848f7a2fc3ce70306f61b798918a063f56e28f65ce3adea9768d6cc856fb52aebf759764cd407e82a1ec2345dbb1bce23cbf2f07c5dc55e97c7eff648a547dbf3962b87a30808a294a4a53f70987e050f404187f947b400fc4e67aa4981b1701b5c2976e20d1424dd1e9f8db4c0bb700c371b196432cfb9a1afb681a4586c708c0ed8a90728dc8bba338abaee7ef8a2636ffdb6ce918c73d2b315844ff183bbfc2c14cd898a278ac1bde850ff1730bca529da9d49748b8005932e86be3239980f0d5c820676508999f2a50abce39b2447bf2f49361bcc384f3e4698397a0fbe35ca891b71911f69b4b8dbeef0e9a521242cce585d70a8a35210bf7f79a4339fcd63ebfe75d6cee4813f0bd53e1b0eb1110f57fd47a93fa7ee764919919bd65f9de3c3ccd29c732fc5b6a07b65cbd3ed2233a703284b924b8b2526dc4c9a6b038aa2a264b61284be722bbac541b5622fe7e166943989d3e7846cd6b1b6c2f1e0485a69bc54e321d0c09a31e8ad8ebe329144cebf9b11f6303773583f9b9d3c59991b0889afc1d3c51c60064252db8e86c2d0cf66dc2768c211df44ff19d72b87227f4f23e32904a06bf08cf6357c4ac3139027d2cbf5551d5dcd0c806d99527f0a98bbc9e4c489556a0605391fa2cc87fd31e8310e89b5629273d3cdd66032dc2c3b2bfd644b5fbdc64fb144eba1219d00bc08a9851a32c00cdd03ee6795128372533ba1b1815fb45e49aed2537672820bf2aca615e8d7557b38141b6f6367ccc3696588418d0b8bf1f33b2a15bd098e4ce71c382c8131b168cbe3c0934763935649575a31af9b6861abfa5959e715752fb5e4f2e83db8566bc925ad392c0bbb78de8462d0218dd9dda0e560c95625e74e7051c5a001cdb8389766b75863b8a92aebbb1a94a3f9204ff9a8b5fbb76c5f248b0c85e675206a8c0c574ee799b6821dee57736fe5c9fc66b61eb49897dd3ac86306486b972a01efd29bd577e7ec651f3c060ae0df1a333bfd5ac141290a5eb625b11ffcb47e2b052188a9928c135896d5dbef5aea156f951d2dc14cce03964b29f1fa8ff1bf3170dcd401366f5c1dc9148a9233ada5f37df42d02069851b7ac4df185153c0165488ccf6c048c0e81906875b21d667270472043d0fe0b88af8cf3b39ca40dc55ac9388b74a4247c3f58d5038eca4beae66944b9d3a9386987bf25a1b5cbda52ed78202a74fd8d86e3d91ab35ac9b7223a96769e63c947de1dcad0dbcb0c10c87b5027b976fb9fb6c3ca113d23621430926fd912cb832b50dadcd1eee36526ee854675d5f45066baf702c7f0c2976b33939647d198034ac99e63848291fd42cd4e683d67d4768a77259531205b2b8d68ea9b20bb486435197eaaedfca21cd60f51a6933df65e7d82a479bfae61e1cf7a9b8b0b63da852112d529663cb816c2ac264eda1d4799775525159a4dd42493912b22fdd20a7d803370adf0e7558889cb03c18a759b9c58185c506717d6499e926c6c4dc6ef0fd1140bb37899833cd2c804e41bee193131e7b4eab8f118e703ca8ca97b7c7716c5c17cfc617f89a9fc0bf6c36d332169bcbbdcdafbc652362b8fb03726f37eeb6f1091d585c1c842a00d9d73aa920ec63114a1872f581c59179bba6e8b51ce34052e02abe74a69a593c5995e5399a613e6bea623342c2093018e503041ce2fdb65dbeaace6b9d90050c29e5cbbf50bc40f05417ce7e653b38a1cabee4e9d312b9b71c696e6f7c15cf946a08101d813ab1cdf43696508904615f75e4a4e4938adcbdda72f854595d6013a06a7e3594b743ba330c381d9ab9de0bf13dd6d8eb5df76b11e881ce2b96c4e9480fdbdd34af16ae552acb4fbc734a2bc06011c4bb6c4a7b6cf810287138ac8ca978df4f7597b2229aae18e67f36e52415e2111dc3ae734c732dddbb28009a7343b687e7cb2e773e28b9186f4b2374ff089ebf06f39baba736829cb81db8f3891d73d0693f70bfaf1a0f94b38de2fb41155beb67b90194ee0a0953accfc2a1f7165f3fa00f5f3b04487d8ae7514b58f792fdd182643de7c6d7ecbc5eaf8fae5ee06705bb6cbbd6149b5045f418390228b5815fa1ebe53a32ccf1157b3f2637b056cd2a7c499d1e15e3bd7d30959d58d8cb57994cd5b3ffcf6bc1558496db6349b3ed32043999e68c2df6e2048dc010a94d04e797b5d963dd907b44613d6ee6a2e27504442043f579c4750a9770e46d53930a1b905377f0be88f40a856179e44f3629a3f12aa34474b308e306368e2046356a2f1cf7c7b8ef853101e467eb61b7990383f5975b13d59dccd2bb0d7149bd257383a88f9331be38f7c78dc7c3c0252b213608b0c91d217c3d040a1ca7a22a4fd2504f6a2c81f06a41893cf75b0f7b9f570accfacc20002cb588652b3fff5ab1be0707216bbb42c40e957381f11c0863d9c10398fff9a58487a911821238995252d63d9a13acdf31f3bc62884249dc0fe03a708e5f06744b3ff69740c0aff3673f82376f89fffe40923223dafed9b26ea09123ae042fea21af14179dc6e4584cb7fa2501efe7a526ec628f9492dc3a8f08b4484406c9b7e56ef9b9ac6600b151d75ee766ea0b11d332d476bd4088c75bb317acdb1535f4e52f548389d2d95a23eb0e377bf7511ee7bb5d4c53a691d0b0a39fc3d43b81ebebcd4e9cae45e752f56fec6f438ec635be2f9b0e51d25a91cd0140b847a63186e8f437740111ef80954ce5e1750b448a198c557542c9244b932f21d5d71c5f2c9e73280873dc7f255db074ce6b6e08933e0a70b065b5b3430149a5c235a899d40bdc7dd0a6f6e024a722e0c4af34a72038214fb6da859b461d32cc15be49b2b6ded6a73a4573935f27eb47e382234d007daedcb659f2c7b642a6ef91969a8e387bcb89936f23e67ca03022f56195daf7c6edfdb3974c15d4cf526356e0d80482f57ce08ab896cb81bbdebaa02d7e3996a8faea28dfd426578e8c53a884750ffedf50637a141619442ef50fed60dad4a1b64ab3fb6efd1c8d4765ef37c162737f15d9bfeb0c744feed5a83b459d38092267303e7c0b84e8d9d7f9b40cb349089aaab8b71bf2bf25fd9be891a4204854ca8ae389a8ede55125aa393e1084b97007830c829bf3731f69a5c23c19ad9ffbe45da0579fe3d5940838d1a61c298f33a66010c58e21bf72d8b694e225656756c2dbc36a35a4671c1b45dd3ba18dcc66136d3c3b6c6e7cafeb187d723642303a1d0868039e9554ef22b622b832bfa23369c6060407f6595d797449ae00fd41ed5247114f0b847b3c5a567143cbf55b4b6f8f700f7fc5dfe5783795800d7a9db74676b1df68cd0262cb61f65f490f33e284c69f922af98fd78d9710b3b3227473409101744e68fdc877f4b028adf180b50640ca6241b253456945319ae127b917aa6b7869547de8aedef799e08f4c66effe8150e9dad20c464aa136e11ae6be6adbcd7f3f745c7b8681a0a3857cb9564d49e9ef77137bb74f8500b860ba07d5d867b2e048e6428543c00d358600552f8be7a1ac3cf5d5db2889681530f99aefb4e1c60b1f17508c413fda074d39db96fe3fc713476b5783e7a1583bbea0acd2468fafc2a17e2592b8330a4a435942a16cd8902060777b048a4ce33af123a0c845617436b679cda99c5eb31a1bd3a99725e93ec4f1e5f2649fd38d3735f300ac8b7390cf26d9f56115f2ab03bb4e472d54861d1dec24ec50519ab6a9d9e16c4c446023a355ec2db1362a2476a25a5db0bcef1c1a94d3725f6a78b827b58a43dc888be44e8e098dd82804cbb8987bc93c3c1d174bf321eb496a6aada24a1dfd85fd98e96b89c9aef863c4c704df658fe6bd3a2c30f9538a75cfa576a090e6479e080384addad600984486fafff0222c8b54ee3172cb555a82642978488b23485e51e317d018488acea4f0831c21f442937a5faa8d1701d68679dd187bab6d822061892350bc2540a8b991ea964c436a1cd9c98c325e94e134fc6e053653f0e94e85ba78f7b0545d1f1cb31e99471aa2d46ea58249b4d829307252f3a54f714af069f1bc990a965d1e8fd5a0b8d8c3bf76cfe8afcc2b8546a54c3e702d39fd8e814a5cfe20bc8189db8317cd7eec99839fb60a6627ab4c457b3aba73d287af9c4b12f3f06b26195ebeb9b0ea0bf3bad59f3c07fbe3ce53d973506faa4bb603097082a2cef6a4b0245e14dc510ceb4941e00ac4387b9683498685fad58ac801d9f3374e3ba07f524142edc4659f5e9276fc9448ddf6ff8d29560189c885e127db3435b0669ad7494e09515bc358c7d79a284cd343f1aafa44d1095627643708b2ad7f47ded9f1638d5d081a809de864c3cf6a5b689a6437ec902dca4a4b40542942749ca9d518a12a2504f9a39b46a91065262766b5fd963f75a884d85f92e20a67c624a0915115546a605c5a30ef1b1839303104f404521a34cfd8116f69859605f66fbb513a51180ed84688c3868c9eeb69da7d6e98379604187642be9", 0x1000, 0x20000000, &(0x7f0000001140)=@file={0x1, './file1\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:18 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x01\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:18 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xe00000000000000, 0x0, 0x0, 0x0)

08:02:18 executing program 0:
r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x81, 0x20800)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)={[{0x2b, 'memory'}, {0x0, 'memory'}, {0x2f, 'rdma'}, {0x2f, 'rdma'}, {0x0, 'pids'}, {0x0, 'cpu'}, {0x9e1f07f6ee2b1660, 'rdma'}]}, 0x2d)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  638.546529][T18174] FAT-fs (loop4): bogus number of reserved sectors
[  638.574182][T18174] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:19 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x06\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:19 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:19 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1000000000000000, 0x0, 0x0, 0x0)

08:02:19 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:19 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x2002, 0x0)
ioctl$PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000040)=0x3f)

08:02:19 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x06\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:19 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1200000000000000, 0x0, 0x0, 0x0)

08:02:19 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:19 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memo\xe7G$\xa0w^\x7f\xadKM\xf6\xa9_\x0ft\b`ts\x00', 0x7a05, 0x1700)

08:02:19 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2000000000000000, 0x0, 0x0, 0x0)

[  639.386737][T18615] xt_check_target: 3 callbacks suppressed
[  639.386755][T18615] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:19 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
r1 = semget$private(0x0, 0x1, 0x40)
semctl$GETPID(r1, 0x0, 0xb, &(0x7f0000000040)=""/33)
ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000000080)={0x6, 0x8, 0x3f, 0x94})

08:02:19 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000880)='./file0/file0\x00', 0x4080, 0x30)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000000000000000000000000000001b00000005000000e80500002002000000000000000000003003000000000000180500001805000018050000180500001805000005000000", @ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042d504477ee872a1964c956b1246aa305a46921767adb5f323a6719630afffa40ec2f05a6b37829999584813325033048db4a8c8a16e3cfd9ec2"], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800100100000000000000000000000000000000000000000000000048004d415351554552414445000000000000000000000000000000000000000001000000e0000002000000000000000000000000ac14142300000000000000000000000000688000ff020000000000000000000000000001ff010000000000000000000000000001ff000000ffffffffffffffff0000000000000000ffffffffffffff0000000000766574683000000000000000000000006e6c6d6f6e3000000000000000000000000000000000000000ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00070620000000000000000000000000000000c80010010000000000000000000000000000000000000000000000004800534e4154000000000000000000000000000000000000000000000000000104000000e0000002000000000000000000000000fe8800000000000000000000000000010066080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800100100000000000000000000000000000000000000000000000048004e45544d41500000000000000000000000000000000000000000000000000d0000000000000800000000000000000000000000000005000000000000000000000000ffff060000000000000000000000000000000000ff010000000000000000000000000001ffffff00ff000000ffffffffff000000ffffff00ffffffffffffffffffffffff767863616e31000000000000000000007665746830000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006f00000620000000000000000000000000000000a001e8010000000000000000000000000000000000000000000000009000737268000000000000000000000000000000000000000000000000000001060703080000000000000000000000000000ffffac1414aa00000000000000000000000000000000fe8000000000000000000000000000aa000000ff00000000ffffffffffffffff000000ff0000000000000000ffffffffffffffffff0000ff00000000ffffffff830100020000000048006862680000000000000000000000000000000000000000000000000000000900000002008203200040000300930e0000ffff06003f000300030001000100f8ff0000060004004800444e415400000000000000000000000000000000000000000000000000010800000000000000000000000000000000000000ac1414bb000000000000000000000000006600660000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x648)

08:02:19 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x06\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:19 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2010000000000000, 0x0, 0x0, 0x0)

08:02:20 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  639.622826][T18818] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  639.628568][T18755] FAT-fs (loop4): bogus number of reserved sectors
[  639.693715][T18755] FAT-fs (loop4): Can't find a valid FAT filesystem
[  639.736688][T18841] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:20 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x01\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:20 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$VIDIOC_OVERLAY(r0, 0x4004560e, &(0x7f0000000200)=0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000240)=[@in6={0xa, 0x4e23, 0xfff, @dev={0xfe, 0x80, [], 0x2b}}, @in6={0xa, 0x4e20, 0x3800000000, @mcast1, 0xfffffffffffffff9}, @in6={0xa, 0x4e23, 0x197f, @loopback, 0x80}, @in={0x2, 0x4e24, @remote}, @in6={0xa, 0x4e21, 0x0, @local, 0x7e}], 0xfffffffffffffea7)
r2 = openat$cgroup_ro(r1, &(0x7f00000001c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{<r3=>0x0}]})
recvfrom$netrom(r2, &(0x7f0000000080)=""/39, 0x27, 0x40, &(0x7f00000002c0)={{0x3, @default, 0x8}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast]}, 0x48)
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000040)={r3, 0x20})
msgget(0x2, 0x10)

08:02:20 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2300000000000000, 0x0, 0x0, 0x0)

08:02:20 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8000000000400200)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40000, 0x0)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x118)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:20 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:20 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:20 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x06\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  640.302844][T18952] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:20 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x3f00000000000000, 0x0, 0x0, 0x0)

08:02:20 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)

08:02:20 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:20 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  640.469713][T19140] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:20 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x4000000000000000, 0x0, 0x0, 0x0)

[  640.614002][T19174] FAT-fs (loop4): bogus number of reserved sectors
[  640.620567][T19178] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  640.644469][T19174] FAT-fs (loop4): Can't find a valid FAT filesystem
[  640.739643][T19184] FAT-fs (loop4): bogus number of reserved sectors
[  640.765399][T19184] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:21 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540)}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:21 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x06\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:21 executing program 0:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x7e, 0x0)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000080)='trusted.overlay.nlink\x00', &(0x7f00000000c0)={'U-', 0x10000}, 0x28, 0x2)
r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='memo\b\x00\x80\xdb\xf4\x89\xc6\xa7\xb8\x94', 0x26e1, 0x0)
ioctl$TIOCLINUX5(r1, 0x541c, &(0x7f0000000000)={0x5, 0x1, 0x7, 0x7, 0x8001})
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000180)={{0x2b, @remote, 0x4e23, 0x3, 'wlc\x00', 0x2c, 0x1, 0x8}, {@loopback, 0x4e24, 0x2000, 0xae1, 0x4, 0x100000001}}, 0x44)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x7a05, 0x1700)

08:02:21 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x4253465800000000, 0x0, 0x0, 0x0)

08:02:21 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:21 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = socket$caif_stream(0x25, 0x1, 0x4)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
dup2(r2, r1)
r3 = geteuid()
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001880)={0x0, <r4=>0x0}, &(0x7f00000018c0)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000002200)={{{@in6=@empty, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@ipv4={[], [], @multicast2}}, 0x0, @in=@local}}, &(0x7f0000002300)=0xfeff)
lstat(&(0x7f0000001a40)='./file0/file0\x00', &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000001b00)={0x0, <r7=>0x0}, &(0x7f0000001b40)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001b80)={{{@in=@local, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@mcast2}, 0x0, @in6}}, &(0x7f0000001c80)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001cc0)={{{@in6=@mcast2, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@remote}, 0x0, @in=@remote}}, &(0x7f0000001dc0)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001e00)={{{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@loopback}, 0x0, @in=@broadcast}}, &(0x7f0000001f00)=0xe8)
lstat(&(0x7f0000001f40)='./file1\x00', &(0x7f0000001f80)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
r12 = geteuid()
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002000)={0x0, 0x0, <r13=>0x0}, &(0x7f0000002040)=0xc)
lstat(&(0x7f0000002080)='./file0\x00', &(0x7f00000020c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0})
fsetxattr$system_posix_acl(r0, &(0x7f0000001840)='system.posix_acl_default\x00', &(0x7f0000002140)={{}, {0x1, 0x1}, [{0x2, 0x7, r3}, {0x2, 0x6, r4}, {0x2, 0x3, r5}, {0x2, 0x0, r6}, {0x2, 0x3, r7}, {0x2, 0x4, r8}, {0x2, 0x6, r9}, {0x2, 0x0, r10}, {0x2, 0x1, r11}, {0x2, 0x4, r12}], {}, [{0x8, 0x1, r13}, {0x8, 0x2, r14}], {0x10, 0x3}}, 0x84, 0x2)
r15 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0)
write$P9_RREAD(r15, &(0x7f0000000180)=ANY=[@ANYBLOB="0b100000750200001000009ea67f168749886e6c7fca7277c828c94acf36a92fcb5638a0e340066b9b15433553ce8f983d4290ef9dee9d4601ed4935e1ef51699db3766164e0b7570cc197a4e2241d6c97be9c7d7d20528b3c70012a5345c0ef77602074dbdfe7585759235997f4f4499f700e12f2e8266073ce9c1cdbba42f042636f817f4aede04cfad7db46c3827bfcc0cb642d6c904bea5c02e2aa1a9a0d56f48a5cda28a5797103edd6936fdde01f98c01aca056dbbc2aa805a4bb80bcfa1295dc0b0ec9c8a595aff175e584dc2c624c59cafffcf4bf7a89c8bd2d3939147dfc2da8e6ddeb8f0f30ddadb5ed1462b48aa71f08159af1ebfff3dd9bdca678ce2e02acfaaa63a8a0ee6a357019e18cc97f15f4da9187118ebab09cf0fae6350ae32a21f8814b1044b93d006f34106817a35973142938f4daa712d5314300060d3be3ba0a1f84e26087a82922f3f662a673f73a08a8faad0052abe621df79bbe890bed331071efd42c59231be6ebdf0a06af12ce091055b6b17fb8c1323a0db8f0ad434ef21c3bdcdd698fbcfbf9c843c899faceaae33e7f5348a5ddaa7209d81af14320365c271cd49f35888e53ec81924585d3563bcf9fbc5efb196873245e070a62b1179bd9ce0954b1b5914b22374fdf51e3575d32bb095aa3252048a72dfda75f350748e27e48dba118867b5c32b51bc07850148587c927899c0a072341ea1611d35033b39ff2ca049a3ebdf08a3bf4bbbee2b9b0790d02b39a950827c01336a2270d690b5b733243f9f5755967a795b393666186dd42e640d7c6d47b5266601b44c5b257a4d460a4e668b89dd21fbbe1198b8bead429fbf0ab66a2125c6220b3f62df8a15859a4d13d79a441242df58ab8a6883a189d77295ac515b63543a69252d575ab6bf9e7d28750cb785049df4a32eb381d2926124b7f0d64977bba29fdda8501efff16f82bcafa1609c775986e6472c299981dfef37a497dcb4da2072064baae9229c316f6f00eb213956c1afc4ad8780fa86b25306bf7828d86a6d05e9bd038aa2d92e4a067a79c4468f961d4cbc653323e802a86bbb393d151bc12f6e81eca8589759fbbf879eb27bb0205e117410bf65d204d15bca50e5f1ae7fba4a75a6c130b7924600ce758ce4c86afe5a2f65961b3f8fe05178c86bc3829822421711f517aea1dc19fa90dffc4fdd7509d9e75d116a3113962b1d04580b34a8b8cc0c516f9bacd53f14a7e6fa94dc26e5c0e9f118c036373e0ecddf5ef57cf1413cc588c85ab6e691c9ccb96316bdad8d4e565c256dc273ae6b7502c4b0e8480ec2b3a5f26a3a8a57abe748ffebb2dca886a30d2f52ad55b49c296d592d262cb7fd56196c6f2411ad9662888d1fcb4d52a74106444a87bd7292a1b6b0342b068ee661454ed11fbe22b64c0c6551fa09e087e0eb7fd7538c14bd9b1755f593d810a28ee6f06deb5b3140ea015649642e54c24ed6942e870b8246c9e492fc564b7f9b21ada00b2d102a707c845aef938defb058d271c651c4a81548e86ccf3e5e4ecead8d7a98f99178c92e9b97254eafa7435f7a61ba273bacca6cc4eeadb0eaaa0d15114c3e0a8ac771fa15a80746e086d45703f23fb6e67e8f9713f82e0f0e97cc619fa84bf475c695645449d850b627b755235cf6bec462ff0181efc91861f9e873d0997b6810da29f55234b07f09d0b78160e892294530b1dd1d1f11f6e23f7810b882b99fb13d5ed03bb03885d1a71070f79343d1b9bdfef1d5ecb788f07ab9f207b5d2c7a0228f4a36bb4e38de25427843e7aff5d7af090fc3b807f1d7b230a6d0ecdf6a102bc62e378eaf7c8a1f4ccc2868c04d12ffc92daeeb86bb7a6a0fab7172c58de60c7d67f34b649c2af9071c1c24525e23cfa2a954feb7e58d4af33afbbba000684f21d99f7802dc8b1ab401c1757d41555cb1f643a76844ad3193fbb801cba5d6c34b7ce8751f0bd25ecacc7af3511f66551857ebb427c181662da587cb8475b7b4e41c8bec631c592e0d527cdf383c45ee9ef127e6e1fa92cd49ac7cd1fec2d8bef3df0dc1bd4e123bd135853ada8efe3be73e4d6d695937c5dd08e0fc95675859e8a8c7b1fb48dcb329693978b8f0ddcffb2e3f312d29c70e7c9939525a2a73738aa864ec9a65163ed10617657846761ba7921ef7a38637a0e8e86abe122a5d739641ffbf6ad49a6e554dc6238a252eac45337754a4cc3477656638879cd1eab96251aabea6c41e11bb05ffbbfa830078be241837666b1b115a4c6afd440070ea1baf0eb6f8b1d6153bdeaad30f2c2515da393f951bdafd3da99af22f60d872a636b35c8d0b86a96f707a8fd688c7381d8d200fd4db5a7b6d80786c76106139d6d1acb2db57b5a141bf00274e1d592ddcfddc794b2ac16b27cb8acd05c8c9b50f0d2a984d2591a1e61cb41e26f93a6f932bb8bdab82a7f82f40f271c335554670260cd654a459e01c2ce10b10b38be5e7f10c90e5b0f9e09914b911756d2eb763245f780781d3518e53aff620112e8d62850c983df50c5efeb2a1af82cd8920a00109c6cf76ad66ff2249d0fcd7676b0f50b36111a65d14128f0dc08fc34b527d7c80e3afda767344f86d098c69469fe9ab383e6247974ec803b2bbd283aab59fc2e4ef666044905d89ae241ae31bbf79e9df6706a8c06416bc1cbb8a3d2f47fb3401b7df0195ea4a09c203c27c73d84bc3e59ee33885f0a91ae1ed55646ed3a585806b646106538289acacced44420dc70269b6ab0e500a48cbabbc75e75984fb69d547c27b5dc1f299d004a572e16670540c20091c2c335d1c4c5d9dcc00dab00143ddca75506b2ebcbe5d2d29bba6ed811c10e1635b00db1b4ac8f967b30d9f48ce8f4021a27edfb819849a1b30d46645c366a0224909b2ad071f4f2e9ed814182de457c0738302447ec7a11cbb517de5e672028ae734408134676642fb143a818755c6a73004d8bb8868970a11b5dabbbb200d9a184efee21bf53b6dcca2a920014d8c75dd61fce2b283418f9b65d21d1ec92eca7e57945e45c4645409f45cbd98ed1eb333ec954724045bf5bcb9d2ebb666cab361d4fa0425990a4673d3a9d7ea445a75697bbbf0aadd7e874e781d9adb7d1df8c17bdcef499e0cf552e3c8b7edd842c970a3c83378dcae3739b6278e622604724e375ba1bcc6112c9d45d2a61cddd873b2233a061ab4ea114ed8adb1fe9093722c2972b584206341c728c0b8aed18b3c7877f1de902c9d8b4483eb66dd813b57d31f378c897511366b21a610ca95bfba41aad5f38f76b2f627d093a0f3e50ed64268922a60b21df684beb14a4a31b7a08caa02503240a024a07b250490e36564b1c25069d2df3a828143fbd23b343d42b2fe88fd451d082444f5f272a3e09d5164c98c16dbdf5cd4999c766e8a15340539717c326d133bda04fe0093cfb252f0f55bdc714f2038111d9481e026b40d31e8b05bca9cec2d73450d862dbd0ebecf61e9b7e6add21729e04aa76c90418166fe9915bf30f8d0c8edf181be285865480adb6494ec1baea3b6edf7430b533f6216efd47bdde48e4fb159832c945065387e43d258dc70fbd74ca731b46845a0f8aa55c33c817165a54f8f2b2a6f5ae0dc46c0429d9a0514f60f3fedc0ad9ffc9919c6b907912ee8f29cdb76b230d3b2eced9fc721512c43b3d1d7d1d67dbe5b5f42712451878edcd89c723fce5b2c9413a167c54d182ba753323fc4f394d10408e3917a69ee6dfa6b57e789bf38db57864c65ab901c944ba6fc580d1f56fba110d5670d0ade7cfc172616815ce18ca01b3979f3b099d45536ef3f8087e8955a83f4cd1664d9e62b49c7f84f3d00334e2680e69277c0d75afa15ee2e877a49849b315ecc696aef61b38fb267c535bf0c00be92f75b84944cd9bd4aae1aab470b98359f23889847116b5c89d8ada9d507a03710f3fa14e72a01225b316d70efc5ceb439347c365bf74a5069420c31853d627387440ddb8e67b78917461802b123507f0ef4bb7a493d4dad37ce4fe6b2114bd1746775cea25b85386f8193900947640f28a6e2d63b3e928c7e89d06710318888b426a871eacfa3005d2beea0e7680d8b93465579b6b7ecd71da5a174d028d8281a1d04dfffa3658dfdf85455f896983121583b06cf8a72768ff8010565d1e37967916dbdfb7380d6d861cc8e982d2cc63cc925f039f8f6b21443116a4ef90c454437e8431469ac8dc2ca8b713e76012409e4d894c8fb9eef0860d267179be965be75a749c6c3fb500520f1db6ac445723ac5656ebf6f51d8bddd7dcdfe3701f3111073a9d0592fffde69fe61b607ef5192db90e6425b6f0ea888ee7c2ebe27b86b20e14f4e84d894f7d6d24eb2eb3bfb89477405ab5655a80bd56f7067fa2d2ce3a2e0d628ecf43ba47ad9a32514273aa5ef45595cf20cdfbb9b15e3f541c5a8e2808353d1128a3abd32f1150808dcdd4bf0a81ad6901e322c879a4880c3afcdce30e05b8dadc62cc4dd53407169419ee122ae32c7f2404103b0282807e48438f943a9684a825b4a486675c060c513549db818fb99d410f316a6bcf822accf948b8ae251988d2b357608d8e26e57dc9dc0ae25563e80c09417820367c8c5c366d09a016cdf6ef8f7fc27b7cd0828715072c9532345dee911d162027e7c85febf65eb5e39c3f65f905944c61327812cce0976ea5ad41a20274f1b6a32b0dd88d6e40a9b67403c715e3d30033800caf08584d58ad0b101138afcbd0c925ab3a9cef2e4cb085285139f572581b67cff2fcc4f6c3a28e894497d145223afaac64c382e9f032d845e146810290b04a9c3f6ffdc5eb6de4b1b62f47cca6376526a7c632159cc36828e193679448a4c6cd142bdc289aa2998db5afefa13c30552bc3bb50657f0518d4d2aafc39640316f6cf4acdedb19e4a6dd0edad319ce86f1e94dc87b462a03cb3dd56d1e0446a3612f3863dae1049808846448db187da80a477ff7bac48d25faa40dbe8c6bd7fbfd61f6e5bf0ba0d0f752e588f0fe2d1d9eeca1d8e1df864f97c6b4c2739ef09baca84b3b898adc9832baa974d46aae150c34c77006f2baffc380a7e3f2da8da8a8b20192babc9e6463df2b79be0f971bd4e92faefa2b1e5094ac5119abee997657a025e49358528b77a35dd17dd5f27fee7ef241ddc2150b81189328e612b4dab79918df13be864589f46dbdf1ffa53ac3d07c611fbeae046223b05aca4f1816618e6505ab965e778dd737240be9b5f24699fd2660a260d3168c17ff78d3b6e91a7af6e0a44cb04d439a2ce64ad97936733515d62d622eeaf73017cc0dc42ed68fcdc699b923610093ea6f01f5b94cc66710fd0694bb3c9246cfb128252f58ee124be5601969f655173ae5116fb493dee0829af0286973eb53539c2eee66be8ee2b2413f91fadb1f23a7baca68309713477c3dd7c56cdc74255def207cac4c1d6ce9d1871f2c48f8808415bf66f541566e6c18d12cbb297ed25cd628a176dca0434539a1774e4f642e7ebe237bad6d15fc55608bcff2921682d634b61544e81a011a4dfcb8c81cea26a23fe343514564b73f70fce9af26c781fa52aaedf438a605b3550037aa8f5f0676adad17d7e173ca0b5d58ea779eb1fca1778f4a8c9f32f176664d929aca48685f0a2b519c8361b066b32580a87935ab58023d0f56de23f96935f235e440790659249396703a81400b31e8f2855ae38fad20e9467f05b998a9cdbf8f3fe5d56da0cdab3ce935abaa4d01ebb70abb84a242eaa9a7b0e6034ad42e79cb414e19c8612d7047bcecaf77307bbc86bbfda75cf814d9"], 0x100b)
getsockopt$inet_buf(r15, 0x0, 0x3f, &(0x7f0000001700)=""/231, &(0x7f0000001800)=0xe7)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r15, 0x28, 0x1, &(0x7f0000001680)=0x80, 0x8)
r16 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
ioctl$PPPOEIOCSFWD(r16, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x0, @remote, 'team_slave_0\x00'}})
ioctl$EVIOCGRAB(r16, 0x40044590, &(0x7f00000016c0)=0x200)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r17=>0xffffffffffffffff})
execveat(r16, &(0x7f00000011c0)='./file0\x00', &(0x7f0000001480)=[&(0x7f0000001200)='}nodev,^ppp1\x00', &(0x7f0000001240)='cpuset.effective_cpus\x00', &(0x7f0000001280)='/dev/vga_arbiter\x00', &(0x7f00000012c0)='/dev/vga_arbiter\x00', &(0x7f0000001300)='msdos\x00', &(0x7f0000001340)='md5sum\x00', &(0x7f0000001380)='lotrusted\x00', &(0x7f00000013c0)='-+\x00', &(0x7f0000001400)='Nsystemselfeth0vmnet0/:\x00', &(0x7f0000001440)='/dev/vga_arbiter\x00'], &(0x7f0000001640)=[&(0x7f0000001500)='team_slave_0\x00', &(0x7f0000001540)='proc\x00', &(0x7f0000001580)='\x00', &(0x7f00000015c0)='\x00', &(0x7f0000001600)='/dev/vga_arbiter\x00'], 0x800)
ioctl$PERF_EVENT_IOC_ENABLE(r17, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:21 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x4800000000000000, 0x0, 0x0, 0x0)

[  641.217160][T19292] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:21 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x06\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:21 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  641.335503][T19296] FAT-fs (loop4): bogus number of reserved sectors
[  641.374807][T19296] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:21 executing program 0:
syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x0, 0x4000)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0x7, 0x10d040)
openat$cgroup_ro(r0, &(0x7f0000000200)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x115000, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000000280)={0x9, {{0xa, 0x4e24, 0x8000, @remote, 0x72031f61}}, {{0xa, 0x4e23, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x9}}}, 0x108)

08:02:21 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x4c00000000000000, 0x0, 0x0, 0x0)

[  641.399106][T19507] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  641.466999][T19296] FAT-fs (loop4): bogus number of reserved sectors
[  641.473639][T19296] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:21 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x06\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  641.657593][T19723] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  641.728597][T19723] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:22 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540)}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:22 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x6000000000000000, 0x0, 0x0, 0x0)

08:02:22 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:22 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)

08:02:22 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x06\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:22 executing program 4:
mkdir(&(0x7f00000003c0)='./file0\x00', 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, <r1=>0xffffffffffffff9c, 0x0, 0x6, &(0x7f0000000040)='msdos\x00', 0xffffffffffffffff}, 0x30)
inotify_init()
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x5)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f0000000000)={0xf, {0x1, 0x59, 0x0, 0x100}})

08:02:22 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x06\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:22 executing program 0:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x8200, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$VIDIOC_SUBDEV_G_EDID(r1, 0xc0285628, &(0x7f0000000080)={0x0, 0xbcd, 0x1ff, [], &(0x7f0000000040)=0x5397})
r2 = dup(r0)
ioctl$VIDIOC_SUBDEV_S_EDID(r2, 0xc0285629, &(0x7f0000000180)={0x0, 0x5, 0x6, [], &(0x7f0000000140)=0x1f})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000001c0)={{{@in, @in=@broadcast}}, {{@in6=@remote}, 0x0, @in=@multicast2}}, &(0x7f00000002c0)=0xe8)

08:02:22 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x6800000000000000, 0x0, 0x0, 0x0)

[  642.184416][T19732] FAT-fs (loop4): bogus number of reserved sectors
[  642.241093][T19732] FAT-fs (loop4): Can't find a valid FAT filesystem
[  642.243050][T19807] Unknown ioctl -1071098327
08:02:22 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x6c00000000000000, 0x0, 0x0, 0x0)

08:02:22 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:22 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
fcntl$addseals(r0, 0x409, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
finit_module(r1, &(0x7f0000000040)='memory.events\x00', 0x3)

[  642.359217][T19814] FAT-fs (loop4): bogus number of reserved sectors
[  642.418662][T19814] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:23 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540)}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:23 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:23 executing program 4:
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:23 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x7400000000000000, 0x0, 0x0, 0x0)

08:02:23 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000040))
syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x5ac, 0x200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:23 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:23 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:23 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x7a00000000000000, 0x0, 0x0, 0x0)

08:02:23 executing program 4:
r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0xfffffffffffffffa, 0x200000)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000001c0)='\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x3, 0x400)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000140)={0x80000, 0x0, [0x6, 0x0, 0x3, 0x3, 0x8000, 0x2, 0x200, 0x6]})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000240)=0x1d)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:23 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:23 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f0000000100)={0x0, 0x0, 0x2080})
fsetxattr$trusted_overlay_origin(r1, &(0x7f0000000040)='trusted.overlay.origin\x00', &(0x7f0000000080)='y\x00', 0x2, 0x0)

08:02:23 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  643.335656][T20393] FAT-fs (loop4): bogus number of reserved sectors
[  643.371024][T20393] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:24 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:24 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x8000000000000000, 0x0, 0x0, 0x0)

08:02:24 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:24 executing program 0:
syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xab, 0x1fffa)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x400, 0x0)
openat$cgroup_ro(r0, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
getsockopt$inet_mreq(r1, 0x0, 0x27, &(0x7f0000000140)={@multicast1, @multicast1}, &(0x7f00000001c0)=0x8)
fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f0000000080)='./file0\x00', 0x8, 0x2)

08:02:24 executing program 4:
mkdir(&(0x7f0000000000)='./file0\x00', 0x118)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x7)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000300))
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x40000, 0x0)
mknodat(r2, &(0x7f0000000240)='./file0/file0\x00', 0x200, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000140)="8bc5ed938614a9726690fdbba2e05939f78b765b787546eb0031222449b984537643859d71e041923f815e20fab6f3fdefcbba8b5e96f6dfb87fb277b3838c1e2ae4fcff489f2d5722c525ddd0074d1e727d2761fa9cc4a5cbb0734b7d5ebc717af2f1881512ac4bd6b5a48f391d12230418c3b3aa08425f8babbc5741f38bda1fe064825f08afd1a9de29e90b1f9c3c673b55afa0716287b7bb102916b485acb243df6efdc04ab55782cc90c2410519d75b4f1f24199585b4737994ddc011b0aab9682b96fb6b60a7e18517cd903f400f9aff7da8d7370b343afb92971f09610708810b2a0eac2a5a6919328cc18e197522d43388829af61dc0372e97a65f72")
r3 = semget(0x2, 0x3, 0x200)
semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000440)=[0x6])

08:02:24 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:24 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x8001000000000000, 0x0, 0x0, 0x0)

08:02:24 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  644.012381][T20611] FAT-fs (loop4): bogus number of reserved sectors
[  644.034351][T20611] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:24 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x8002000000000000, 0x0, 0x0, 0x0)

08:02:24 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:24 executing program 0:
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)

08:02:24 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  644.138940][T20827] FAT-fs (loop4): bogus number of reserved sectors
08:02:24 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:24 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x8096980000000000, 0x0, 0x0, 0x0)

[  644.195123][T20827] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:24 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:24 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x10103, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:24 executing program 0:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
flock(r1, 0x7)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:24 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x8cffffff00000000, 0x0, 0x0, 0x0)

08:02:24 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:24 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:24 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  644.429785][T21050] xt_check_target: 9 callbacks suppressed
[  644.429799][T21050] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:24 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xa300000000000000, 0x0, 0x0, 0x0)

[  644.489047][T21057] FAT-fs (loop4): bogus number of reserved sectors
[  644.531317][T21057] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:24 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x100, 0x70bd27, 0x25dfdbfe, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x20}}, ["", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x11)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:25 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xc400000000000000, 0x0, 0x0, 0x0)

08:02:25 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  644.571964][T21196] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:25 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:25 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:25 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x805, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x100, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000040)={0x30, 0x5, 0x0, {0x0, 0x5, 0x7, 0x40000000000}}, 0x30)

08:02:25 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xcc00000000000000, 0x0, 0x0, 0x0)

08:02:25 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000040)='trusted.overlay.nlink\x00', &(0x7f0000000080)={'U+', 0x1}, 0x28, 0x2)
openat$cgroup_ro(r0, &(0x7f00000001c0)='cpuacct.stat\x00', 0x7a05, 0x1700)

08:02:25 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  644.734475][T21329] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  644.810778][T21384] FAT-fs (loop4): bogus number of reserved sectors
08:02:25 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  644.857255][T21384] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:25 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:25 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xebffffff00000000, 0x0, 0x0, 0x0)

08:02:25 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  644.898176][T21515] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:25 executing program 0:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0)
ioctl$SIOCX25GSUBSCRIP(r0, 0x89e0, &(0x7f0000000180)={'nlmon0\x00', 0x5, 0x1})
r1 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0xfffffffffffffffb, 0x10000)
r2 = openat$cgroup_ro(r1, &(0x7f0000000140)='mTy.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:25 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x6, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getsockopt(r0, 0x98, 0x10001, &(0x7f0000000300)=""/190, &(0x7f00000003c0)=0xbe)
r2 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x2, 0x2)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={<r3=>0x0, 0x6}, &(0x7f0000000140)=0x8)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000280)={<r4=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000180)={r3, @in6={{0xa, 0x4e23, 0x45, @empty, 0x57a}}, 0x7f, 0x100000000, 0x6, 0xffffffffffff92e0, 0x1}, &(0x7f0000000240)=0x98)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r2, &(0x7f00000004c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000400), r4, 0x8}}, 0x18)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000500))
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:25 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xf382496545000000, 0x0, 0x0, 0x0)

08:02:25 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:25 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  645.048303][T21616] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:25 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:25 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:25 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:25 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xf6ffffff00000000, 0x0, 0x0, 0x0)

[  645.158830][T21740] FAT-fs (loop4): bogus number of reserved sectors
[  645.181060][T21816] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  645.202033][T21740] FAT-fs (loop4): Can't find a valid FAT filesystem
[  645.272212][T21826] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  645.287548][T21825] FAT-fs (loop4): bogus number of reserved sectors
[  645.304070][T21825] FAT-fs (loop4): Can't find a valid FAT filesystem
[  645.311337][T21822] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:25 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xff0f000000000000, 0x0, 0x0, 0x0)

08:02:25 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  645.322660][T21826] cgroup: fork rejected by pids controller in /syz1
08:02:25 executing program 4:
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0xfffffffffffffffc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:25 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffff7f00000000, 0x0, 0x0, 0x0)

08:02:25 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:25 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:25 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

08:02:25 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x139, 0x4000)
ioctl$SIOCAX25NOUID(r1, 0x89e3, &(0x7f0000000040)=0x1)

08:02:25 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:26 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:26 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  645.626773][T22147] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:26 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)

[  645.720904][T22156] FAT-fs (loop4): bogus number of reserved sectors
[  645.758559][T22156] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:26 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:26 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:26 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x2, 0x0)

08:02:26 executing program 0:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x4000, 0x0)
r1 = geteuid()
ioctl$SIOCAX25GETUID(r0, 0x89e0, &(0x7f0000000180)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, r1})
ioctl$VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000100))
setsockopt$inet6_int(r0, 0x29, 0x23, &(0x7f0000000080)=0x4, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:26 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:26 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x9b, 0x200)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f0000000140)={{0xa, 0x4e22, 0x7f, @dev={0xfe, 0x80, [], 0x23}, 0xffffffffffffffff}, {0xa, 0x4e22, 0x91d, @local, 0xe5a}, 0xf78b, [0x4, 0xc9d, 0x5a, 0x5, 0x8, 0x1, 0x5, 0x8]}, 0x5c)
ioctl$int_out(r0, 0x5460, &(0x7f0000000280))
renameat2(r0, &(0x7f0000000200)='./file0/file0\x00', r0, &(0x7f0000000240)='./file0\x00', 0x1)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MARK_BUFS(r0, 0x40206417, &(0x7f00000001c0)={0x3, 0x8, 0x200, 0x8001, 0x10, 0x1})

[  645.926567][T22371] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:26 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:26 executing program 0:
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000002fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)="5500000012007f1412fe01b2a4a280930a02000000a8430691e1ffff0a00080006000300061d79001900154001000001d40000dc1338d54400009b84136ef75afb83de44110016000d6300400000060cec4faba7d4", 0x55}], 0x1}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  646.051673][T22373] XFS (loop5): Invalid superblock magic number
[  646.071338][T22502] FAT-fs (loop4): bogus number of reserved sectors
[  646.082566][T22502] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:26 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:26 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:26 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x400, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000180)='./file0\x00', 0x4, 0x0, 0x0, 0x1000, 0x0)

08:02:26 executing program 0:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x80000, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f00000000c0)={<r2=>0x0, 0x0, 0x31b6})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000100)={<r3=>0x0, 0x80000, r0})
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000140)={r2, r3, 0x74d})

08:02:26 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:26 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:27 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x3, 0x0)

08:02:27 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:27 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
timerfd_gettime(r0, &(0x7f0000000040))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:27 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x8, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f0000000140)={0x401, 0x3, 'client0\x00', 0xffffffff80000000, "26fd737d6cd9ff79", "3c1bbef3770974343f8b8f09dee52da06056cbeaaa13688aa751bf79984027f1", 0x100000001, 0xff})

08:02:27 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:27 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:27 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  646.892146][T23234] FAT-fs (loop4): bogus number of reserved sectors
[  646.920310][T23234] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:27 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
socket$nl_xfrm(0x10, 0x3, 0x6)

08:02:27 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
modify_ldt$read_default(0x2, &(0x7f0000000140)=""/157, 0x9d)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:27 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:27 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  647.064010][T23356] XFS (loop5): Invalid superblock magic number
08:02:27 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  647.177664][T23667] FAT-fs (loop4): bogus number of reserved sectors
[  647.184549][T23667] FAT-fs (loop4): Can't find a valid FAT filesystem
[  647.239099][T23787] FAT-fs (loop4): bogus number of reserved sectors
[  647.246917][T23787] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:28 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:28 executing program 0:
r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffff9c)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x20000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x60000018})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:28 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x400, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead)

08:02:28 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x4, 0x0)

08:02:28 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:28 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  648.013771][T23980] FAT-fs (loop4): bogus number of reserved sectors
[  648.047719][T23980] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:28 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:28 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:28 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_dev$swradio(&(0x7f0000000180)='/dev/swradio#\x00', 0x1, 0x2)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f00000001c0)={<r2=>0x0, 0x6, 0x6252}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_id=r2, &(0x7f0000000280)=0x4)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:28 executing program 0:
socket$rxrpc(0x21, 0x2, 0x4cdde794cf68fe83)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_FREE_BUFS(r0, 0x4010641a, &(0x7f00000002c0)={0x7, &(0x7f0000000280)=[0x8, 0x8f2, 0x0, 0x1, 0x7fff, 0x0, 0x7]})
getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000001c0), &(0x7f0000000200)=0x8)
pipe2(&(0x7f0000000100)={<r1=>0xffffffffffffffff}, 0x800)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x100, 0x0)
r3 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x2)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f00000000c0)={0x0, r1, 0x1, 0x403, 0x3, 0x4})
openat$cgroup_ro(r2, &(0x7f0000000180)='cpuacct.usage_user\x00', 0x26e1, 0x0)
fcntl$addseals(r3, 0x409, 0x8)
openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/current\x00', 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:28 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  648.165424][T24051] XFS (loop5): Invalid superblock magic number
08:02:28 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = getpid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={<r5=>0x0}, &(0x7f00000001c0)=0xc)
fcntl$getownex(r1, 0x10, &(0x7f0000000200)={0x0, <r6=>0x0})
r7 = getpgrp(0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=@RTM_NEWNSID={0x44, 0x58, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NETNSA_FD={0x8, 0x3, r3}, @NETNSA_PID={0x8, 0x2, r4}, @NETNSA_PID={0x8, 0x2, r5}, @NETNSA_PID={0x8, 0x2, r6}, @NETNSA_NSID={0x8}, @NETNSA_PID={0x8, 0x2, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x4000001)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  648.264302][T24323] binder: 24306:24323 ioctl c028660f 200000c0 returned -22
08:02:28 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:28 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:28 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:28 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  648.742904][T24543] FAT-fs (loop4): bogus number of reserved sectors
[  648.760888][T24543] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:29 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x5, 0x0)

08:02:29 executing program 0:
r0 = syz_open_dev$radio(&(0x7f0000000280)='/dev/radio#\x00', 0x0, 0x2)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000400)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f00000002c0)={0x130, r1, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x10, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80000000}]}, @TIPC_NLA_SOCK={0x1c, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1f0}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffffffffff8}]}, @TIPC_NLA_BEARER={0x8c, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'syzkaller0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffffffffffffc}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x2, @empty, 0x7fffffff}}, {0x14, 0x2, @in={0x2, 0x4e21, @empty}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}]}, @TIPC_NLA_MEDIA={0x30, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_SOCK={0x4}, @TIPC_NLA_MEDIA={0x30, 0x5, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffff2d6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}]}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
r2 = openat$cgroup_ro(r0, &(0x7f0000000240)='cpuacct.stat\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000100)={<r4=>0x0, @in6={{0xa, 0x4e23, 0x0, @loopback, 0x2}}, 0x1000, 0xc4}, &(0x7f0000000040)=0x90)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000080)=@assoc_value={r4, 0x80000001}, 0x8)

08:02:29 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:29 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:29 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:29 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0xfffffefffffffffe)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0xc4400, 0x0)
ioctl$CAPI_GET_PROFILE(r1, 0xc0404309, &(0x7f0000000040)=0xffffffff)
r2 = geteuid()
r3 = getgid()
fchownat(r1, &(0x7f0000000140)='./file0\x00', r2, r3, 0x400)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:29 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  649.138759][T24847] FAT-fs (loop4): bogus number of reserved sectors
[  649.173086][T24847] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:29 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:29 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000140)=@generic={0x2, 0x0, 0xb3ea})
r1 = semget(0x2, 0x0, 0x54c)
setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000180)=0x1, 0x4)
semctl$GETPID(r1, 0x0, 0xb, &(0x7f0000000040)=""/45)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r0, 0x6, 0x1, 0x7000000, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x20)
syz_open_dev$evdev(&(0x7f0000000240)='/dev/input/event#\x00', 0x3, 0x240000)
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f00000001c0)=0x5)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:29 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  649.265077][T25165] FAT-fs (loop4): bogus number of reserved sectors
[  649.271812][T25165] FAT-fs (loop4): Can't find a valid FAT filesystem
[  649.282907][T25000] XFS (loop5): Invalid superblock magic number
08:02:29 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:29 executing program 0:
r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x9, 0x80)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x10141, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000100)={0x2, r1})
ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMOUTPUT(r1, 0xc0485630, &(0x7f0000000140)={0x2400, "aec7265b12997bbb9d8e2f84a629dfdc628b7af8b0627232867ecd7ea17a1828", 0x2, 0x0, 0x9, 0xe0, 0x2})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000240)={<r4=>0x0, 0x3}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000002c0)={0x839, 0x8000, 0x80, 0x5c3e, r4}, 0x10)
ioctl$BLKROTATIONAL(r2, 0x127e, &(0x7f0000000200))

[  649.539668][T25406] FAT-fs (loop4): bogus number of reserved sectors
[  649.550204][T25406] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:30 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x6, 0x0)

08:02:30 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:30 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:30 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:30 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='memory.events\x00', 0x7a05, 0x1700)
sync_file_range(r0, 0xa9d, 0x7ff, 0x5)
ioctl$LOOP_SET_FD(r1, 0x4c00, r1)

08:02:30 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x7, 0x80)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000180)=0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'rose0\x00', r1})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x80000000, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400201)
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  650.043674][T25598] xt_check_target: 11 callbacks suppressed
[  650.043694][T25598] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:30 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  650.099201][T25602] FAT-fs (loop4): bogus number of reserved sectors
[  650.113327][T25602] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:30 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x3, 0x2)

08:02:30 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  650.203706][T25817] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  650.219950][T25679] XFS (loop5): Invalid superblock magic number
08:02:30 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x28)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:30 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:30 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000040)={0x2a, 0x4, 0x0, {0x4, 0x9, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000080)=0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  650.399936][T26055] FAT-fs (loop4): bogus number of reserved sectors
[  650.411256][T26055] FAT-fs (loop4): Can't find a valid FAT filesystem
[  650.470975][T26132] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  650.519547][T26138] FAT-fs (loop4): bogus number of reserved sectors
[  650.543481][T26138] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:31 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x7, 0x0)

08:02:31 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:31 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:31 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:31 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x94e00, 0x0)
bind$rose(r1, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x0, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:31 executing program 0:
dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000)
syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x4, 0x101080)
prctl$PR_SET_TIMERSLACK(0x1d, 0x6)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x401, 0x80000)
openat$cgroup_ro(r0, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  650.973749][T26347] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:31 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  651.043623][T26351] FAT-fs (loop4): bogus number of reserved sectors
[  651.082481][T26351] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:31 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000040)='\x00\x18\xfc\xff\xf0\xff\xff\xff\xff\xff\b\x00\x00\x00', 0x7a05, 0x1700)

08:02:31 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:31 executing program 4:
syz_mount_image$minix(&(0x7f0000000000)='minix\x00', &(0x7f0000000040)='./file0\x00', 0xffff, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="8da9819c20716877651a5d8e617f0194d1de7d6cedd33b2023ca67710b8f1a41ba5c3bd1c974540ab6a9e6d6a2ba7d10261cd19678b79eaebefb2fa45e56827684543a1e630e049c04bc2b0d5d07fff09a9d14e6fb88de1128f39fc3585a30", 0x5f, 0xc4f2}, {&(0x7f00000001c0)="fa5ff6643d3f77d2ebf68b2a54108460a21d38beb061be1108a277e4d0099240303aedc8e3f530b943fc514d8b1724ce379e2a6e9300b7e2c5a669de3acd5a4f2ef4e6600eefe19db56e05f07e338bad", 0x50, 0x4}], 0x4040, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  651.207159][T26662] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  651.274412][T26613] XFS (loop5): Invalid superblock magic number
08:02:31 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:31 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000040))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
write$binfmt_script(r0, &(0x7f0000000100)={'#! ', './file0', [{0x20, 'memory.events\x00'}, {0x20, 'vmnet0cgroup(('}, {}, {0x20, 'memory.events\x00'}, {0x20, 'proccpuset'}, {0x20, 'memory.events\x00'}, {0x20, 'memory.events\x00'}, {}, {0x20, 'memory.events\x00'}], 0xa, "1c83d22d3a9f4f2ec6ea683ef865a1ec4ce44156d7bcc5f814c969a3784eaed25af93b8ef134b4d1b64c36e908919ab9c055fa9c135dd67a788da4deec9f188d9707153aea32d99dc2ef1d053ef9d4f4e84e63f6f2f9ae9ef6c2f7db519712a6a8d54aac117d63e1d158405e2deba4302b4b58b89986d4d381a2837ee011641b63bf88388d21e401a425acbb54fef64e477bc02e727df95c8e20fbdbea865b68ce9e865499d38d5292939b78d71b2a5dca63ee3da80ece762bb9024acb59af253c783738eeb1e9d6527a50e007b471f4395d6276e9a714ab865881b3912faa6958d36c49cc30520ff62ba3fa872c0d4bb8c92692368a9550b7"}, 0x16b)

[  651.359853][T26846] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop4.
[  651.442856][T26937] FAT-fs (loop4): bogus number of reserved sectors
[  651.473618][T26937] FAT-fs (loop4): Can't find a valid FAT filesystem
[  651.488096][T26983] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  651.545075][T26846] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop4.
[  651.600600][T27188] FAT-fs (loop4): bogus number of reserved sectors
[  651.611612][T27188] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:32 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x8, 0x0)

08:02:32 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:32 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:32 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:32 executing program 0:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x8240, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x84801, 0x0)
write$P9_RUNLINKAT(r0, &(0x7f0000000100)={0x7, 0x4d, 0x2}, 0x7)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000140)={{0x1d, @remote, 0x4e20, 0x1, 'wrr\x00', 0x1, 0x1cb, 0x62}, {@dev={0xac, 0x14, 0x14, 0x28}, 0x4e21, 0x10000, 0x7, 0x40000000000000, 0x10001}}, 0x44)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
write$FUSE_NOTIFY_INVAL_INODE(r1, &(0x7f0000000040)={0x28, 0x2, 0x0, {0x1, 0x400, 0x1}}, 0x28)

08:02:32 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = open(&(0x7f0000000040)='./file0/file0\x00', 0x105000, 0x112)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000140)=[@window={0x3, 0x2, 0x100000000}, @mss={0x2, 0x2}, @mss={0x2, 0xffff}, @mss={0x2, 0xbb3c}], 0x4)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x1)

[  651.951370][T27199] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:32 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  652.019525][T27201] FAT-fs (loop4): bogus number of reserved sectors
[  652.034192][T27201] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:32 executing program 0:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x80240, 0x0)
sendmsg$rds(r0, &(0x7f0000000440)={&(0x7f0000000200)={0x2, 0x4e20, @remote}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000240)=""/135, 0x87}], 0x1, &(0x7f00000003c0)=ANY=[@ANYBLOB="580000000000000014010000060000000000000004000000", @ANYPTR=&(0x7f0000000340)=ANY=[@ANYBLOB="71c8000000000000"], @ANYPTR=&(0x7f0000000480)=ANY=[@ANYBLOB="0800000000000000c490eb00"], @ANYBLOB="08000000000000000000000080010000ca82ffffffffffff03000000000000001200000000000000feffffffffffffff"], 0x58, 0x20000000}, 0x4040000)
acct(0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000040)={0x0, @aes256})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
write$vhci(r2, &(0x7f0000000100)=@HCI_EVENT_PKT={0x4, "4e2b1d376229ea2c75f0e2aaa4d06f65d9614d1057a95d30c6770307e2fbd2ed53d423f4f2d7782a98492c2fa6ac43d3dea5997a82e05112f2a4bc1c7e535b1d96205ba775e05de5766878d449d4aa07b7b288712cd22b8c2155f6ef431222cbb185fa8162797310c6adf53613f59f4ea64931091ec5fbb19d8171e92591da2184710d177a130b674d7e60bf3eca31d261bedf9339bb51ca2f5e8f08648b93f25d7d61a0931f9df89661590ca6b260e7087fae07d8e080cbe6a6ccb37ba4584f74"}, 0xc2)

[  652.115117][T27244] XFS (loop5): Invalid superblock magic number
08:02:32 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:32 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x10000000000, 0x0, &(0x7f00000001c0))
syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xbc, 0x6140)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0xc0, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x40, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400204)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  652.179681][T27521] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:32 executing program 0:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x4000, 0x0)
ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000100)=""/76)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x208800, 0x0)

08:02:32 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  652.351790][T27734] FAT-fs (loop4): bogus number of reserved sectors
[  652.376791][T27734] FAT-fs (loop4): Can't find a valid FAT filesystem
[  652.423110][T27934] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  652.436085][T27936] FAT-fs (loop4): bogus number of reserved sectors
[  652.465902][T27936] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:33 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x9, 0x0)

08:02:33 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:33 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x301080, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:33 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:33 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vsock\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x800000020)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x400000, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_RESET_STATS(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="f8573b1d", @ANYRES16=r2, @ANYBLOB="08002abd7000fddbdf250a00000040000500080001006962000034000200080001001b0000000800030002000600000008000200fbffffff08000400f9ffffffa000010008000300e60a0000380004001400010002004e23000000000000000000000000200002000a004e21ffffff81fe80000000000000000000000000000e0400000008000300ff0f0000100001006574683a6e6c6d6f6e30000044000400200001000a004e218000000100000000000000000000000000000000ff030000200002000a004e2200000003ecb2c7d8b328cfcc9d34c6ed63d13f02020000001400060008000100060000000400020004000200"], 0x108}, 0x1, 0x0, 0x0, 0x20000080}, 0x1)

08:02:33 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  652.652538][T28045] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  652.674025][T28043] Unknown ioctl 35090
[  652.689487][T28043] FAT-fs (loop4): bogus number of reserved sectors
[  652.717315][T28043] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:33 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000040)={0x4, 0x37377249, 0x1, 0x65c, 0x3, @discrete={0x7, 0x3}})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:33 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  652.807509][T28103] XFS (loop5): Invalid superblock magic number
[  652.819419][T28043] Unknown ioctl 35090
[  652.838288][T28258] FAT-fs (loop4): bogus number of reserved sectors
08:02:33 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  652.867244][T28258] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:33 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:33 executing program 4:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:33 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
setsockopt$inet6_udp_int(r0, 0x11, 0x6f, &(0x7f0000000040)=0x101, 0x4)

[  653.069042][T28656] FAT-fs (loop4): bogus number of reserved sectors
[  653.108464][T28656] FAT-fs (loop4): Can't find a valid FAT filesystem
[  653.182628][T28103] XFS (loop5): Invalid superblock magic number
08:02:33 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xa, 0x0)

08:02:33 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:33 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:33 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='\x96@\xc1\xff\x10\xde\xdc\xda\xa4\x00', 0x7a05, 0x1700)

08:02:33 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:33 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x8000000000, 0xffffffe2, 0x0, 0x0, 0x0)

08:02:34 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = accept(r0, &(0x7f0000000000)=@nl=@unspec, &(0x7f0000000140)=0x80)
bind$llc(r1, &(0x7f0000000180)={0x1a, 0x335, 0x35, 0x40, 0x1, 0x3, @broadcast}, 0x10)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:34 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.events\x00', 0x26e1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={<r2=>0x0, @in6={{0xa, 0x4e20, 0x8001, @rand_addr="b44c9d93c04bb8922e8915ceac4c9dc3", 0x80000001}}, 0x0, 0x0, 0x4, 0x49, 0x8}, &(0x7f0000000040)=0x98)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000140)={r2, 0x136, 0x3, 0xc09}, &(0x7f00000002c0)=0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000003c0)='TIPC\x00')
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1504000000000000000001000000000000000c4100000014001462726f6164636173842d6c696e6be4ff"], 0x1}}, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000080)={'veth0_to_team\x00', {0x2, 0x4e23, @empty}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
getsockopt$nfc_llcp(r3, 0x118, 0x2, &(0x7f00000001c0)=""/20, 0xfffffffffffffd34)

08:02:34 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:34 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  653.731123][T29065] FAT-fs (loop4): bogus number of reserved sectors
[  653.764830][T29065] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:34 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

08:02:34 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x100, 0x0)
accept$ax25(r1, &(0x7f0000000140)={{0x3, @rose}, [@bcast, @remote, @default, @null, @bcast, @null, @netrom, @default]}, &(0x7f0000000040)=0x48)

[  653.809379][T28987] XFS (loop5): Invalid superblock magic number
[  653.927964][T29370] FAT-fs (loop4): bogus number of reserved sectors
[  653.942579][T29370] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:34 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xb, 0x0)

08:02:34 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:34 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:34 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
fcntl$setpipe(r0, 0x407, 0x9)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socket$pptp(0x18, 0x1, 0x2)
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x301000, 0x0)
ioctl$BLKFRASET(r2, 0x1264, &(0x7f0000000040)=0x5)

08:02:34 executing program 0:
r0 = syz_open_dev$amidi(&(0x7f0000000280)='/dev/amidi#\x00', 0x8000, 0x101000)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00')
sendmsg$TIPC_NL_MON_GET(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x28, r1, 0x0, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x14, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fffffff}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24004000}, 0x40814)
r2 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000440), &(0x7f0000000480)=0xc)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000080)=0xc)
getresgid(&(0x7f0000000100)=<r4=>0x0, &(0x7f0000000180), &(0x7f00000001c0))
fstat(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresgid(r3, r4, r5)
dup(r2)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000400)={'irlan0\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x2, 0x0)

08:02:34 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:35 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  654.692127][T29553] FAT-fs (loop4): bogus number of reserved sectors
[  654.712544][T29553] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:35 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  654.789167][T29635] FAT-fs (loop4): bogus number of reserved sectors
[  654.800466][T29635] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:35 executing program 0:
socket$caif_seqpacket(0x25, 0x5, 0x4003)
r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x200)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='m\xcb\xc0(Gy.ev\xf8K\xc5e\x00z\x19\x84\xa2:\xd4Z8f\xf3\xc4\x17', 0x26e1, 0x0)
write(r1, &(0x7f0000000100)="5e37b6f80003632b2506d1f4f7a400b43f6c6be3380ba5d06805e540e702594572c93c552af7b1c291ff31c95031918813ce9bfd41b5e9717b9f712244da61bd3568877ef8afedf3b83093801879195da8454a135c5fc8a345916ecf34e8cfeb33fd983b4f4af59bb255a0858a", 0x6d)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(r1, &(0x7f0000000180)='cgroup.controllers\x00', 0x0, 0x0)
write$P9_RSETATTR(r0, &(0x7f00000000c0)={0x7, 0x1b, 0x2}, 0x7)

08:02:35 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  654.852078][T29681] XFS (loop5): Invalid superblock magic number
08:02:35 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:35 executing program 4:
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f0000000140)=0x6)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000180)={<r1=>0x0, 0x3}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000200)={r1, 0x2}, &(0x7f0000000240)=0x8)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  655.044620][T30154] FAT-fs (loop4): bogus number of reserved sectors
[  655.078771][T30154] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:36 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc, 0x0)

08:02:36 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2)

08:02:36 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:36 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:36 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:36 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$swradio(&(0x7f0000000140)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000000180)={0x8, 0x2, 0x1, 0x7f, 'syz0\x00', 0x2})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
lremovexattr(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040)=@known='system.posix_acl_default\x00')

[  655.665721][T30311] xt_check_target: 9 callbacks suppressed
[  655.665735][T30311] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:36 executing program 0:
syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x226d, 0x400)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vsock\x00', 0x4000, 0x0)
getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000), &(0x7f0000000080)=0xb)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='memory.stat\x00', 0x7a05, 0x1700)

[  655.713992][T30309] FAT-fs (loop4): bogus number of reserved sectors
[  655.734711][T30309] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:36 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:36 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0)
ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000040))

08:02:36 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:36 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x14}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x15c, r1, 0x5, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x14, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x3}]}, @TIPC_NLA_NET={0x28, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x51}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xd6b}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}]}, @TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x400}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MEDIA={0xe4, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5063}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}]}]}]}, 0x15c}, 0x1, 0x0, 0x0, 0x85}, 0x1)

[  655.890886][T30700] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  655.903120][T30410] XFS (loop5): Invalid superblock magic number
[  655.929426][T30688] FAT-fs (loop4): bogus number of reserved sectors
[  655.952013][T30688] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:36 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  656.097229][T31032] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:37 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xd, 0x0)

08:02:37 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:37 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='dax\x00', 0x880004, &(0x7f0000000180)='#posix_acl_accessvboxnet1\x1f^@<wlan0proc+-@')
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x9, 0x0, 0x0, 0x8, 0x0)
sendmsg(r0, &(0x7f0000000800)={&(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x1, 0x4, 0x4, 0x3, {0xa, 0x4e23, 0x3, @mcast2, 0x8}}}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000280)="11267dedeefa70dffdc01fe16f518022409ba1706e429b7f87b43ff56e6cc293ba285f2f3bccf466240a1dc420e053e83661e4c14356d59c78508f387514a07db3430cc6cd378b274d305b1a93fabbde9fd726e3e50f845c23c2d8c172f66c467c5560e537ca6074d6dda4826e84c2e07dfdf18948a7c814d749c47a72088bf02a0bc0d5a4d5a858386c3cace27cf009e35f4c3081a8bffad13b39e29fab9b6d5a1757ce0bc0592566d9cc0ff6d43a6d731da7a4857c3da0a9a139c03f37f68c553aaf78ff155e9ecd23e052b8d1d45bc42614c73194bc842ea410c81a", 0xdd}, {&(0x7f0000000380)="efc9172e4b0e8c470d1cf89c08cce5f19e025fd943d0712a1812c2369607f452192e39c049f9c2377532e29f1c42cd2376c1a220e15d01c10676dd5fc42240704ef6edcf4b583e7edf1686bf3d5e4dd885d891a9d6d277a8681dc078d7552eca08c07f8161a428dd8f74411cf487889234b2cd35f6aa48896242eebd856a7325b0138c153dfd36a094ef937786c7592f2b6b5086f368e1c23a21daf700c07da3832b7dbdf99480d0346158adaf165c0c262d88a32a7df319478e7fb10e6c81a3f75bd6eb30", 0xc5}, {&(0x7f0000000480)="092d6b0192edd0b5b0f8e0b0fdabaaff75de0e94daa6d9feb30596d98cc4ac76344fba334c17c49bed43dd41671e135114cf1476a2e88b59e3013144d42675d97fbf96690dddeca6165efad57e704a3efbea8e405a420842f33f9674dc57b4b3b7f339d917fe35bc55b3cf45f4131feb0a2032e4883eed748957d7f3ce25edbeaca7ba6a367ff0aa29bf3b1bc665793f804d506a11a0a56b8b4347b821fd2744d7aa", 0xa2}, {&(0x7f0000000100)="1bd1565e5537bf4978c5e6994a48e5d27f649ab9b29f", 0x16}, {&(0x7f0000000540)="8a454981235e0e068cb3c15284fb57d97dbe55d3e402e3485b14578b9b8b53e7cf06cd58e5fad754a8b30567edc013ce31f920c499cec24f93104f32f355dab5a54049a3a913abc94b217b1d3ebbfbb56b4a64e1eeddf7ff344d0b10dd187b5d2080dc1a607d", 0x66}, {&(0x7f00000005c0)="56fca58fdf8155d883bff8ca2d3bd708efa7ad19811610774cbe517cf7f392f26fb93031b2ed94214714b8a13615a94a46bd6e2c0696d895b018c7f9841494af7b5f9ae31cf119f75d54f1b379110d8b8af6052cce5a52b1ed0eeb72eab55c99b29b9d1f08888baa1c62bc70d5a95a45df7440ed872a52ad875c79e95937f691446dea1d8b8893", 0x87}, {&(0x7f0000000680)="99e19a360b6dea84971681b90bb03b197be964289fa2db5b5cd3811a312890bb27e1e7804e76daaaae21cf5396585dd4db9322603121e0ede935715eca9037248dd0bc50051eb07484e94e643bacc16d62e18e554ae1c8", 0x57}, {&(0x7f0000000700)="ea00233e078338602e7d1feffc3507337cb93155ff39f85875a5512e60b95c97d0805d205ba2b711603d96400a827962887301250de418a5794398e42f1c2f5044ff0a29bfdb3e038b647535e9ca8f1c62c114372a7480b93424e55efb3e9e1e2ab141d70b8e275c", 0x68}], 0x8}, 0x4000000)

08:02:37 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f00000001c0)={0x1, 0x78641d56, {0x53, 0x732, 0x6, {0x8, 0x7fffffff}, {0xa73, 0xf0}, @cond=[{0xe7, 0x7, 0x5, 0x0, 0x1ff, 0x100}, {0xffffffffffffff81, 0x80, 0x8, 0x81, 0xb06b, 0x9}]}, {0x51, 0x577, 0x9, {0x7, 0x6}, {0x2, 0x101}, @rumble={0x6, 0x5}}})
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='io.stat\x00', 0x0, 0x0)
ioctl$VIDIOC_G_PRIORITY(r1, 0x80045643, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
open_by_handle_at(r0, &(0x7f0000000100)={0xbc, 0x80000000, "3c8d9f1dc5975c634a55af21aa709ac5ab855d6e25c133fd7841dd79875cf8e8de5dfbbed971eb07c14116e33371551686a811c8fd0de98eabac435a3901d7d37c5977cee138cf95ebb65b22d6b586aeb223e5b6e9b5950e7da132ed3e341d0c278ae282c0f8af0841c7c8c1c73a04ed652cdd8f1d88e0dcd3058d2fb7085b1ddd97f66e5cc80c29a466c7b047ae6b49899769abce920060a6e7b3aba809e674eb6bd1e63be02769dd10ee2588a673ff636e8767"}, 0x2)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000080)={'NETMAP\x00'}, &(0x7f0000000240)=0x1e)

08:02:37 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:37 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  656.713337][T31164] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  656.748229][T31161] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  656.763748][T31162] FAT-fs (loop4): bogus number of reserved sectors
[  656.770541][T31162] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:37 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:37 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  656.861590][T31407] FAT-fs (loop4): bogus number of reserved sectors
[  656.892340][T31462] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:37 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  656.911541][T31307] XFS (loop5): Invalid superblock magic number
[  656.921586][T31407] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:37 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:37 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x6, 0x80)
utimensat(r0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={{0x0, 0x7530}}, 0x100)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mq_open(&(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f0000000040)={0x9, 0x3, 0x3, 0x100000000, 0x5, 0x7, 0xff6e})
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:37 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
fadvise64(r0, 0x0, 0x6, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  657.089116][T31634] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  657.122956][T31651] FAT-fs (loop4): bogus number of reserved sectors
[  657.152691][T31651] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:38 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xe, 0x0)

08:02:38 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:38 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ioctl$IMHOLD_L1(r0, 0x80044948, &(0x7f0000000140)=0x7)

08:02:38 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:38 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:38 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0xfffffffffffffffe)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  657.790443][T31978] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:38 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r0, 0xc0405519, &(0x7f0000000040)={0x3, 0x7, 0x66, 0x5, 'syz1\x00', 0x1})

08:02:38 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:38 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  657.876821][T31979] FAT-fs (loop4): bogus number of reserved sectors
[  657.900662][T31979] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:38 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000040)={0x0, 0x200, 0x7, 0x800, <r2=>0x0}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000180)={r2, 0x2, 0x3, [0x20, 0x401, 0x0]}, 0xe)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000240)={0x4, 0x1})
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000200)=<r3=>0x0)
ioprio_set$pid(0x1, r3, 0x2b)
ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f00000001c0)={0x0, 0xfffffffffffffff8, 0x1})

[  657.986754][T32309] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  658.008601][T32092] XFS (loop5): Invalid superblock magic number
08:02:38 executing program 0:
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x4000)
stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
ioctl$SIOCAX25ADDUID(r0, 0x89e1, &(0x7f0000000080)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, r1})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)

08:02:38 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  658.203294][T32575] FAT-fs (loop4): bogus number of reserved sectors
[  658.229655][T32575] FAT-fs (loop4): Can't find a valid FAT filesystem
[  658.244270][T32625] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  658.401789][T32092] XFS (loop5): Invalid superblock magic number
08:02:39 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r0, &(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x1, 0x4, 0x2, 0x4, {0xa, 0x4e24, 0x8000, @mcast2, 0x20}}}, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x400000, 0x51)
ioctl$SG_GET_PACK_ID(r2, 0x227c, &(0x7f0000000140))
fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, <r3=>0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000240)={{0xa, 0x3, 0x8, 0x7, 'syz0\x00', 0xff}, 0x4, 0x20000000, 0x4, r3, 0x5, 0x1, 'syz1\x00', &(0x7f0000000200)=['em0\x00', '/dev/video37\x00', '\'\x00', 'proc&}#:uservboxnet0selinuxGPL\x00', '/dev/video37\x00'], 0x3f, [], [0x21, 0x8, 0xeb5, 0x7]})
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:39 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:39 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x10, 0x0)

08:02:39 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:39 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:39 executing program 0:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xffffffff00000001, 0xb40)
r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, r1)
arch_prctl$ARCH_GET_CPUID(0x1011)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)

[  658.894233][  T374] FAT-fs (loop4): bogus number of reserved sectors
[  658.911438][  T374] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:39 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:39 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  658.977143][  T638] FAT-fs (loop4): bogus number of reserved sectors
[  659.007408][  T638] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:39 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, r1, 0x0, 0x70bd25, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x325c}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x3f}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}]}]}, 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x4000000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:39 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = creat(&(0x7f0000000040)='./file0/file0\x00', 0x20)
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f00000001c0)={<r3=>0x0})
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000240)={r3, 0x80000, r4})
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000))
ioctl$IMCTRLREQ(r4, 0x80044945, &(0x7f0000000280)={0x400a, 0x4, 0xffffffffffffffc1, 0x4})
bind(r0, &(0x7f0000000140)=@pptp={0x18, 0x2, {0x1, @broadcast}}, 0x80)

[  659.075050][  T544] XFS (loop5): Invalid superblock magic number
08:02:39 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:39 executing program 0:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x7ffff, 0x0)
ioctl$RTC_PIE_OFF(r0, 0x7006)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x400000, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0)='TIPCv2\x00')
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x14, r2, 0x302, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x80)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x20000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000005c0)={<r4=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r3, &(0x7f0000000640)={0xb, 0x10, 0xfa00, {&(0x7f0000000500), r4, 0x5}}, 0x18)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000900)={r3, &(0x7f00000009c0)="b0e296153d7d62fb575cc3e6fc665c412a92c392f7485527af2d5941c3838ad26a15bb3477343ce7e1efe00cc48e0eb39d68bbba67a28f8c628f7259da3c4988b6fbf9e7637dcfcfd521d56d7a57268c92b37780aa27422c68d41fcacc9a56f8c8dc75dbf9d63a93f65fef5adb49c74e822d9fd6d7549b3421738f5a156e293e5d8ef922f2484d61daffef9e99186e83614739a6e09eb884ecc86c0597e09da6afcfa858053273ab278544a424a9bdbb22a0e6fc5209f4ab76e03b4a3129196410b8cd18caaf38cd9258e523c5e7455c39efaa3be73ef210bc93a44fdfd8697c4a1148d7ce73098283ffafbd190ba6", &(0x7f00000008c0)=""/17}, 0x18)
read(r3, &(0x7f0000000280)=""/206, 0xce)
openat$urandom(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/urandom\x00', 0x4680, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000200)='memory.\xba\xa0O\xb23\xfb\xce\x90\b\xdfY\x00\x00\x00\x00\x00\x00\x00\x16\x1c\x96\xfa \x12\xf8\x80\xa2\x90\x15\x9a\xde\xe8\xbfY\xf3\xb0}\xf2px\xd6\xf0\x8eA&5\x8c:\xe3~\xe7\xde\xcb\x1e\xdc\xf5y\x96\xa6\xab\xf9\x1f\xe2%J\xd7\xce\xd9\xfb\x80J\xea\xe3\x93\xd4-\xeb\x96F', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
fgetxattr(r1, &(0x7f0000000100)=@known='trusted.overlay.origin\x00', &(0x7f0000000800)=""/151, 0x97)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)={0x10c, r5, 0x20, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x90, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xef}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team0\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge_slave_0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x8000}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'lo\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xea}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x100}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0xab}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast2}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x10c}, 0x1, 0x0, 0x0, 0x4085}, 0x40)
ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000980))

08:02:39 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:39 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  659.295348][  T928] FAT-fs (loop4): bogus number of reserved sectors
[  659.332186][  T928] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:40 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:40 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x12, 0x0)

08:02:40 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x100)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:40 executing program 0:
r0 = dup(0xffffffffffffffff)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={<r1=>0x0, 0x80000, r0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000100)={<r2=>0x0, 0x0, 0xfffffffffffffe01})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140)={r1, r2})
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000040)=0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:40 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:40 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:40 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  659.816570][ T1465] FAT-fs (loop4): bogus number of reserved sectors
[  659.850714][ T1465] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:40 executing program 0:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x4, 0x103)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
getresuid(&(0x7f0000000140), &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0))
r3 = getgid()
munlockall()
setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={r1, r2, r3}, 0xc)
r4 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cpuacct.usage_all\x00', 0x7a05, 0x1700)
ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240))
ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000080))

08:02:40 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  659.972469][ T1616] XFS (loop5): Invalid superblock magic number
08:02:40 executing program 4:
mkdir(&(0x7f0000000040)='./file0/file0\x00', 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x200003, 0x0)

08:02:40 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x3, 0x80)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000040)='*vmnet1vboxnet0/!proc\x00')

08:02:40 executing program 0:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x3, 0x0)
ioctl$EVIOCGPROP(r0, 0x80404509, &(0x7f0000000100)=""/96)
write$binfmt_script(r0, &(0x7f0000000180)={'#! ', './file0', [{}, {0x20, '/dev/snd/pcmC#D#c\x00'}, {0x20, ':selinux[\xae(&)vboxnet1self'}, {0x20, ':*'}, {0x20, 'memory.events\x00'}, {}], 0xa, "bfea38abd0ae9bb5b14b39b0f8ce0ebedeb2b1f856e36726e5e05ad4b1646aa49761288af9ee1927feb8d7a7b41e60ce4184ab834580c4af969014805eeb09b26d6b3fcfd3157f065b"}, 0x95)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  660.397492][ T2049] FAT-fs (loop4): bogus number of reserved sectors
[  660.417986][ T2049] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:40 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:41 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x23, 0x0)

08:02:41 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:41 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:41 executing program 0:
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x400, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x40, 0x0)
syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0x2, 0x101000)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/mcfilter\x00')
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x80000, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.events\x00', 0x0, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x40, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000300)='cpuacct.usage_al\x01\x04\x00\x00V\xa1g\x86\x1d\x06\x99\x1e\x06\xa9\xb3`?\xd7*\x97\xd2\x7f\x14\x80\x94\xc9\xe0a\x9c\xa3P\a\x85\xf7t\xc64R\x0e\xd5\x16_\xee\xb3\t\xa9\xd7\xadE\xff\xe8\xed\x90\xd3a\x8bS\xe4\x1c\xae\xe8\xd9\x00\x00\x87X\xcc\xc3\xad\xa4\x02\n\xc3-j\x8f\xd8=\x92\xf6\xd4\x82\x11\x1c\x9f3]\xfa\x91\x96\xb9\xac\xb5S2\x9adoeDVl\xf2 \xe1\xa9\xc4\x9d#\xfd\x93', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:41 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x20000)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x40, 0x0)
linkat(r2, &(0x7f0000000140)='./file0\x00', r3, &(0x7f00000001c0)='./file0\x00', 0x1400)
r4 = fcntl$dupfd(r1, 0x0, r0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r4, 0xc034564b, &(0x7f0000000000)={0x2, 0x7747577f, 0x45, 0x31725e05, 0x3, @stepwise={{0x5, 0x80}, {0x0, 0x401}, {0x7fffffff, 0xc00000000000}}})
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:41 executing program 4:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000001500)='/dev/vsock\x00', 0x8000, 0x0)
setsockopt$rose(r0, 0x104, 0x5, &(0x7f0000001540), 0x4)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$ax25_int(r0, 0x101, 0x4b810efcfa90b49b, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400202)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', 0xffffffffffffffff, 0x1, 0xfffffe2e, 0x0, 0x0, 0x0)
lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='user.syz\x00', &(0x7f0000000100)='/dev/vsock\x00', 0xb, 0x1)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0xdcf, 0x5, 0x7fff, 0x8, 0x9, 0x5, 0x9, {<r2=>0x0, @in6={{0xa, 0x4e23, 0xe471, @remote, 0x6}}, 0xb3c, 0x7, 0x295, 0x10000, 0x2}}, &(0x7f0000000280)=0xb0)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000002c0)={r2, 0x2}, 0x8)

[  660.728643][ T2230] xt_check_target: 7 callbacks suppressed
[  660.728662][ T2230] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:41 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
socket$alg(0x26, 0x5, 0x0)

08:02:41 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x106, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000180)={0x10, 0x30, 0xfa00, {&(0x7f0000000000), 0x0, {0xa, 0x4e21, 0x4, @empty, 0x7ff}, r1}}, 0x38)
r2 = syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0x10001, 0x800)
readlinkat(r2, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)=""/88, 0x58)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f00000002c0)='./file0/file0\x00', r2}, 0x10)
fsync(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:41 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x48, 0x0)

08:02:41 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:41 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  661.014679][ T2563] FAT-fs (loop4): bogus number of reserved sectors
[  661.034109][ T2563] FAT-fs (loop4): Can't find a valid FAT filesystem
[  661.112171][ T2687] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  661.133087][ T2600] XFS (loop5): Invalid superblock magic number
08:02:41 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:41 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:41 executing program 0:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x200, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
connect$rds(r0, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000140)={'bcsf0\x00', 0x2})
openat$cgroup_ro(r0, &(0x7f0000000400)='pids.current\x00', 0x7a05, 0x1700)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000180)={<r2=>0xffffffffffffffff}, 0x106, 0xf}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r0, &(0x7f0000000200)={0xa, 0x4, 0xfa00, {r2}}, 0xc)

08:02:41 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x200, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DEST(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x5583000c}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r2, 0x800000000400, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x35c426e646b82a2a}, 0x10)

08:02:41 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  661.617421][ T2894] FAT-fs (loop4): bogus number of reserved sectors
[  661.644122][ T2894] FAT-fs (loop4): Can't find a valid FAT filesystem
[  661.651948][ T2899] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:42 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x4c, 0x0)

[  661.674931][ T2944] QAT: Invalid ioctl
08:02:42 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  661.718799][ T3080] QAT: Invalid ioctl
08:02:42 executing program 0:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x82000, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)

08:02:42 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x100, 0x0)
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000040)={0x8001})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:42 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:42 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:42 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:42 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x214800, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000180)={<r3=>0x0, 0x7, 0x30}, &(0x7f00000001c0)=0xc)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000200)={r3, 0x800, 0x30}, 0xc)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000040)=""/66, &(0x7f0000000100)=0x42)

[  661.911670][ T3182] XFS (loop5): Invalid superblock magic number
[  661.942726][ T3380] FAT-fs (loop4): bogus number of reserved sectors
[  661.985623][ T3380] FAT-fs (loop4): Can't find a valid FAT filesystem
[  661.993077][ T3456] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:42 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:42 executing program 4:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x101000, 0x0)
ioctl$VIDIOC_S_JPEGCOMP(r0, 0x408c563e, &(0x7f0000000140)={0x100, 0x1, 0x3, "7c5e51ca302d18d2266fd3bf59e981ea2baf5465cf69a75c88682920a74add944152b781655b7c3d0780576203f1383b4c71f8a57a193af4f47c5d2d", 0x16, "0aebe053b81a54fa3027318da79f094f374fa403762eb378848db611dce577db774a29b22e6c750d54ea7e8e8a8301c6858f79f8856d4b565ba843c6", 0x80})
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x1, 0x0, 0x0, 0x0, 0x0)

08:02:42 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:42 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f3188b070")
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x25}}, &(0x7f0000003ff6)='GPL\x00', 0x1, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000100))

[  662.256214][ T3794] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  662.269594][ T3752] FAT-fs (loop4): bogus number of reserved sectors
[  662.294052][ T3752] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:42 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x60, 0x0)

08:02:42 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = getpid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={<r5=>0x0}, &(0x7f00000001c0)=0xc)
fcntl$getownex(r1, 0x10, &(0x7f0000000200)={0x0, <r6=>0x0})
r7 = getpgrp(0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=@RTM_NEWNSID={0x44, 0x58, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NETNSA_FD={0x8, 0x3, r3}, @NETNSA_PID={0x8, 0x2, r4}, @NETNSA_PID={0x8, 0x2, r5}, @NETNSA_PID={0x8, 0x2, r6}, @NETNSA_NSID={0x8}, @NETNSA_PID={0x8, 0x2, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x4000001)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:42 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:42 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:42 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x0, 0x0)
setsockopt$packet_buf(r0, 0x107, 0x9a6f7be6f65b6b66, &(0x7f0000000040)="1fa060b9190ce9de251694fafeaba419904b07dc58c19986d96f5f6665285717776bd704d2c035900429b86f4ffc5b68a2ea79e00530b58192622d974f13e87de8f170daa5", 0x45)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f0000000180))
timerfd_create(0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c)
timer_create(0x0, 0x0, &(0x7f00000001c0))
timer_gettime(0x0, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, 0x0, &(0x7f00000006c0))
r2 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f0000000780)=""/247, &(0x7f0000000100)=0xf7)
sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

[  662.391945][ T4001] FAT-fs (loop4): bogus number of reserved sectors
[  662.418452][ T4001] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:42 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0xb, &(0x7f0000000140)='/dev/midi#\x00', <r1=>0x0}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)=r1, 0x4)
r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x3359, 0x2)
ioctl$DRM_IOCTL_GET_MAGIC(r2, 0x80046402, &(0x7f0000000040)=0x9)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000200)={0x8, <r3=>0x0, 0x10001, 0x8})
ioctl$DRM_IOCTL_SG_ALLOC(r2, 0xc0106438, &(0x7f0000000240)={0x4, r3})

[  662.524268][ T4043] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:42 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:43 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x68, 0x0)

08:02:43 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:43 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000280)={'gre0\x00', {0x2, 0x4e20, @remote}})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCGETNODEID(r2, 0x89e1, &(0x7f0000000040)={0x4})
r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0xffffffff7fffffff, 0x80000)
getsockopt$packet_buf(r3, 0x107, 0x0, &(0x7f0000000180)=""/160, &(0x7f0000000240)=0xa0)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r3, 0x117, 0x5, 0x0, 0x6)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  662.816988][ T4311] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:43 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffff9c, 0x84, 0x72, &(0x7f0000000040)={<r1=>0x0, 0x6, 0x30}, &(0x7f0000000140)=0xc)
r2 = add_key(&(0x7f0000000280)='id_legacy\x00', &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff9)
keyctl$setperm(0x5, r2, 0x10000000)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000180)={r1, 0x4, 0xf9, 0x7fff}, &(0x7f00000001c0)=0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
link(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00')

08:02:43 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:43 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x6c, 0x0)

[  663.148388][ T4014] FAT-fs (loop3): bogus number of reserved sectors
[  663.201324][ T4014] FAT-fs (loop3): Can't find a valid FAT filesystem
[  663.281893][ T4563] FAT-fs (loop4): bogus number of reserved sectors
[  663.295345][ T4563] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:43 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = getpid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={<r5=>0x0}, &(0x7f00000001c0)=0xc)
fcntl$getownex(r1, 0x10, &(0x7f0000000200)={0x0, <r6=>0x0})
r7 = getpgrp(0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=@RTM_NEWNSID={0x44, 0x58, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NETNSA_FD={0x8, 0x3, r3}, @NETNSA_PID={0x8, 0x2, r4}, @NETNSA_PID={0x8, 0x2, r5}, @NETNSA_PID={0x8, 0x2, r6}, @NETNSA_NSID={0x8}, @NETNSA_PID={0x8, 0x2, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x4000001)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:43 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:43 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:43 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x74, 0x0)

08:02:43 executing program 0:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x20c00, 0x0)
ioctl$sock_ax25_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x2010, r1, 0x0)
mq_notify(r0, &(0x7f0000000080)={0x0, 0xd, 0x1, @thr={&(0x7f00000001c0)="9c00f66ad3a9e07dc5622410bbdea57c4044b7399d83d7f04f3b66c530fd0872015602869d45c544f940d4489ca88e525c074df6d6f92d888b4bfea0f6c895fce0746cc9981611c132212a64ff1d9ff7629fed1ceb51f7d6bb9c9f22709afa6d2bc0b2e67e43b4341984fb3172f75cd64957ff6971e65291d9b4cfa535c5473cc5636920eebf69fb9cae43dca82127fc2baed385718f3909ee93a6fa212a9178722bcb4c09b21b902cab6f053e5c09419f694aa28f91474f0fc7a7906355a11c5ad5884926787658d0c53cc342f7d22bfddde2", &(0x7f00000002c0)="b816dae07abff53596f6c251215c45bfe6b254813ce400d767c05d40d59c3231b5c92c17365653879db88e5acb8a69143f6de33778639b51139214456795ffa2db27c2af3e2d28aabdb087277bb3837b6a7d068f81866691b7227feb35279d313fc3ef9d596494a384e613f58e2665366092b1e363750bcdcd68bc150570f2518661bd8e89cc4e78fda5271820807e19e946eaa41a8713e174a0b62aa23b3f0d6c5d8932b8fbc5fe4b74037c84e6636c7ef57e5329005b9151d46903660d762d15f17f91e929d64d3ad61ebc35a5e47f64a38e6f79740d7d8d4630956c85bd359f9d7eb26fd27a1ffd339d93d0d648fadd588d12327654ffb79dfdfe9fa8df6234da3cf2b0e99385f6d5b3cced5da32b7f47078a553b652c9c3b4a6273666065fdfdf6dfccee841fb9a306f10da01bec222ca0bb2a16fb2b5078c525ee01d9295cb8d2f3da717b6da017b94561a1a3d27ef03da9aa6ef1e03afbd25eec6d03e96b87db9e34452adcbe17441ff9acc9d0fe330348778f71d47263bc69f3a526002767d7143a1eae3aa16a69b380d819d3ce4bc4e29f45abf3f53ee9de51be035509388251694b841c5476f6b8b040810451669d5d7b54a35350a77c50735be090f509417df41fc9f18d3149d5cdff2487ee4813a9f6e94776449c750bd821f7db5620402d91ea0e07ebb807e37beac97269b8217ae4e1c9d7f6468b9dfc41bd9a8cb70c5cb8683b9c3c7c00671e8d68485dd18980ce580bba82228487515eecdc346edbae847665f6a40f6716af7d187bf629a966e40a4b8e61590c50949d31633c32f4474c8d6b9d48ab4d4d6f147950812c7d0eb61d694d999ef49be4a7e75ce858d0b7699fa388d6fd4cf4bb322de99cc0091783341c929d1b5719bc2cde7f9a2a4b399ecb170f8d00bd87f35dba656e0a9e5078d66fc2ccb6afd0497f7bf4fb90fb0210c7ef69a47c656591d4396ed210c803d7cfdd3c3fd3612ce04d72c0c74103f7c210f7283a649d0a77d8914123a6eca4f200ed97594a474e46c050aae9abd69d764462451b6bb4968c563ae02240c45bb4a5cb83a7a1e2aa1ebbf835d0f3eada75a9df154bf9c310835fae3b900b0b355c13f98d70a680677494ba7d3add6373aaa5a54691a0deb92c36de5180c2dd542291f4f33dd5a5d49b6cb3b81974dc18385f2a48c2feecdd27dc970fbbc94426bda18d233b46a9ecf64e77ae2bbe1e2ef849a360234d6ae2f887d266a3f0e225f3cecb40c4205fc05a1b972ae693a0d5060754d535a30d64bad71801ab3ae6754f9af667875225ac89cd86161e40fd79c2f44310da85fb1172ed52f9e53839a57101a72a6476db52d294bda5f6aeaefc4801ac9b5383f35ad9a91e70f4ca897b8734e4698bf6cd90b09ed9b8a8faba27c3a13a8e01c3fec7275f931ef5ad8d75e221385783054a065490ac4419a4912ea639c220f99e5a93eb9fbf4a9b6d51662e19fd30bdc74a366b64f0a345d188ff55260487bfba7c4e67981ca8c64d87595cf11be9e306acb7db23123471c1f06f3e3099dfab45b821bf65df1c703befc0f90136208f4e9be81ee47724c6c726fc8ef93dc9a03cadc77a5f97d57fb43eec8603042582a7d4bc40e56407d47e9f669c59c5704f2b360e3e73978d538ff984e05195b52e42f4a102eb3a55349f813302bb383f12d5a095c1031e08429c4fb3972c42dcaecf21dfb859493b51b5f0a34514897d27b16b9684ff7e5a65ffc53231649449b6aa9caf86b728b89b3f0428469e437169497ec1ee6a0447c3474b33fd32640644b0934747a2548eaff1b09d3cd28bddd3e96adcda8dfe7e54e1a868fe837601f35aca3ae05d60868b9f651376264138945ad2c20ffda5134932767bff43bd5ed20608c20eb74205549cebfd9ebe363755989c380e15043475351ca5140ab340818eefd7dcb89aaf105a15656ad917811a535e1f48cd20072fd1fd820f8886ae6f20a3215c34ddd2b2e327e8912c4a95c5616100f21f36e5cab2d3c1f8904c0246f500d27bf12bb1022fa731e40a9957b31a1f1b7e9afbf61f78c63fd48fde7385bbc297e439b149c660ca47fd3a8c652919b11a678bbfed2b34dbe37111544d9d8772c5b21c2965ed05d4cb39853acaedc30f56879fb9d4f382b454c23d06cbc48ff6078f74802388c1c10e2741433e8c40c10534999b39c7e996219fe3fcef54af3b3d719833f42c03def16aaa1ec985e7b5a4e3ffcd5551151bec475b90cd2e62eb8261e8b64e0e0459391d3ad1be21d0cd2f21a2d638b2e111cd1fd616ba3d9f9ef1c9ba5a1dd90763c3dfd72aaddedb22da779b02361d62c1447f670ad449658aca83387065d8b7d153a8140f4568eb6e0aba79dda31f393c84daad152d9c72183c240554a8a7ba2112f29170f847fe16bf375b0e9becf2f0a1331b2a28a54f033e00f5bec1bd4575553911597eaf33833cf77c0e31fe054d514b025f0e0cfed5f200cc93946bca9b773c3681a479d495b0394aaa7df5e68ab41dcf3b690ce1651242c2f5ed7475b5b70ffb7c18a06524b80aad7dc3c0d775583a691ef20ead207a5e7ed4edeeb78cdb36286024a1bf46c03ceff298f3f2350f56fef4d57421963c5b0cb86995563d628b8bccfa17ac23d9ed663079965a37576c8140166eb51815d176308629627f4e9faab3eaa3a87c797fc739aeff826f614655d91e07a9150238d8228ed68276376bc0a09e2e1b2799c7294cb9974f33d0966673e24c71ad7dc2fd7e313f0a37da4310e46bc538ab2752283acaddc35f361da6d2f18637d5f278d20a1ef602575a7b4a9c447c046e4b0b20fced93bbc885ddc0c0c89e5354e070d44ec01426edde7d9598256f6effc81237b25d463f8c93088839c79979a711a164fbadad9c186fbeb627ef842cfde3ac3db815663ab58947ed6e02d462fd09f1bbf743238b1f7393c7cf470bc0c788061e6b0021ca9afeed8b76feab1385f9dd6654e09ec8be6f9590c8e19884781edc15e0abeb4aaa009f915691890db4b24e6d89b83b58685f98afc0cd5730bb4dae6daff76fbf841e319c9a0799dfe5ed11b2bc65b2dd73da0c651e5e05bc4df901062d73a3f16fbe92fb8ecf01199e89827d775bbef189500a682495b21aa0cf1f9935311251d856b159cb220b642974e1ad4614d141863e0d4753b0cca8124d8e7a082781b746d6c2851fe6a906cef2847c86d5a5640e7199ed0628b40d5e0f594d776efa51aac78c93c3349888aa24ce67df591768517f25788081c6af39df6caf00e79f9d3e4c8ae9dfcc3e876afdd96aff765adb8fee9ba06c1e35589ff485ffedf54870dc6b75f3d6db46e1b3c75499b2d7cbbd41d7346e2fefd341c4be4387e349c7297ddb3ed1fad5c3fe96bbe0d1025521a001b9fb1caaf7f6aec6be60cb304990b0b1a3c9b6a2ce7a77ab1acb835a9eaffb9bba4692c03cc7e0a021dc044bb057e7edcad9013a92809cf8a905ba6fc3c9e153fb495ff5a67b24f38befb2f60eb5f549f5d14b7f934acb2f7245501f5e94919f770165436eca87dda83c1a5c459641a2cd93e7665a5ae1ab4a25b008dfaaf7efb19762244d01d19f951bd0361e25d935a4d70dcf5299628a200cd87fb778312bedd871ff886d43affd4c0831bc1c769f6e25f76907b89ca2b1b177cef6e9f7f8b997272e5bd0add3761ed658923123606dae5b680b718a3910c8d3bf021b364f5a000e18454a45aac5fe06f6f91657504a606e36c9697b5365223e3491e6e0983b9265c07e01c0e142f999e66890d62948a76a1e7f59f3b8b779570f54d5b023446a98feae8f42ffb13836837c6849f98845bd916c4f4cd97d8731e4e9791656835aa2e3d217f8bad4bfe6655a0d73e2f38c9ff07fb32fd741f9796b32661e55e1a59218d6c40518dddff5488e1e18afd1149c6ddd4eaf74ee5bf9800e220a1baf32b2456b17a8dbad505223acd01ab581ad26312567a05b2112922cf410ae29400cfca2826c3a31a9ba420991085188dd47a3930aec97b891aa931c02fda3b5adb679a836b0cbe9302cba9f50ae30ceba3fb60dd8619f9f57f2a4abfef73f94fa5ab5841d18cf99925e4041ba53c6fedbedc442b1cef569782cdd5f0d6268d776c3e1effd78a35ac0152326d42f252c22257132ff066cbdbbacf90f41441fc5c5e8138954d7f9e83db6674c58c5b11b99374174458f4209534aeb0d4f39aa212ef775ad65ad140a1c056b7bac12f6f195545577a6d0adb49ba6c13b86fb0f2dde0f3796e72e7aee370d2ac3fce217c11e984861934d6f20e3613993f78abad2f664d4d834bdefd151f3a6aad8f610d4f4b16c45c5081051e067c016ed8e2415fee1a3ccad4a5a2b4ad409a0e1ea59a4fb8c8b8fec4d9bad77f9d9a09d23a8c88a428a125d92ca3ff4ac07d8b343a07048941dd403185c150ee1359949479de2661d63040faa0134ba2829c3d1d72ce46b072a071e7fa3f0a66addf7baeb7fb3d74cec4caff47ef2b6815e9a7c8401d7fc6e2de8a8991b550b37e41a10cc28dfc44953cd03acd9e2dc91058b4164a48d7420511efade1009b0107669688f140b1ca75087be8a3a08085a41e524a689f4819d2e3e16e000792d5b39fd628caa3283fa15d37966b2f0ad358d2acc5d2558d5482eb6f0dbe631688e1d7f98ac065b2cb797f6f0d54c21581ae4b5fb41844318b4f6412880966d5983d89023ee4c932f97943f5cbec2e410c7cd1b23617017a29ed22380dd219c24c43f3b06ff3f3b4a8da56253f265798c6c4268bfb5d379dd27af67610d07b89bee2c15fbbe5f50a2fad988ebabf309666105e26a64fc1f8f8d4f896baf0523474d541dd37f016df168a9ac7459b04caae8736e000b745cfa7ae0f73946ad0f9d499e60982039ae8e7617639973824c82c6d634c8409be21e7a562c2fa24c31d5813d038381f99ee729a56e37ca78a367f15230bc2e8df0f9e0ea0155b3f4b234e6ba4e478c7e00b7628c2bb7ba3bc08f51820e2d88b9cd57f52c15d9e5246e9da645ce6eeb22ea41e9d1828de9c324e7cfdb764449c7a0936d2bdc8532dfa06b442733efa662b23a8d615bee3c8bb372c4ff84a219e0e1e8840e3b100a725e8bd2035416338f4e26d935b952facb58aa4f873b1e1ec15ed492ee38afc31249dac60039f27a88caddb2ffe32550de58ac4198040b0b9254010f409f91fbfdd4712777f2708e79fb013259fcd3c6da50f751ee36082c24fcf97cf796f90f06284684891192a8d4fe9e858d3d890386a2bba42152a338908242ab4a1a7bf589912db760207b66220200827e65d631d6075afe440edbaf6565a51130c3eedaba1e0d44e80c1c3be2643de62c9af6d3a6aa34928036d349647a6fe54b35c5d21046f8746b92db55677d16abc22fc2b3c70100a23286331378960a9207cc619ef374355d3843055955e348e3f4e967bf3ae8fbad294cda799be34f69cb783cefb6b90eacc261114d4b63dcfe5887a2c3fa209318fdcfb13b8b6497558f2695382b33e7c7ce1fe82579ed156b88de0efce46b63bf7cfc7a76bda07ed4f32864bbbd37dc84d1bbf3589fc2eb964f9c5d54e00d9b3e429b54e0a51c99d356d9daf463ff14368df53548676e8a9edf4b885f89939488ec48c76521b1254eedee4b90bc2190e8ba1d100389337d1c3436c56ffff0f23399ca847886b28f4f0bea14dc541e54af1c188edc1c56cd4fbea41d9e27650781b3e8189098dcdf1dde66e0a3e243f4d2f318560cf7f2f18648e4a9481f920dcfa834d3763786f86cd8f2d10ee49d823da6b507"}})
write$P9_RSYMLINK(r1, &(0x7f0000000180)={0x14, 0x11, 0x1, {0x1, 0x4, 0x2}}, 0x14)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ioctl$NBD_DO_IT(r2, 0xab03)

08:02:43 executing program 4:
mkdir(&(0x7f0000000180)='./file0\x00', 0x4000000000000)
msgget$private(0x0, 0x80)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x82, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
accept(r1, &(0x7f0000000200)=@generic, &(0x7f0000000100)=0x80)
ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f0000000040)={0x1, 0x5, 0x3, 0xd1, &(0x7f00000001c0)=""/209, 0xe4, &(0x7f00000002c0)=""/228, 0x1000, &(0x7f00000003c0)=""/4096})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  663.532194][ T4683] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:43 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x4000000000000003, 0x0, &(0x7f0000000080))
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xef8d, 0x80000)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x1f)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:44 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:44 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x7a, 0x0)

08:02:44 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
dup2(r0, r0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:44 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  663.771666][ T4966] FAT-fs (loop4): bogus number of reserved sectors
[  663.812423][ T4966] FAT-fs (loop4): Can't find a valid FAT filesystem
[  663.846319][ T5052] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:44 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  663.911119][ T5118] FAT-fs (loop4): bogus number of reserved sectors
[  663.937534][ T5118] FAT-fs (loop4): Can't find a valid FAT filesystem
[  664.275655][ T4836] FAT-fs (loop3): bogus number of reserved sectors
[  664.282306][ T4836] FAT-fs (loop3): Can't find a valid FAT filesystem
08:02:44 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xa3, 0x0)

08:02:44 executing program 0:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x240000, 0x0)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0xfabc, 0x1c1c41)
write$FUSE_LSEEK(r0, &(0x7f0000000080)={0x54, 0x2c48cd6973d7cd1f, 0x4, {0x1ff}}, 0x18)
ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x7fff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:44 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = getpid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={<r5=>0x0}, &(0x7f00000001c0)=0xc)
fcntl$getownex(r1, 0x10, &(0x7f0000000200)={0x0, <r6=>0x0})
r7 = getpgrp(0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=@RTM_NEWNSID={0x44, 0x58, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NETNSA_FD={0x8, 0x3, r3}, @NETNSA_PID={0x8, 0x2, r4}, @NETNSA_PID={0x8, 0x2, r5}, @NETNSA_PID={0x8, 0x2, r6}, @NETNSA_NSID={0x8}, @NETNSA_PID={0x8, 0x2, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x4000001)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:44 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:44 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:44 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
lsetxattr$security_selinux(&(0x7f0000001200)='./file0/file0\x00', &(0x7f0000001240)='security.selinux\x00', &(0x7f0000001280)='system_u:object_r:root_t:s0\x00', 0x1c, 0x2)
syz_mount_image$nfs(&(0x7f0000000100)='nfs\x00', &(0x7f0000001300)='./file0/file0\x00', 0x8, 0x3, &(0x7f0000001580)=[{&(0x7f0000001340)="2d63499eb1d467bda7ff4c3169353800853243cbc0e7b47255ddfb8e844ac2db664767a1f71f6f00082df8ad4fe6a73af6e33349726871fe41f394cccf7466ce1dc5be3d56a5a0403c088e30789eb3aafc75558d818ea2e081ef1e1acff637cb19174f7fcbf042b9abf0249924ee1fa59167317595b3d33d9168b6de994305b88f70deb62b05d3fc004618e44883e74fa1b424637097e042df3abaf332b86f60726151cc9c9c65b1bd1acfac8953c99e190b053d8dd0e68ca9ddc6c5b85ff82e41f768e85bec7a9a9fb2371ee758be796a6ce02f4742cee65f96704e0b4b7fd17f86ccb9b8e631", 0xe7, 0x4}, {&(0x7f0000001440)="41549c07a9a6b07f5739ac95649be731ca3cad6b0ec9ee15a6d6d63fd3746c2b602a3d7117c2eae11f3f1a1d8b1b30b1568de469caab89a88e8083ccd4a6a61267247ad62132466335b6fb4ac9e71364113a1a1eebc98cedebd849336e1a86867a988b15d78956ddfcfb89f64311f1f4962fdceb50c4657c9a5729e207f2cf5573ffa4318b6d284669f6bad3d2bfea033cbf13cb3e288d326ec048f19b27fcf0d5f6ea734aca75b5d17057b79ce7173e619baf02a2e51581", 0xb8, 0x2}, {&(0x7f0000001500)="002569cde35ce7344c4df0f3a09bc40277ab0fbe0067e2c35283a85ecadaaae7c470c7ea0b6cfd24fe9180da71a7378ad6e086b3b94145a22de468e58eea26ebf5d0c68818fcc5b03db7d54a0bba303e4f2a0284056eb4875b668131cead79be584a89b9cb6878892e9e6b2efbd1b835aead124e", 0x74, 0x8}], 0x2000000, &(0x7f0000001600)='louserwlan0em1user\x00')
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000000)=""/36, 0x24}, {&(0x7f0000000140)=""/130, 0x82}, {&(0x7f0000000200)=""/4096, 0x1000}], 0x3)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f00000012c0)='./file0/file0\x00', 0x0, 0xfffffffffffffed6, 0x0, 0x0, 0x0)

[  664.541802][ T5425] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:45 executing program 0:
truncate(&(0x7f0000000100)='./file0/../file0\x00', 0x3ff)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000000))

08:02:45 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040)={0x1ff, 0x8000, 0x3, 0xc80, <r1=>0x0}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000180)=r1, 0x4)

08:02:45 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc4, 0x0)

08:02:45 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:45 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  664.792069][ T5743] FAT-fs (loop4): bogus number of reserved sectors
[  664.800672][ T5743] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:45 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:45 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000100)={<r1=>0x0, @in={{0x2, 0x4e21, @loopback}}, 0x5e5610b1, 0x8, 0x101, 0xe89d, 0x101}, &(0x7f0000000040)=0x98)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000080)={r1, 0x81, 0x4, 0x454738d7, 0x5, 0x7f}, &(0x7f00000001c0)=0x14)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000280))
r2 = getpgid(0x0)
r3 = getpid()
rt_tgsigqueueinfo(r2, r3, 0x3d, &(0x7f0000000200)={0x3f, 0x4, 0x2})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

[  664.847809][ T5880] FAT-fs (loop4): bogus number of reserved sectors
[  664.862531][ T5880] FAT-fs (loop4): Can't find a valid FAT filesystem
[  664.883135][ T5740] XFS (loop5): Invalid superblock magic number
[  665.192718][ T5463] FAT-fs (loop3): bogus number of reserved sectors
[  665.199590][ T5463] FAT-fs (loop3): Can't find a valid FAT filesystem
08:02:45 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = getpid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={<r5=>0x0}, &(0x7f00000001c0)=0xc)
fcntl$getownex(r1, 0x10, &(0x7f0000000200)={0x0, <r6=>0x0})
r7 = getpgrp(0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=@RTM_NEWNSID={0x44, 0x58, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NETNSA_FD={0x8, 0x3, r3}, @NETNSA_PID={0x8, 0x2, r4}, @NETNSA_PID={0x8, 0x2, r5}, @NETNSA_PID={0x8, 0x2, r6}, @NETNSA_NSID={0x8}, @NETNSA_PID={0x8, 0x2, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x4000001)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

08:02:45 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x6, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigprocmask(0x1, &(0x7f0000000000)={0x1}, &(0x7f0000000040), 0x8)

08:02:45 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:45 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:45 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x2000, 0x12)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
ftruncate(r0, 0xffff)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x80000, 0x0)

08:02:45 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xcc, 0x0)

08:02:45 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)

08:02:45 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  665.521858][ T6294] FAT-fs (loop4): bogus number of reserved sectors
[  665.550009][ T6294] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:45 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:46 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='memory.swap.current\x00', 0x7a05, 0x1700)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000040)={<r2=>0x0, 0x27, "89d686a233349adb1b0c57d2716633d923cc80e337749c21a808871461e78b77c66aeeb8dfdb5e"}, &(0x7f0000000080)=0x2f)
ioctl$TCGETA(r1, 0x5405, &(0x7f0000000140))
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$RTC_WIE_OFF(r1, 0x7010)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000100)=@assoc_value={r2, 0x1}, 0x8)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x430902, 0x0)

[  665.623572][ T6437] XFS (loop5): Invalid superblock magic number
08:02:46 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
accept$packet(0xffffffffffffffff, &(0x7f0000000900)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000940)=0x14)
getresuid(&(0x7f0000000980), &(0x7f00000009c0)=<r3=>0x0, &(0x7f0000000a00))
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000a40)={{{@in6=@empty, @in=@multicast2, 0x4e21, 0x286, 0x4e23, 0x5, 0xa, 0x20, 0x20, 0x7f, r2, r3}, {0x4, 0x1, 0x20, 0x1, 0x32dcc75, 0x7, 0x0, 0x7}, {0x400, 0x400}, 0x3, 0x0, 0x0, 0x1, 0x2}, {{@in=@rand_addr=0x6, 0x4d6, 0x33}, 0x2, @in6=@rand_addr="b3d724c3efe13008b518032f0457d805", 0x3506, 0x0, 0x0, 0x9ae, 0x4, 0x7fffffff, 0xd9}}, 0xe8)

08:02:46 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
accept4$nfc_llcp(r0, &(0x7f0000000040), &(0x7f0000000100)=0x60, 0x80000)

[  665.842401][ T6787] FAT-fs (loop4): bogus number of reserved sectors
[  665.873335][ T6787] FAT-fs (loop4): Can't find a valid FAT filesystem
08:02:46 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc)
fcntl$getownex(r1, 0x10, &(0x7f0000000200))
getpgrp(0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

08:02:46 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:46 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:46 executing program 0:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x10600, 0x0)
ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@initdev}, 0x0, @in=@remote}}, &(0x7f0000000300)=0xe8)
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x1000000, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=unix,access=any,cache=none,fowner=', @ANYRESDEC=r1, @ANYBLOB="fcbb172a2b", @ANYRESDEC=r2, @ANYBLOB=',\x00'])
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_all\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f00000000c0)=0x7ff, &(0x7f0000000100)=0x2)

08:02:46 executing program 4:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc4, 0x0)

[  666.027752][ T6926] xt_check_target: 5 callbacks suppressed
[  666.027771][ T6926] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  666.208389][ T7184] XFS (loop4): Invalid superblock magic number
08:02:46 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x180, 0x0)

08:02:46 executing program 0:
mkdir(&(0x7f0000000180)='./file0\x00', 0x4000000000000)
msgget$private(0x0, 0x80)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x82, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
accept(r1, &(0x7f0000000200)=@generic, &(0x7f0000000100)=0x80)
ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f0000000040)={0x1, 0x5, 0x3, 0xd1, &(0x7f00000001c0)=""/209, 0xe4, &(0x7f00000002c0)=""/228, 0x1000, &(0x7f00000003c0)=""/4096})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:46 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:46 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  666.390733][ T7252] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:46 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:46 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:47 executing program 4:
mkdir(&(0x7f0000000180)='./file0\x00', 0x4000000000000)
msgget$private(0x0, 0x80)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x82, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
accept(r1, &(0x7f0000000200)=@generic, &(0x7f0000000100)=0x80)
ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f0000000040)={0x1, 0x5, 0x3, 0xd1, &(0x7f00000001c0)=""/209, 0xe4, &(0x7f00000002c0)=""/228, 0x1000, &(0x7f00000003c0)=""/4096})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  666.582527][ T7251] FAT-fs (loop0): bogus number of reserved sectors
[  666.598687][ T7251] FAT-fs (loop0): Can't find a valid FAT filesystem
[  666.622249][ T7345] XFS (loop5): Invalid superblock magic number
08:02:47 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc)
fcntl$getownex(r1, 0x10, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  666.669072][ T7545] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:47 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:47 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:47 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  666.854659][ T7676] FAT-fs (loop4): bogus number of reserved sectors
[  666.883776][ T7676] FAT-fs (loop4): Can't find a valid FAT filesystem
[  666.931004][ T7748] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:47 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  667.099074][ T7950] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:47 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x280, 0x0)

08:02:47 executing program 4:
mkdir(&(0x7f0000000180)='./file0\x00', 0x4000000000000)
msgget$private(0x0, 0x80)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x82, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
accept(r1, &(0x7f0000000200)=@generic, &(0x7f0000000100)=0x80)
ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f0000000040)={0x1, 0x5, 0x3, 0xd1, &(0x7f00000001c0)=""/209, 0xe4, &(0x7f00000002c0)=""/228, 0x1000, &(0x7f00000003c0)=""/4096})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

08:02:47 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:47 executing program 0:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x400, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000180)='./file0\x00', 0x4, 0x0, 0x0, 0x1000, 0x0)

08:02:47 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:47 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

08:02:47 executing program 4:
mkdir(&(0x7f0000000180)='./file0\x00', 0x4000000000000)
msgget$private(0x0, 0x80)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x82, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
accept(r1, &(0x7f0000000200)=@generic, &(0x7f0000000100)=0x80)
ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f0000000040)={0x1, 0x5, 0x3, 0xd1, &(0x7f00000001c0)=""/209, 0xe4, &(0x7f00000002c0)=""/228, 0x1000, &(0x7f00000003c0)=""/4096})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  667.420759][ T8067] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:47 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:48 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  667.583283][ T8080] XFS (loop5): Invalid superblock magic number
08:02:48 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:48 executing program 4:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x06\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  667.773759][ T8346] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:48 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  667.888034][ T8564] x_tables: eb_tables: arpreply target: only valid in nat table, not nat
08:02:48 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x300, 0x0)

08:02:48 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:48 executing program 4:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x06\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:48 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:48 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:48 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  668.391171][ T8746] x_tables: eb_tables: arpreply target: only valid in nat table, not nat
[  668.405281][ T8750] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:48 executing program 4:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x06\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:48 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:48 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:49 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  668.585824][ T8802] XFS (loop5): Invalid superblock magic number
[  668.604613][ T9069] x_tables: eb_tables: arpreply target: only valid in nat table, not nat
08:02:49 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  668.673468][ T9075] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:49 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:49 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x500, 0x0)

08:02:49 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:49 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f00000004c0)={0x7d, 0x0, [0x59, 0xf06, 0x40, 0x1]})
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:49 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:49 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

[  669.363010][ T9500] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:49 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:49 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  669.593714][ T9595] XFS (loop5): Invalid superblock magic number
08:02:50 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:50 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:50 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:50 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f00000004c0)={0x7d, 0x0, [0x59, 0xf06, 0x40, 0x1]})
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:50 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:50 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x600, 0x0)

08:02:50 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:50 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:50 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:50 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  670.568998][T10463] XFS (loop5): Invalid superblock magic number
08:02:51 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f00000004c0)={0x7d, 0x0, [0x59, 0xf06, 0x40, 0x1]})
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:51 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:51 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:51 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:51 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:51 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:51 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:51 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x700, 0x0)

08:02:51 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:51 executing program 4 (fault-call:11 fault-nth:0):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:51 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:51 executing program 0 (fault-call:1 fault-nth:0):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x22f)

08:02:51 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  671.497795][T11410] xt_check_target: 6 callbacks suppressed
[  671.497809][T11410] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  671.532177][T11419] FAULT_INJECTION: forcing a failure.
[  671.532177][T11419] name failslab, interval 1, probability 0, space 0, times 0
[  671.550055][T11335] XFS (loop5): Invalid superblock magic number
[  671.558296][T11419] CPU: 1 PID: 11419 Comm: syz-executor.4 Not tainted 5.0.0+ #16
[  671.565945][T11419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  671.575992][T11419] Call Trace:
[  671.579294][T11419]  dump_stack+0x172/0x1f0
[  671.583625][T11419]  should_fail.cold+0xa/0x15
[  671.588219][T11419]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  671.594021][T11419]  ? ___might_sleep+0x163/0x280
[  671.598873][T11419]  __should_failslab+0x121/0x190
[  671.603806][T11419]  should_failslab+0x9/0x14
[  671.608824][T11419]  kmem_cache_alloc+0x2b2/0x6f0
[  671.613668][T11419]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  671.619127][T11419]  mmu_topup_memory_caches+0x97/0x490
[  671.624497][T11419]  kvm_mmu_load+0x21/0x1300
[  671.628992][T11419]  ? kvm_lapic_enable_pv_eoi+0x170/0x170
[  671.634616][T11419]  ? kvm_vcpu_reload_apic_access_page+0x11/0x280
[  671.641035][T11419]  ? kvm_vcpu_reload_apic_access_page+0x1c0/0x280
[  671.647535][T11419]  vcpu_enter_guest+0x3c8d/0x60b0
[  671.652566][T11419]  ? emulator_read_emulated+0x50/0x50
[  671.657940][T11419]  ? lock_acquire+0x16f/0x3f0
[  671.662611][T11419]  ? kvm_arch_vcpu_ioctl_run+0x240/0x1750
[  671.668327][T11419]  kvm_arch_vcpu_ioctl_run+0x425/0x1750
[  671.673970][T11419]  ? kvm_arch_vcpu_ioctl_run+0x425/0x1750
[  671.679712][T11419]  kvm_vcpu_ioctl+0x4dc/0xfa0
[  671.684470][T11419]  ? kvm_vcpu_block+0xcd0/0xcd0
[  671.689329][T11419]  ? tomoyo_path_number_perm+0x263/0x520
[  671.694960][T11419]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  671.700754][T11419]  ? lockdep_hardirqs_on+0x418/0x5d0
[  671.706028][T11419]  ? retint_kernel+0x2d/0x2d
[  671.710613][T11419]  ? trace_hardirqs_on_caller+0x6a/0x220
[  671.716243][T11419]  ? __fget+0x35a/0x550
[  671.720397][T11419]  ? kvm_vcpu_block+0xcd0/0xcd0
[  671.725249][T11419]  do_vfs_ioctl+0xd6e/0x1390
[  671.729834][T11419]  ? ioctl_preallocate+0x210/0x210
[  671.734935][T11419]  ? smack_file_ioctl+0x196/0x310
[  671.739948][T11419]  ? smack_inode_link+0x2d0/0x2d0
[  671.744972][T11419]  ? ksys_dup3+0x3e0/0x3e0
08:02:52 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  671.749377][T11419]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  671.755609][T11419]  ? fput_many+0x12c/0x1a0
[  671.760026][T11419]  ? tomoyo_file_ioctl+0x23/0x30
[  671.764955][T11419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  671.771187][T11419]  ? security_file_ioctl+0x93/0xc0
[  671.776332][T11419]  ksys_ioctl+0xab/0xd0
[  671.780496][T11419]  __x64_sys_ioctl+0x73/0xb0
[  671.785092][T11419]  do_syscall_64+0x103/0x610
[  671.789677][T11419]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  671.795560][T11419] RIP: 0033:0x457f29
[  671.799442][T11419] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  671.799450][T11419] RSP: 002b:00007ffa262dbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  671.799463][T11419] RAX: ffffffffffffffda RBX: 00007ffa262dbc90 RCX: 0000000000457f29
[  671.799477][T11419] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  671.799484][T11419] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
08:02:52 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x22f)

08:02:52 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x6, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:52 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  671.799492][T11419] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffa262dc6d4
[  671.799498][T11419] R13: 00000000004c0e61 R14: 00000000004d2cb8 R15: 0000000000000007
[  671.871738][T11622] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:52 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x600, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:52 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  671.960830][T11631] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:52 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x900, 0x0)

08:02:52 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:52 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x1000000, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:52 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:52 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:52 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:52 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x6000000, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  672.531712][T11954] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:53 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:53 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:53 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x100000000000000, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  672.710446][T11969] XFS (loop5): Invalid superblock magic number
[  672.759776][T12171] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  672.812775][T12175] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:53 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x600000000000000, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:53 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  673.013211][T12328] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  673.103298][T12383] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:53 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xa00, 0x0)

08:02:53 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
mlockall(0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:53 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:53 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:53 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:53 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x2, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:53 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x3, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  673.519490][T12498] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:54 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x4, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  673.678427][T12506] XFS (loop5): Invalid superblock magic number
08:02:54 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x5421, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  673.776874][T12722] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:54 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x5, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xb00, 0x0)

08:02:54 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x6, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x5450, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:54 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:54 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x7, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:54 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:54 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x5451, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:55 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x8, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  674.600491][T13024] XFS (loop5): Invalid superblock magic number
08:02:55 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc00, 0x0)

08:02:55 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0xa, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:55 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:55 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7fff, 0xdc302)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:55 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:55 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x5452, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:55 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:02:55 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0xb, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:55 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0xc, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:55 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:56 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:56 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x5460, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  675.640718][T13450] XFS (loop5): Invalid superblock magic number
[  676.029479][T13450] XFS (loop5): Invalid superblock magic number
08:02:56 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xd00, 0x0)

08:02:56 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0xd, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:56 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:56 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:56 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x40049409, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:56 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

[  676.508295][T13857] xt_check_target: 4 callbacks suppressed
[  676.508309][T13857] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  676.538078][T13860] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:56 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0xf, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:57 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  676.662103][T13863] XFS (loop5): Invalid superblock magic number
08:02:57 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:57 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x10, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:57 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  676.754284][T14047] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:57 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  676.966132][T14283] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:57 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xe00, 0x0)

08:02:57 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x11, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:57 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:57 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x4004ae99, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:57 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:57 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  677.463140][T14411] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:57 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x12, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x4020940d, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  677.672536][T14421] XFS (loop5): Invalid superblock magic number
08:02:58 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x13, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  677.714504][T14635] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:58 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  677.949763][T14835] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:58 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x1020, 0x0)

08:02:58 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x14, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:58 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  678.362527][T14963] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:58 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x15, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:58 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x4090ae82, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:58 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x1200, 0x0)

08:02:59 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x16, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  678.663041][T15241] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:59 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x2000, 0x0)

08:02:59 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x17, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x4138ae84, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  678.970714][T15477] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:02:59 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

08:02:59 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x18, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x2010, 0x0)

08:02:59 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:02:59 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x19, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x2300, 0x0)

08:02:59 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x21, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:02:59 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:00 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:00 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x8004ae98, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:00 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x22, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:00 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x3f00, 0x0)

08:03:00 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:00 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:00 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x23, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:00 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x8090ae81, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:00 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:00 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x4000, 0x0)

08:03:00 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:00 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x24, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  680.157482][T16217] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  680.229556][T16380] XFS (loop5): Invalid superblock magic number
[  680.250855][T16217] CPU: 0 PID: 16217 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  680.258513][T16217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  680.268569][T16217] Call Trace:
[  680.271863][T16217]  dump_stack+0x172/0x1f0
[  680.276194][T16217]  dump_header+0x10f/0xb6c
[  680.280604][T16217]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  680.286400][T16217]  ? ___ratelimit+0x60/0x595
[  680.290983][T16217]  ? do_raw_spin_unlock+0x57/0x270
[  680.296105][T16217]  oom_kill_process.cold+0x10/0x15
[  680.301218][T16217]  out_of_memory+0x79a/0x1280
[  680.305885][T16217]  ? lock_downgrade+0x880/0x880
[  680.310733][T16217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  680.316967][T16217]  ? oom_killer_disable+0x280/0x280
[  680.322164][T16217]  ? find_held_lock+0x35/0x130
[  680.326924][T16217]  mem_cgroup_out_of_memory+0x1ca/0x230
[  680.332552][T16217]  ? memcg_event_wake+0x230/0x230
[  680.337570][T16217]  ? do_raw_spin_unlock+0x57/0x270
[  680.342707][T16217]  ? _raw_spin_unlock+0x2d/0x50
[  680.347563][T16217]  try_charge+0x102c/0x15c0
[  680.352061][T16217]  ? find_held_lock+0x35/0x130
[  680.356841][T16217]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  680.362514][T16217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  680.368768][T16217]  ? kasan_check_read+0x11/0x20
[  680.373635][T16217]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  680.379196][T16217]  mem_cgroup_try_charge+0x24d/0x5e0
[  680.384565][T16217]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  680.390191][T16217]  __handle_mm_fault+0x1e1f/0x3ec0
[  680.395306][T16217]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  680.400842][T16217]  ? find_held_lock+0x35/0x130
[  680.405608][T16217]  ? handle_mm_fault+0x322/0xb30
[  680.410548][T16217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  680.416782][T16217]  ? kasan_check_read+0x11/0x20
[  680.421643][T16217]  handle_mm_fault+0x43f/0xb30
[  680.426441][T16217]  __get_user_pages+0x7b6/0x1a40
[  680.431380][T16217]  ? follow_page_mask+0x19a0/0x19a0
[  680.436566][T16217]  ? __vma_adjust+0x1840/0x1840
[  680.441892][T16217]  ? lock_acquire+0x16f/0x3f0
[  680.446561][T16217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  680.452799][T16217]  populate_vma_page_range+0x20d/0x2a0
[  680.458259][T16217]  __mm_populate+0x204/0x380
[  680.462871][T16217]  ? populate_vma_page_range+0x2a0/0x2a0
[  680.468503][T16217]  __x64_sys_mlockall+0x35c/0x520
[  680.473521][T16217]  do_syscall_64+0x103/0x610
[  680.478105][T16217]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  680.483987][T16217] RIP: 0033:0x457f29
[  680.487895][T16217] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  680.507502][T16217] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  680.515898][T16217] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  680.523868][T16217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  680.531914][T16217] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  680.539875][T16217] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  680.547835][T16217] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  680.594548][T16217] memory: usage 307108kB, limit 307200kB, failcnt 54
[  680.601357][T16217] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  680.610231][T16217] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  680.622009][T16217] Memory cgroup stats for /syz3: cache:0KB rss:296792KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:8KB active_file:4KB unevictable:32608KB
[  680.653109][T16217] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=16164,uid=0
[  680.675250][T16217] Memory cgroup out of memory: Killed process 16164 (syz-executor.3) total-vm:72444kB, anon-rss:16104kB, file-rss:37936kB, shmem-rss:0kB
[  680.710924][ T1042] oom_reaper: reaped process 16164 (syz-executor.3), now anon-rss:16104kB, file-rss:37936kB, shmem-rss:0kB
08:03:01 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:01 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x25, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:01 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:01 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:01 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x8138ae83, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:01 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x28, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:01 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:01 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x4800, 0x0)

08:03:01 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x29, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:01 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  681.002076][T16690] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  681.044068][T16690] CPU: 1 PID: 16690 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  681.051735][T16690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  681.061800][T16690] Call Trace:
[  681.065086][T16690]  dump_stack+0x172/0x1f0
[  681.069413][T16690]  dump_header+0x10f/0xb6c
[  681.073829][T16690]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  681.079638][T16690]  ? ___ratelimit+0x60/0x595
[  681.084218][T16690]  ? do_raw_spin_unlock+0x57/0x270
[  681.089325][T16690]  oom_kill_process.cold+0x10/0x15
[  681.094431][T16690]  out_of_memory+0x79a/0x1280
[  681.099103][T16690]  ? lock_downgrade+0x880/0x880
[  681.103937][T16690]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  681.110172][T16690]  ? oom_killer_disable+0x280/0x280
[  681.115365][T16690]  ? find_held_lock+0x35/0x130
[  681.120133][T16690]  mem_cgroup_out_of_memory+0x1ca/0x230
[  681.125670][T16690]  ? memcg_event_wake+0x230/0x230
[  681.130694][T16690]  ? do_raw_spin_unlock+0x57/0x270
[  681.135801][T16690]  ? _raw_spin_unlock+0x2d/0x50
[  681.140636][T16690]  try_charge+0x102c/0x15c0
[  681.145111][T16690]  ? find_held_lock+0x35/0x130
[  681.149853][T16690]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  681.155374][T16690]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  681.161699][T16690]  ? kasan_check_read+0x11/0x20
[  681.166540][T16690]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  681.172064][T16690]  mem_cgroup_try_charge+0x24d/0x5e0
[  681.177328][T16690]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  681.183027][T16690]  __handle_mm_fault+0x1e1f/0x3ec0
[  681.188128][T16690]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  681.194959][T16690]  ? find_held_lock+0x35/0x130
[  681.199713][T16690]  ? handle_mm_fault+0x322/0xb30
[  681.204643][T16690]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  681.210862][T16690]  ? kasan_check_read+0x11/0x20
[  681.215693][T16690]  handle_mm_fault+0x43f/0xb30
[  681.220436][T16690]  __get_user_pages+0x7b6/0x1a40
[  681.225359][T16690]  ? follow_page_mask+0x19a0/0x19a0
[  681.230531][T16690]  ? __vma_adjust+0x1840/0x1840
[  681.235365][T16690]  ? lock_acquire+0x16f/0x3f0
[  681.240017][T16690]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  681.246235][T16690]  populate_vma_page_range+0x20d/0x2a0
[  681.251674][T16690]  __mm_populate+0x204/0x380
[  681.256241][T16690]  ? populate_vma_page_range+0x2a0/0x2a0
[  681.261866][T16690]  __x64_sys_mlockall+0x35c/0x520
[  681.266869][T16690]  do_syscall_64+0x103/0x610
[  681.271451][T16690]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  681.277331][T16690] RIP: 0033:0x457f29
[  681.281204][T16690] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  681.300890][T16690] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  681.309290][T16690] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  681.317236][T16690] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  681.325195][T16690] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  681.333141][T16690] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
08:03:01 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  681.341088][T16690] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
08:03:01 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2a, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  681.444633][T16795] XFS (loop5): Invalid superblock magic number
[  681.517766][T16690] memory: usage 307200kB, limit 307200kB, failcnt 96
[  681.525288][T16690] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  681.537576][T16690] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  681.549153][T16690] Memory cgroup stats for /syz3: cache:0KB rss:296752KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:8KB active_file:0KB unevictable:32700KB
[  681.578782][T16690] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=16664,uid=0
[  681.599247][T16690] Memory cgroup out of memory: Killed process 16664 (syz-executor.3) total-vm:72444kB, anon-rss:16060kB, file-rss:37160kB, shmem-rss:0kB
[  681.619592][ T1042] oom_reaper: reaped process 16664 (syz-executor.3), now anon-rss:16104kB, file-rss:37936kB, shmem-rss:0kB
08:03:02 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:02 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:02 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2b, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:02 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:02 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xc0045878, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  681.738170][T17058] xt_check_target: 8 callbacks suppressed
[  681.738184][T17058] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:02 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:02 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2c, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  682.021955][T17066] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  682.037296][T17066] CPU: 0 PID: 17066 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  682.044942][T17066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  682.054999][T17066] Call Trace:
[  682.058284][T17066]  dump_stack+0x172/0x1f0
[  682.062614][T17066]  dump_header+0x10f/0xb6c
[  682.067030][T17066]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  682.072831][T17066]  ? ___ratelimit+0x60/0x595
[  682.077422][T17066]  ? do_raw_spin_unlock+0x57/0x270
[  682.082556][T17066]  oom_kill_process.cold+0x10/0x15
[  682.087666][T17066]  out_of_memory+0x79a/0x1280
[  682.092338][T17066]  ? lock_downgrade+0x880/0x880
[  682.097182][T17066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  682.103415][T17066]  ? oom_killer_disable+0x280/0x280
[  682.108621][T17066]  ? find_held_lock+0x35/0x130
[  682.113395][T17066]  mem_cgroup_out_of_memory+0x1ca/0x230
[  682.118946][T17066]  ? memcg_event_wake+0x230/0x230
[  682.124057][T17066]  ? do_raw_spin_unlock+0x57/0x270
[  682.129160][T17066]  ? _raw_spin_unlock+0x2d/0x50
[  682.134009][T17066]  try_charge+0x102c/0x15c0
[  682.138504][T17066]  ? find_held_lock+0x35/0x130
[  682.143276][T17066]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  682.148824][T17066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  682.155065][T17066]  ? kasan_check_read+0x11/0x20
[  682.159915][T17066]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  682.165467][T17066]  mem_cgroup_try_charge+0x24d/0x5e0
[  682.170766][T17066]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  682.176397][T17066]  __handle_mm_fault+0x1e1f/0x3ec0
[  682.181599][T17066]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  682.187135][T17066]  ? find_held_lock+0x35/0x130
[  682.191897][T17066]  ? handle_mm_fault+0x322/0xb30
[  682.196863][T17066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  682.203195][T17066]  ? kasan_check_read+0x11/0x20
[  682.208049][T17066]  handle_mm_fault+0x43f/0xb30
[  682.212817][T17066]  __get_user_pages+0x7b6/0x1a40
[  682.217763][T17066]  ? follow_page_mask+0x19a0/0x19a0
[  682.222956][T17066]  ? __vma_adjust+0x1840/0x1840
[  682.227810][T17066]  ? lock_acquire+0x16f/0x3f0
[  682.232477][T17066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  682.238734][T17066]  populate_vma_page_range+0x20d/0x2a0
[  682.244196][T17066]  __mm_populate+0x204/0x380
[  682.248794][T17066]  ? populate_vma_page_range+0x2a0/0x2a0
[  682.254439][T17066]  __x64_sys_mlockall+0x35c/0x520
[  682.259465][T17066]  do_syscall_64+0x103/0x610
[  682.264060][T17066]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  682.269951][T17066] RIP: 0033:0x457f29
[  682.273858][T17066] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  682.293461][T17066] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  682.301892][T17066] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  682.309861][T17066] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
08:03:02 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x4c00, 0x0)

08:03:02 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:02 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2d, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:02 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:02 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xc0045878, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  682.317833][T17066] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  682.325799][T17066] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  682.333772][T17066] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  682.363910][T17066] memory: usage 307200kB, limit 307200kB, failcnt 135
[  682.371038][T17066] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  682.374217][T17385] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  682.417338][T17066] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  682.446139][T17066] Memory cgroup stats for /syz3: cache:0KB rss:297016KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:0KB active_file:0KB unevictable:32924KB
[  682.536998][T17066] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=17063,uid=0
[  682.582262][T17066] Memory cgroup out of memory: Killed process 17063 (syz-executor.3) total-vm:72444kB, anon-rss:16324kB, file-rss:37160kB, shmem-rss:0kB
[  682.613299][T17393] XFS (loop5): Invalid superblock magic number
08:03:03 executing program 3:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:03 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2e, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:03 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xc0189436, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:03 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:03 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  682.698769][T17611] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:03 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x2f, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  682.890828][T17620] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  682.912540][T17620] CPU: 1 PID: 17620 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  682.920200][T17620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  682.930263][T17620] Call Trace:
[  682.933551][T17620]  dump_stack+0x172/0x1f0
[  682.937869][T17620]  dump_header+0x10f/0xb6c
[  682.942268][T17620]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  682.948057][T17620]  ? ___ratelimit+0x60/0x595
[  682.952629][T17620]  ? do_raw_spin_unlock+0x57/0x270
[  682.957725][T17620]  oom_kill_process.cold+0x10/0x15
[  682.962820][T17620]  out_of_memory+0x79a/0x1280
[  682.967490][T17620]  ? lock_downgrade+0x880/0x880
[  682.972337][T17620]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  682.978559][T17620]  ? oom_killer_disable+0x280/0x280
[  682.983735][T17620]  ? find_held_lock+0x35/0x130
[  682.988493][T17620]  mem_cgroup_out_of_memory+0x1ca/0x230
[  682.994017][T17620]  ? memcg_event_wake+0x230/0x230
[  682.999032][T17620]  ? do_raw_spin_unlock+0x57/0x270
[  683.004139][T17620]  ? _raw_spin_unlock+0x2d/0x50
[  683.008975][T17620]  try_charge+0x102c/0x15c0
[  683.013476][T17620]  ? find_held_lock+0x35/0x130
[  683.018225][T17620]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  683.023753][T17620]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  683.029979][T17620]  ? kasan_check_read+0x11/0x20
[  683.034814][T17620]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  683.040343][T17620]  mem_cgroup_try_charge+0x24d/0x5e0
[  683.045614][T17620]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  683.051232][T17620]  __handle_mm_fault+0x1e1f/0x3ec0
[  683.056329][T17620]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  683.061868][T17620]  ? find_held_lock+0x35/0x130
[  683.066617][T17620]  ? handle_mm_fault+0x322/0xb30
[  683.071546][T17620]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  683.077788][T17620]  ? kasan_check_read+0x11/0x20
[  683.082623][T17620]  handle_mm_fault+0x43f/0xb30
[  683.087375][T17620]  __get_user_pages+0x7b6/0x1a40
[  683.092309][T17620]  ? follow_page_mask+0x19a0/0x19a0
[  683.097500][T17620]  ? __vma_adjust+0x1840/0x1840
[  683.102339][T17620]  ? lock_acquire+0x16f/0x3f0
[  683.107000][T17620]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  683.113227][T17620]  populate_vma_page_range+0x20d/0x2a0
[  683.118672][T17620]  __mm_populate+0x204/0x380
[  683.123247][T17620]  ? populate_vma_page_range+0x2a0/0x2a0
[  683.128870][T17620]  __x64_sys_mlockall+0x35c/0x520
[  683.133879][T17620]  do_syscall_64+0x103/0x610
[  683.138464][T17620]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  683.144339][T17620] RIP: 0033:0x457f29
[  683.148218][T17620] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  683.167802][T17620] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  683.176192][T17620] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  683.184156][T17620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
08:03:03 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  683.192108][T17620] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  683.200061][T17620] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  683.208013][T17620] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  683.240672][T17620] memory: usage 307200kB, limit 307200kB, failcnt 164
[  683.267730][T17883] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  683.271533][T17620] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  683.292895][T17620] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  683.301698][T17620] Memory cgroup stats for /syz3: cache:0KB rss:297016KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:0KB active_file:0KB unevictable:32956KB
08:03:03 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x6000, 0x0)

08:03:03 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  683.330486][T17620] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=17619,uid=0
[  683.352576][T17620] Memory cgroup out of memory: Killed process 17619 (syz-executor.3) total-vm:72444kB, anon-rss:16324kB, file-rss:37160kB, shmem-rss:0kB
08:03:03 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x30, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:03 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:03 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x31, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  683.477745][T18048] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:04 executing program 3:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:04 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x6800, 0x0)

08:03:04 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xc018ae85, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:04 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x32, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:04 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:04 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  683.734704][T18257] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:04 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x6c00, 0x0)

[  683.775694][T18254] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
08:03:04 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x83, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  683.825001][T18254] CPU: 0 PID: 18254 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  683.832684][T18254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  683.842753][T18254] Call Trace:
[  683.846070][T18254]  dump_stack+0x172/0x1f0
[  683.850443][T18254]  dump_header+0x10f/0xb6c
[  683.854885][T18254]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  683.860695][T18254]  ? ___ratelimit+0x60/0x595
[  683.860714][T18254]  ? do_raw_spin_unlock+0x57/0x270
[  683.860743][T18254]  oom_kill_process.cold+0x10/0x15
[  683.860765][T18254]  out_of_memory+0x79a/0x1280
[  683.870443][T18254]  ? lock_downgrade+0x880/0x880
[  683.870459][T18254]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  683.870477][T18254]  ? oom_killer_disable+0x280/0x280
[  683.870490][T18254]  ? find_held_lock+0x35/0x130
[  683.870517][T18254]  mem_cgroup_out_of_memory+0x1ca/0x230
[  683.880282][T18254]  ? memcg_event_wake+0x230/0x230
[  683.880306][T18254]  ? do_raw_spin_unlock+0x57/0x270
[  683.880323][T18254]  ? _raw_spin_unlock+0x2d/0x50
08:03:04 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  683.880341][T18254]  try_charge+0x102c/0x15c0
[  683.880357][T18254]  ? find_held_lock+0x35/0x130
[  683.891433][T18254]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  683.891453][T18254]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  683.891477][T18254]  ? kasan_check_read+0x11/0x20
[  683.891495][T18254]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  683.891519][T18254]  mem_cgroup_try_charge+0x24d/0x5e0
[  683.936709][T18254]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  683.936732][T18254]  __handle_mm_fault+0x1e1f/0x3ec0
[  683.936756][T18254]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  683.974790][T18254]  ? find_held_lock+0x35/0x130
[  683.979570][T18254]  ? handle_mm_fault+0x322/0xb30
[  683.984498][T18254]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  683.990734][T18254]  ? kasan_check_read+0x11/0x20
[  683.995574][T18254]  handle_mm_fault+0x43f/0xb30
[  684.000325][T18254]  __get_user_pages+0x7b6/0x1a40
[  684.005255][T18254]  ? follow_page_mask+0x19a0/0x19a0
[  684.010442][T18254]  ? __vma_adjust+0x1840/0x1840
[  684.015277][T18254]  ? lock_acquire+0x16f/0x3f0
[  684.019938][T18254]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  684.026164][T18254]  populate_vma_page_range+0x20d/0x2a0
[  684.031631][T18254]  __mm_populate+0x204/0x380
[  684.036214][T18254]  ? populate_vma_page_range+0x2a0/0x2a0
[  684.041834][T18254]  __x64_sys_mlockall+0x35c/0x520
[  684.046844][T18254]  do_syscall_64+0x103/0x610
[  684.051423][T18254]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  684.057296][T18254] RIP: 0033:0x457f29
[  684.061178][T18254] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  684.080763][T18254] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  684.089156][T18254] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  684.097107][T18254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  684.105077][T18254] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  684.113027][T18254] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  684.120981][T18254] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  684.135065][T18254] memory: usage 307200kB, limit 307200kB, failcnt 176
[  684.173233][T18254] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
08:03:04 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:04 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  684.216915][T18254] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
08:03:04 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x7400, 0x0)

[  684.248375][T18254] Memory cgroup stats for /syz3: cache:0KB rss:297108KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:0KB active_file:0KB unevictable:32952KB
[  684.291254][T18499] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  684.305206][T18505] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  684.332786][T18254] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=18253,uid=0
[  684.387624][T18254] Memory cgroup out of memory: Killed process 18253 (syz-executor.3) total-vm:72444kB, anon-rss:16324kB, file-rss:37160kB, shmem-rss:0kB
08:03:04 executing program 3:
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:04 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xc020660b, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:04 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x06\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:04 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:04 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:04 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x7a00, 0x0)

[  684.545559][T18697] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  684.558212][T18701] x_tables: eb_tables: arpreply target: only valid in nat table, not nat
[  684.569692][T18695] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  684.614471][T18701] x_tables: eb_tables: arpreply target: only valid in nat table, not nat
08:03:05 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x8002, 0x0)

08:03:05 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x06\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:05 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x2)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:05 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:05 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:05 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x01\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  685.000951][T18880] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  685.012644][T18880] CPU: 1 PID: 18880 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  685.020303][T18880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  685.030355][T18880] Call Trace:
[  685.033650][T18880]  dump_stack+0x172/0x1f0
[  685.037986][T18880]  dump_header+0x10f/0xb6c
[  685.042427][T18880]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  685.048239][T18880]  ? ___ratelimit+0x60/0x595
[  685.052840][T18880]  ? do_raw_spin_unlock+0x57/0x270
[  685.057956][T18880]  oom_kill_process.cold+0x10/0x15
[  685.063069][T18880]  out_of_memory+0x79a/0x1280
[  685.067748][T18880]  ? lock_downgrade+0x880/0x880
[  685.072595][T18880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  685.078838][T18880]  ? oom_killer_disable+0x280/0x280
[  685.084035][T18880]  ? find_held_lock+0x35/0x130
[  685.088810][T18880]  mem_cgroup_out_of_memory+0x1ca/0x230
[  685.094364][T18880]  ? memcg_event_wake+0x230/0x230
[  685.099392][T18880]  ? do_raw_spin_unlock+0x57/0x270
[  685.104507][T18880]  ? _raw_spin_unlock+0x2d/0x50
[  685.109361][T18880]  try_charge+0x102c/0x15c0
[  685.113860][T18880]  ? find_held_lock+0x35/0x130
[  685.118632][T18880]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  685.124178][T18880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  685.130422][T18880]  ? kasan_check_read+0x11/0x20
[  685.135286][T18880]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  685.140839][T18880]  mem_cgroup_try_charge+0x24d/0x5e0
[  685.146130][T18880]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  685.151764][T18880]  __handle_mm_fault+0x1e1f/0x3ec0
[  685.156881][T18880]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  685.162426][T18880]  ? find_held_lock+0x35/0x130
[  685.167202][T18880]  ? handle_mm_fault+0x322/0xb30
[  685.172147][T18880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  685.178390][T18880]  ? kasan_check_read+0x11/0x20
[  685.183264][T18880]  handle_mm_fault+0x43f/0xb30
[  685.188034][T18880]  __get_user_pages+0x7b6/0x1a40
[  685.192989][T18880]  ? follow_page_mask+0x19a0/0x19a0
[  685.198186][T18880]  ? __vma_adjust+0x1840/0x1840
[  685.203067][T18880]  ? lock_acquire+0x16f/0x3f0
[  685.207744][T18880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  685.213986][T18880]  populate_vma_page_range+0x20d/0x2a0
[  685.219460][T18880]  __mm_populate+0x204/0x380
[  685.224051][T18880]  ? populate_vma_page_range+0x2a0/0x2a0
[  685.224077][T18880]  __x64_sys_mlockall+0x35c/0x520
[  685.224096][T18880]  do_syscall_64+0x103/0x610
[  685.224115][T18880]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  685.224126][T18880] RIP: 0033:0x457f29
[  685.224140][T18880] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  685.224153][T18880] RSP: 002b:00007f35afd90c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  685.234797][T18880] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  685.234806][T18880] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  685.234814][T18880] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000
[  685.234823][T18880] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afd916d4
[  685.234831][T18880] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  685.238568][T18880] memory: usage 307200kB, limit 307200kB, failcnt 221
[  685.295470][T18880] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  685.325472][T18880] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  685.340106][T18880] Memory cgroup stats for /syz3: cache:0KB rss:296888KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8852KB inactive_file:0KB active_file:0KB unevictable:32772KB
[  685.363073][T18880] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=18702,uid=0
[  685.380364][T18880] Memory cgroup out of memory: Killed process 18702 (syz-executor.3) total-vm:72972kB, anon-rss:16340kB, file-rss:37032kB, shmem-rss:0kB
[  685.399908][ T1042] oom_reaper: reaped process 18702 (syz-executor.3), now anon-rss:16416kB, file-rss:37936kB, shmem-rss:0kB
08:03:05 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:05 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:05 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x06\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:05 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:05 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x3)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:05 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x06\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  685.718190][T19210] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  685.753897][T19210] CPU: 1 PID: 19210 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  685.761569][T19210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  685.771636][T19210] Call Trace:
[  685.774934][T19210]  dump_stack+0x172/0x1f0
[  685.779266][T19210]  dump_header+0x10f/0xb6c
[  685.783686][T19210]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  685.789493][T19210]  ? ___ratelimit+0x60/0x595
[  685.794082][T19210]  ? do_raw_spin_unlock+0x57/0x270
[  685.799194][T19210]  oom_kill_process.cold+0x10/0x15
[  685.804315][T19210]  out_of_memory+0x79a/0x1280
[  685.808995][T19210]  ? lock_downgrade+0x880/0x880
[  685.813845][T19210]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  685.820083][T19210]  ? oom_killer_disable+0x280/0x280
[  685.825279][T19210]  ? find_held_lock+0x35/0x130
[  685.830051][T19210]  mem_cgroup_out_of_memory+0x1ca/0x230
[  685.835595][T19210]  ? memcg_event_wake+0x230/0x230
[  685.840626][T19210]  ? do_raw_spin_unlock+0x57/0x270
[  685.845735][T19210]  ? _raw_spin_unlock+0x2d/0x50
[  685.850589][T19210]  try_charge+0x102c/0x15c0
[  685.855088][T19210]  ? find_held_lock+0x35/0x130
[  685.859859][T19210]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
08:03:06 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xa300, 0x0)

08:03:06 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x06\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x4)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  685.865405][T19210]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  685.871649][T19210]  ? kasan_check_read+0x11/0x20
[  685.876509][T19210]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  685.882070][T19210]  mem_cgroup_try_charge+0x24d/0x5e0
[  685.887364][T19210]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  685.893006][T19210]  __handle_mm_fault+0x1e1f/0x3ec0
[  685.898124][T19210]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  685.903680][T19210]  ? find_held_lock+0x35/0x130
[  685.908450][T19210]  ? handle_mm_fault+0x322/0xb30
[  685.913400][T19210]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  685.919646][T19210]  ? kasan_check_read+0x11/0x20
[  685.924507][T19210]  handle_mm_fault+0x43f/0xb30
[  685.929280][T19210]  __get_user_pages+0x7b6/0x1a40
[  685.934249][T19210]  ? follow_page_mask+0x19a0/0x19a0
[  685.939447][T19210]  ? __vma_adjust+0x1840/0x1840
[  685.944309][T19210]  ? lock_acquire+0x16f/0x3f0
[  685.948981][T19210]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  685.955241][T19210]  populate_vma_page_range+0x20d/0x2a0
[  685.960710][T19210]  __mm_populate+0x204/0x380
[  685.965309][T19210]  ? populate_vma_page_range+0x2a0/0x2a0
[  685.970953][T19210]  __x64_sys_mlockall+0x35c/0x520
[  685.975989][T19210]  do_syscall_64+0x103/0x610
[  685.980588][T19210]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  685.986480][T19210] RIP: 0033:0x457f29
[  685.990379][T19210] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  686.009985][T19210] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  686.018406][T19210] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  686.026384][T19210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  686.034359][T19210] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  686.042341][T19210] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  686.050323][T19210] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
08:03:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x01\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  686.063481][T19210] memory: usage 307200kB, limit 307200kB, failcnt 243
[  686.072366][T19210] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  686.080582][T19210] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  686.087786][T19210] Memory cgroup stats for /syz3: cache:0KB rss:297036KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:4KB active_file:0KB unevictable:32976KB
[  686.110766][T19210] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=19195,uid=0
[  686.127856][T19210] Memory cgroup out of memory: Killed process 19195 (syz-executor.3) total-vm:72444kB, anon-rss:16328kB, file-rss:37160kB, shmem-rss:0kB
[  686.204705][ T1042] oom_reaper: reaped process 19195 (syz-executor.3), now anon-rss:16372kB, file-rss:37944kB, shmem-rss:0kB
08:03:06 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:06 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x06\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc400, 0x0)

08:03:06 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x7)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x06\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x06\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  686.545620][T19696] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  686.587103][T19696] CPU: 0 PID: 19696 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  686.594887][T19696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  686.605571][T19696] Call Trace:
[  686.605617][T19696]  dump_stack+0x172/0x1f0
[  686.605651][T19696]  dump_header+0x10f/0xb6c
[  686.605676][T19696]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  686.605711][T19696]  ? ___ratelimit+0x60/0x595
[  686.605741][T19696]  ? do_raw_spin_unlock+0x57/0x270
[  686.605771][T19696]  oom_kill_process.cold+0x10/0x15
[  686.605801][T19696]  out_of_memory+0x79a/0x1280
[  686.605830][T19696]  ? lock_downgrade+0x880/0x880
[  686.605857][T19696]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  686.605888][T19696]  ? oom_killer_disable+0x280/0x280
[  686.605910][T19696]  ? find_held_lock+0x35/0x130
[  686.605954][T19696]  mem_cgroup_out_of_memory+0x1ca/0x230
[  686.605981][T19696]  ? memcg_event_wake+0x230/0x230
[  686.606015][T19696]  ? do_raw_spin_unlock+0x57/0x270
[  686.606044][T19696]  ? _raw_spin_unlock+0x2d/0x50
[  686.606069][T19696]  try_charge+0x102c/0x15c0
[  686.606081][T19696]  ? find_held_lock+0x35/0x130
[  686.606099][T19696]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  686.606118][T19696]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  686.606144][T19696]  ? kasan_check_read+0x11/0x20
[  686.606161][T19696]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  686.606187][T19696]  mem_cgroup_try_charge+0x24d/0x5e0
[  686.633659][T19696]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  686.633680][T19696]  __handle_mm_fault+0x1e1f/0x3ec0
[  686.633699][T19696]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  686.643457][T19696]  ? find_held_lock+0x35/0x130
[  686.643475][T19696]  ? handle_mm_fault+0x322/0xb30
[  686.643508][T19696]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  686.654566][T19696]  ? kasan_check_read+0x11/0x20
[  686.654590][T19696]  handle_mm_fault+0x43f/0xb30
[  686.654612][T19696]  __get_user_pages+0x7b6/0x1a40
[  686.654634][T19696]  ? follow_page_mask+0x19a0/0x19a0
[  686.685235][T19696]  ? __vma_adjust+0x1840/0x1840
[  686.685258][T19696]  ? lock_acquire+0x16f/0x3f0
[  686.694493][T19696]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  686.694513][T19696]  populate_vma_page_range+0x20d/0x2a0
[  686.694533][T19696]  __mm_populate+0x204/0x380
[  686.694551][T19696]  ? populate_vma_page_range+0x2a0/0x2a0
[  686.727591][T19696]  __x64_sys_mlockall+0x35c/0x520
[  686.727612][T19696]  do_syscall_64+0x103/0x610
[  686.738261][T19696]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  686.738277][T19696] RIP: 0033:0x457f29
[  686.824461][T19696] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  686.844049][T19696] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  686.852440][T19696] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  686.860394][T19696] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  686.868364][T19696] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  686.876317][T19696] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
08:03:07 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x300, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  686.884270][T19696] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  686.920524][T20020] xt_check_target: 17 callbacks suppressed
[  686.920547][T20020] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:07 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x01\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  687.024759][T19696] memory: usage 307200kB, limit 307200kB, failcnt 297
[  687.031571][T19696] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  687.066639][T19696] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  687.080824][T20208] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  687.098963][T19696] Memory cgroup stats for /syz3: cache:0KB rss:297432KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:4KB active_file:0KB unevictable:33232KB
[  687.128496][T19696] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=19688,uid=0
[  687.150573][T20208] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  687.150905][T19696] Memory cgroup out of memory: Killed process 19688 (syz-executor.3) total-vm:72444kB, anon-rss:16592kB, file-rss:37160kB, shmem-rss:0kB
[  687.185815][ T1042] oom_reaper: reaped process 19688 (syz-executor.3), now anon-rss:16636kB, file-rss:37940kB, shmem-rss:0kB
08:03:07 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:07 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:07 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x9)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:07 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:07 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x06\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:07 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xcc00, 0x0)

[  687.301128][T20231] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  687.317381][T20236] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:07 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x06\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:07 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  687.437733][T20388] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:07 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:07 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x06\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  687.545001][T20458] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  687.562540][T20247] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  687.614046][T20247] CPU: 1 PID: 20247 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  687.621721][T20247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  687.621727][T20247] Call Trace:
[  687.621750][T20247]  dump_stack+0x172/0x1f0
[  687.621771][T20247]  dump_header+0x10f/0xb6c
[  687.621791][T20247]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  687.649636][T20247]  ? ___ratelimit+0x60/0x595
[  687.654229][T20247]  ? do_raw_spin_unlock+0x57/0x270
[  687.654251][T20247]  oom_kill_process.cold+0x10/0x15
[  687.654264][T20247]  out_of_memory+0x79a/0x1280
[  687.654278][T20247]  ? lock_downgrade+0x880/0x880
[  687.654292][T20247]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  687.654306][T20247]  ? oom_killer_disable+0x280/0x280
[  687.654316][T20247]  ? find_held_lock+0x35/0x130
[  687.654340][T20247]  mem_cgroup_out_of_memory+0x1ca/0x230
[  687.654353][T20247]  ? memcg_event_wake+0x230/0x230
[  687.654371][T20247]  ? do_raw_spin_unlock+0x57/0x270
[  687.654389][T20247]  ? _raw_spin_unlock+0x2d/0x50
[  687.710723][T20247]  try_charge+0x102c/0x15c0
[  687.715237][T20247]  ? find_held_lock+0x35/0x130
[  687.720017][T20247]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  687.725584][T20247]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  687.731922][T20247]  ? kasan_check_read+0x11/0x20
[  687.736789][T20247]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  687.742338][T20247]  mem_cgroup_try_charge+0x24d/0x5e0
[  687.747634][T20247]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  687.753276][T20247]  __handle_mm_fault+0x1e1f/0x3ec0
[  687.758406][T20247]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  687.763964][T20247]  ? find_held_lock+0x35/0x130
[  687.768740][T20247]  ? handle_mm_fault+0x322/0xb30
[  687.773689][T20247]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  687.779936][T20247]  ? kasan_check_read+0x11/0x20
[  687.784796][T20247]  handle_mm_fault+0x43f/0xb30
[  687.789567][T20247]  __get_user_pages+0x7b6/0x1a40
[  687.794515][T20247]  ? follow_page_mask+0x19a0/0x19a0
[  687.799709][T20247]  ? __vma_adjust+0x1840/0x1840
[  687.804565][T20247]  ? lock_acquire+0x16f/0x3f0
08:03:08 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xf)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  687.809238][T20247]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  687.815485][T20247]  populate_vma_page_range+0x20d/0x2a0
[  687.820962][T20247]  __mm_populate+0x204/0x380
[  687.825569][T20247]  ? populate_vma_page_range+0x2a0/0x2a0
[  687.831223][T20247]  __x64_sys_mlockall+0x35c/0x520
[  687.831244][T20247]  do_syscall_64+0x103/0x610
[  687.840840][T20247]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  687.846740][T20247] RIP: 0033:0x457f29
[  687.850635][T20247] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  687.850644][T20247] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  687.850659][T20247] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  687.850667][T20247] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  687.850674][T20247] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  687.850687][T20247] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
08:03:08 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x6, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  687.910550][T20247] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  687.936701][T20599] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  688.190216][T20247] memory: usage 307196kB, limit 307200kB, failcnt 333
[  688.199751][T20247] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  688.213277][T20247] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  688.222474][T20247] Memory cgroup stats for /syz3: cache:0KB rss:297356KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:4KB active_file:0KB unevictable:33228KB
[  688.251084][T20247] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=20245,uid=0
[  688.272995][T20247] Memory cgroup out of memory: Killed process 20245 (syz-executor.3) total-vm:72444kB, anon-rss:16592kB, file-rss:37160kB, shmem-rss:0kB
08:03:08 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x01\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:08 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:08 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

08:03:08 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x11)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:08 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x600, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:08 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xedc0, 0x0)

[  688.401601][T20781] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  688.419540][T20788] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:08 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x06\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:08 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:09 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x1000000, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:09 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xff0f, 0x0)

08:03:09 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x13)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  688.726144][T20960] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  688.759840][T20960] CPU: 1 PID: 20960 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  688.767553][T20960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  688.777617][T20960] Call Trace:
[  688.780946][T20960]  dump_stack+0x172/0x1f0
[  688.785302][T20960]  dump_header+0x10f/0xb6c
[  688.789748][T20960]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  688.795583][T20960]  ? ___ratelimit+0x60/0x595
[  688.800194][T20960]  ? do_raw_spin_unlock+0x57/0x270
[  688.805340][T20960]  oom_kill_process.cold+0x10/0x15
[  688.810481][T20960]  out_of_memory+0x79a/0x1280
[  688.815191][T20960]  ? lock_downgrade+0x880/0x880
[  688.820065][T20960]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  688.826330][T20960]  ? oom_killer_disable+0x280/0x280
[  688.831548][T20960]  ? find_held_lock+0x35/0x130
[  688.836351][T20960]  mem_cgroup_out_of_memory+0x1ca/0x230
[  688.841934][T20960]  ? memcg_event_wake+0x230/0x230
[  688.847006][T20960]  ? do_raw_spin_unlock+0x57/0x270
[  688.852148][T20960]  ? _raw_spin_unlock+0x2d/0x50
[  688.857035][T20960]  try_charge+0x102c/0x15c0
[  688.861566][T20960]  ? find_held_lock+0x35/0x130
[  688.866371][T20960]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
08:03:09 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x06\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:09 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  688.871963][T20960]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  688.878237][T20960]  ? kasan_check_read+0x11/0x20
[  688.883121][T20960]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  688.888699][T20960]  mem_cgroup_try_charge+0x24d/0x5e0
[  688.894023][T20960]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  688.899693][T20960]  __handle_mm_fault+0x1e1f/0x3ec0
[  688.904840][T20960]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  688.910416][T20960]  ? find_held_lock+0x35/0x130
[  688.915199][T20960]  ? handle_mm_fault+0x322/0xb30
[  688.915224][T20960]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  688.915240][T20960]  ? kasan_check_read+0x11/0x20
[  688.915255][T20960]  handle_mm_fault+0x43f/0xb30
[  688.915273][T20960]  __get_user_pages+0x7b6/0x1a40
[  688.915299][T20960]  ? follow_page_mask+0x19a0/0x19a0
[  688.915312][T20960]  ? __vma_adjust+0x1840/0x1840
[  688.915333][T20960]  ? lock_acquire+0x16f/0x3f0
[  688.915344][T20960]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  688.915359][T20960]  populate_vma_page_range+0x20d/0x2a0
[  688.915376][T20960]  __mm_populate+0x204/0x380
[  688.915395][T20960]  ? populate_vma_page_range+0x2a0/0x2a0
[  688.915420][T20960]  __x64_sys_mlockall+0x35c/0x520
[  688.915438][T20960]  do_syscall_64+0x103/0x610
[  688.915456][T20960]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  688.915468][T20960] RIP: 0033:0x457f29
[  688.915484][T20960] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
08:03:09 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x6000000, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:09 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x06\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  688.915492][T20960] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  688.915506][T20960] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  688.915513][T20960] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  688.915521][T20960] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  688.915530][T20960] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  688.915538][T20960] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  689.230487][T20960] memory: usage 307200kB, limit 307200kB, failcnt 344
[  689.244131][T20960] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  689.260825][T20960] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  689.275857][T20960] Memory cgroup stats for /syz3: cache:0KB rss:297300KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:4KB active_file:0KB unevictable:33224KB
[  689.313322][T20960] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=20958,uid=0
[  689.334356][T20960] Memory cgroup out of memory: Killed process 20958 (syz-executor.3) total-vm:72444kB, anon-rss:16592kB, file-rss:37160kB, shmem-rss:0kB
08:03:09 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

08:03:09 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x29)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:09 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x20000, 0x0)

08:03:09 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x06\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:09 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:09 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x100000000000000, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:09 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x06\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:09 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x40000, 0x0)

08:03:10 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x6, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:10 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x06\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:10 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x300)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:10 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x600000000000000, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  689.625085][T21450] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  689.690331][T21450] CPU: 1 PID: 21450 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  689.698050][T21450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  689.708124][T21450] Call Trace:
[  689.711443][T21450]  dump_stack+0x172/0x1f0
[  689.715816][T21450]  dump_header+0x10f/0xb6c
[  689.720277][T21450]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  689.726117][T21450]  ? ___ratelimit+0x60/0x595
[  689.730729][T21450]  ? do_raw_spin_unlock+0x57/0x270
[  689.735879][T21450]  oom_kill_process.cold+0x10/0x15
[  689.741019][T21450]  out_of_memory+0x79a/0x1280
[  689.745720][T21450]  ? lock_downgrade+0x880/0x880
[  689.750580][T21450]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  689.756834][T21450]  ? oom_killer_disable+0x280/0x280
[  689.762057][T21450]  ? find_held_lock+0x35/0x130
[  689.766853][T21450]  mem_cgroup_out_of_memory+0x1ca/0x230
[  689.772424][T21450]  ? memcg_event_wake+0x230/0x230
[  689.777482][T21450]  ? do_raw_spin_unlock+0x57/0x270
[  689.782617][T21450]  ? _raw_spin_unlock+0x2d/0x50
[  689.787484][T21450]  try_charge+0x102c/0x15c0
[  689.791993][T21450]  ? find_held_lock+0x35/0x130
[  689.796782][T21450]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  689.802346][T21450]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  689.808601][T21450]  ? kasan_check_read+0x11/0x20
[  689.813467][T21450]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  689.819028][T21450]  mem_cgroup_try_charge+0x24d/0x5e0
[  689.824338][T21450]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  689.829987][T21450]  __handle_mm_fault+0x1e1f/0x3ec0
[  689.835117][T21450]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  689.840675][T21450]  ? find_held_lock+0x35/0x130
[  689.845456][T21450]  ? handle_mm_fault+0x322/0xb30
[  689.850419][T21450]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  689.856676][T21450]  ? kasan_check_read+0x11/0x20
[  689.861543][T21450]  handle_mm_fault+0x43f/0xb30
[  689.866327][T21450]  __get_user_pages+0x7b6/0x1a40
[  689.871287][T21450]  ? follow_page_mask+0x19a0/0x19a0
[  689.876500][T21450]  ? __vma_adjust+0x1840/0x1840
[  689.881373][T21450]  ? lock_acquire+0x16f/0x3f0
[  689.886063][T21450]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  689.892323][T21450]  populate_vma_page_range+0x20d/0x2a0
[  689.897811][T21450]  __mm_populate+0x204/0x380
[  689.902425][T21450]  ? populate_vma_page_range+0x2a0/0x2a0
[  689.908081][T21450]  __x64_sys_mlockall+0x35c/0x520
[  689.913116][T21450]  do_syscall_64+0x103/0x610
[  689.917727][T21450]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  689.923626][T21450] RIP: 0033:0x457f29
[  689.927527][T21450] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  689.947136][T21450] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  689.955558][T21450] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  689.963532][T21450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  689.971508][T21450] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  689.979488][T21450] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  689.987465][T21450] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  690.012354][T21450] memory: usage 307200kB, limit 307200kB, failcnt 384
[  690.040431][T21450] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  690.053537][T21450] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  690.069575][T21450] Memory cgroup stats for /syz3: cache:0KB rss:297288KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:4KB active_file:0KB unevictable:33200KB
[  690.109157][T21450] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21449,uid=0
[  690.143113][T21450] Memory cgroup out of memory: Killed process 21449 (syz-executor.3) total-vm:72444kB, anon-rss:16592kB, file-rss:37160kB, shmem-rss:0kB
[  690.199382][ T1042] oom_reaper: reaped process 21449 (syz-executor.3), now anon-rss:16636kB, file-rss:37940kB, shmem-rss:0kB
08:03:10 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

08:03:10 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:10 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x600, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:10 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xe0000, 0x0)

08:03:10 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x6, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:10 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x3e8)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:10 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:10 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x989680, 0x0)

08:03:10 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x1000000, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  690.494972][T21895] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  690.568816][T21895] CPU: 1 PID: 21895 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  690.576493][T21895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  690.576500][T21895] Call Trace:
[  690.576521][T21895]  dump_stack+0x172/0x1f0
[  690.576541][T21895]  dump_header+0x10f/0xb6c
[  690.576556][T21895]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  690.576570][T21895]  ? ___ratelimit+0x60/0x595
[  690.576591][T21895]  ? do_raw_spin_unlock+0x57/0x270
[  690.615858][T21895]  oom_kill_process.cold+0x10/0x15
[  690.615874][T21895]  out_of_memory+0x79a/0x1280
[  690.615891][T21895]  ? retint_kernel+0x2d/0x2d
[  690.615903][T21895]  ? oom_killer_disable+0x280/0x280
[  690.615925][T21895]  mem_cgroup_out_of_memory+0x1ca/0x230
[  690.615937][T21895]  ? memcg_event_wake+0x230/0x230
[  690.615955][T21895]  ? do_raw_spin_unlock+0x57/0x270
[  690.615971][T21895]  ? _raw_spin_unlock+0x2d/0x50
[  690.655951][T21895]  try_charge+0x102c/0x15c0
[  690.660446][T21895]  ? find_held_lock+0x35/0x130
[  690.665208][T21895]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  690.670748][T21895]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  690.676999][T21895]  ? kasan_check_read+0x11/0x20
[  690.681846][T21895]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  690.687386][T21895]  mem_cgroup_try_charge+0x24d/0x5e0
[  690.692670][T21895]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  690.698305][T21895]  __handle_mm_fault+0x1e1f/0x3ec0
[  690.703414][T21895]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  690.708969][T21895]  ? find_held_lock+0x35/0x130
[  690.713721][T21895]  ? handle_mm_fault+0x322/0xb30
[  690.718660][T21895]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  690.724904][T21895]  ? kasan_check_read+0x11/0x20
[  690.729760][T21895]  handle_mm_fault+0x43f/0xb30
[  690.734515][T21895]  __get_user_pages+0x7b6/0x1a40
[  690.739452][T21895]  ? follow_page_mask+0x19a0/0x19a0
[  690.744655][T21895]  ? __vma_adjust+0x1840/0x1840
[  690.749507][T21895]  ? lock_acquire+0x16f/0x3f0
[  690.754176][T21895]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  690.760431][T21895]  populate_vma_page_range+0x20d/0x2a0
[  690.765889][T21895]  __mm_populate+0x204/0x380
[  690.770471][T21895]  ? populate_vma_page_range+0x2a0/0x2a0
[  690.776100][T21895]  __x64_sys_mlockall+0x35c/0x520
[  690.781117][T21895]  do_syscall_64+0x103/0x610
[  690.785708][T21895]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  690.791590][T21895] RIP: 0033:0x457f29
[  690.795474][T21895] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
08:03:11 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x600, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:11 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  690.815070][T21895] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  690.823472][T21895] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  690.831433][T21895] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  690.839393][T21895] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  690.847353][T21895] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  690.855311][T21895] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
08:03:11 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x6000000, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  691.002754][T21895] memory: usage 306960kB, limit 307200kB, failcnt 420
[  691.022591][T21895] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  691.032334][T21895] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  691.050589][T21895] Memory cgroup stats for /syz3: cache:0KB rss:297264KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:8820KB inactive_file:0KB active_file:4KB unevictable:33164KB
[  691.081286][T21895] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21890,uid=0
[  691.103585][T21895] Memory cgroup out of memory: Killed process 21890 (syz-executor.3) total-vm:72444kB, anon-rss:16592kB, file-rss:37160kB, shmem-rss:0kB
08:03:11 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:11 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x1000000, 0x0)

08:03:11 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:11 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x100000000000000, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:11 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x1000000, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:11 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x700)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:11 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  691.328850][T22426] XFS (loop5): Invalid superblock magic number
08:03:11 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:11 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x6000000, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:11 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x600000000000000, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:11 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:11 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:11 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x900)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:12 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x2000000, 0x0)

08:03:12 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

08:03:12 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:12 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x6, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:12 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x100000000000000, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:12 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xf00)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  692.043126][T22873] xt_check_target: 25 callbacks suppressed
[  692.043144][T22873] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  692.072949][T22877] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:12 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:12 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  692.242565][T22890] XFS (loop5): Invalid superblock magic number
08:03:12 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x600000000000000, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:12 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1100)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:12 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x600, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  692.286496][T23102] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  692.368853][T23099] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  692.379411][T23107] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  692.429233][T23099] CPU: 1 PID: 23099 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  692.437678][T23099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  692.447735][T23099] Call Trace:
[  692.447761][T23099]  dump_stack+0x172/0x1f0
[  692.447781][T23099]  dump_header+0x10f/0xb6c
[  692.447796][T23099]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  692.447809][T23099]  ? ___ratelimit+0x60/0x595
[  692.447823][T23099]  ? do_raw_spin_unlock+0x57/0x270
[  692.447838][T23099]  oom_kill_process.cold+0x10/0x15
[  692.447852][T23099]  out_of_memory+0x79a/0x1280
[  692.447870][T23099]  ? oom_killer_disable+0x280/0x280
[  692.447894][T23099]  mem_cgroup_out_of_memory+0x1ca/0x230
[  692.447906][T23099]  ? memcg_event_wake+0x230/0x230
[  692.447926][T23099]  ? _raw_spin_unlock+0x41/0x50
[  692.447941][T23099]  try_charge+0x102c/0x15c0
[  692.447951][T23099]  ? find_held_lock+0x35/0x130
[  692.447973][T23099]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  692.459992][T23099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  692.460013][T23099]  ? kasan_check_read+0x11/0x20
[  692.460034][T23099]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  692.539658][T23099]  mem_cgroup_try_charge+0x24d/0x5e0
[  692.544968][T23099]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  692.550626][T23099]  __handle_mm_fault+0x1e1f/0x3ec0
[  692.555761][T23099]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  692.561319][T23099]  ? find_held_lock+0x35/0x130
[  692.566098][T23099]  ? handle_mm_fault+0x322/0xb30
[  692.571058][T23099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  692.577320][T23099]  ? kasan_check_read+0x11/0x20
[  692.582191][T23099]  handle_mm_fault+0x43f/0xb30
[  692.586977][T23099]  __get_user_pages+0x7b6/0x1a40
[  692.591945][T23099]  ? follow_page_mask+0x19a0/0x19a0
[  692.597157][T23099]  ? __vma_adjust+0x1840/0x1840
[  692.602026][T23099]  ? lock_acquire+0x16f/0x3f0
[  692.608245][T23099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  692.614508][T23099]  populate_vma_page_range+0x20d/0x2a0
[  692.619997][T23099]  __mm_populate+0x204/0x380
[  692.624615][T23099]  ? populate_vma_page_range+0x2a0/0x2a0
[  692.630268][T23099]  __x64_sys_mlockall+0x35c/0x520
[  692.635318][T23099]  do_syscall_64+0x103/0x610
[  692.639927][T23099]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  692.645829][T23099] RIP: 0033:0x457f29
[  692.649739][T23099] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  692.669539][T23099] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
08:03:13 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  692.678001][T23099] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  692.685995][T23099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  692.693974][T23099] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  692.701953][T23099] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  692.709942][T23099] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  692.750789][T23175] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  692.839221][T23099] memory: usage 307196kB, limit 307200kB, failcnt 456
[  692.861925][T23099] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  692.881573][T23099] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  692.891762][T23099] Memory cgroup stats for /syz3: cache:0KB rss:296952KB rss_huge:268288KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255424KB active_anon:15276KB inactive_file:12KB active_file:0KB unevictable:26404KB
[  692.914331][T23099] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=9449,uid=0
[  692.932760][T23099] Memory cgroup out of memory: Killed process 9449 (syz-executor.3) total-vm:72576kB, anon-rss:18240kB, file-rss:34816kB, shmem-rss:0kB
[  692.972994][ T1042] oom_reaper: reaped process 9449 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
08:03:13 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x3000000, 0x0)

08:03:13 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x6], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:13 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:13 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1300)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:13 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x1000000, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:13 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  693.237415][T23325] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  693.269887][T23332] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:13 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  693.424886][T23334] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  693.427541][T23496] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  693.453927][T23334] CPU: 1 PID: 23334 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  693.461647][T23334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  693.471724][T23334] Call Trace:
[  693.475040][T23334]  dump_stack+0x172/0x1f0
[  693.479397][T23334]  dump_header+0x10f/0xb6c
[  693.483857][T23334]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  693.489694][T23334]  ? ___ratelimit+0x60/0x595
[  693.494313][T23334]  ? do_raw_spin_unlock+0x57/0x270
[  693.499460][T23334]  oom_kill_process.cold+0x10/0x15
[  693.504610][T23334]  out_of_memory+0x79a/0x1280
[  693.509316][T23334]  ? lock_downgrade+0x880/0x880
[  693.514203][T23334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  693.520481][T23334]  ? oom_killer_disable+0x280/0x280
[  693.525710][T23334]  ? find_held_lock+0x35/0x130
[  693.530520][T23334]  mem_cgroup_out_of_memory+0x1ca/0x230
[  693.536088][T23334]  ? memcg_event_wake+0x230/0x230
[  693.541148][T23334]  ? do_raw_spin_unlock+0x57/0x270
[  693.546282][T23334]  ? _raw_spin_unlock+0x2d/0x50
[  693.551173][T23334]  try_charge+0x102c/0x15c0
[  693.555708][T23334]  ? find_held_lock+0x35/0x130
[  693.558815][T23553] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:13 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x600], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:13 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x6000000, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  693.560508][T23334]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  693.560528][T23334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  693.560546][T23334]  ? kasan_check_read+0x11/0x20
[  693.560568][T23334]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  693.594578][T23334]  mem_cgroup_try_charge+0x24d/0x5e0
[  693.599891][T23334]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  693.606087][T23334]  __handle_mm_fault+0x1e1f/0x3ec0
[  693.611224][T23334]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  693.616795][T23334]  ? find_held_lock+0x35/0x130
08:03:14 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  693.621581][T23334]  ? handle_mm_fault+0x322/0xb30
[  693.626561][T23334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  693.632837][T23334]  ? kasan_check_read+0x11/0x20
[  693.637721][T23334]  handle_mm_fault+0x43f/0xb30
[  693.642527][T23334]  __get_user_pages+0x7b6/0x1a40
[  693.647509][T23334]  ? follow_page_mask+0x19a0/0x19a0
[  693.652735][T23334]  ? __vma_adjust+0x1840/0x1840
[  693.657629][T23334]  ? lock_acquire+0x16f/0x3f0
[  693.662335][T23334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  693.668606][T23334]  populate_vma_page_range+0x20d/0x2a0
[  693.674101][T23334]  __mm_populate+0x204/0x380
[  693.678723][T23334]  ? populate_vma_page_range+0x2a0/0x2a0
[  693.684396][T23334]  __x64_sys_mlockall+0x35c/0x520
[  693.689465][T23334]  do_syscall_64+0x103/0x610
[  693.694094][T23334]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  693.700006][T23334] RIP: 0033:0x457f29
[  693.703925][T23334] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  693.723544][T23334] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  693.731978][T23334] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  693.732809][T23758] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  693.739961][T23334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  693.739969][T23334] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  693.739976][T23334] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
08:03:14 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x1000000], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:14 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x2900)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  693.739982][T23334] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  693.787170][T23349] XFS (loop5): Invalid superblock magic number
[  693.817530][T23334] memory: usage 307200kB, limit 307200kB, failcnt 498
[  693.830580][T23334] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  693.862665][T23334] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  693.946798][T23334] Memory cgroup stats for /syz3: cache:0KB rss:297040KB rss_huge:266240KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:255296KB active_anon:15284KB inactive_file:4KB active_file:0KB unevictable:26504KB
[  693.977179][T23334] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=4306,uid=0
[  693.999257][T23334] Memory cgroup out of memory: Killed process 4306 (syz-executor.3) total-vm:72576kB, anon-rss:18120kB, file-rss:34816kB, shmem-rss:0kB
08:03:14 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x4000000, 0x0)

08:03:14 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x100000000000000, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:14 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:14 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x4000)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:14 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x6000000], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  694.380362][T23886] XFS (loop5): Invalid superblock magic number
08:03:14 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

08:03:14 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:14 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x600000000000000, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:14 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x100000000000000], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:14 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xe803)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:15 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x6], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  694.766500][T24167] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  694.804268][T24167] CPU: 1 PID: 24167 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  694.811953][T24167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  694.822013][T24167] Call Trace:
[  694.825323][T24167]  dump_stack+0x172/0x1f0
[  694.829672][T24167]  dump_header+0x10f/0xb6c
[  694.834100][T24167]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  694.839912][T24167]  ? ___ratelimit+0x60/0x595
[  694.839934][T24167]  ? do_raw_spin_unlock+0x57/0x270
[  694.849613][T24167]  oom_kill_process.cold+0x10/0x15
[  694.854729][T24167]  out_of_memory+0x79a/0x1280
[  694.854746][T24167]  ? lock_downgrade+0x880/0x880
[  694.854759][T24167]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  694.854773][T24167]  ? oom_killer_disable+0x280/0x280
[  694.854784][T24167]  ? find_held_lock+0x35/0x130
[  694.854805][T24167]  mem_cgroup_out_of_memory+0x1ca/0x230
[  694.854816][T24167]  ? memcg_event_wake+0x230/0x230
[  694.854833][T24167]  ? do_raw_spin_unlock+0x57/0x270
[  694.854851][T24167]  ? _raw_spin_unlock+0x2d/0x50
[  694.864361][T24167]  try_charge+0x102c/0x15c0
[  694.864382][T24167]  ? find_held_lock+0x35/0x130
[  694.864403][T24167]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  694.864419][T24167]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  694.864437][T24167]  ? kasan_check_read+0x11/0x20
[  694.864455][T24167]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  694.864471][T24167]  mem_cgroup_try_charge+0x24d/0x5e0
[  694.864490][T24167]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  694.880647][T24167]  __handle_mm_fault+0x1e1f/0x3ec0
[  694.880669][T24167]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  694.916004][T24167]  ? find_held_lock+0x35/0x130
[  694.916022][T24167]  ? handle_mm_fault+0x322/0xb30
[  694.916043][T24167]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  694.916061][T24167]  ? kasan_check_read+0x11/0x20
[  694.916078][T24167]  handle_mm_fault+0x43f/0xb30
[  694.916096][T24167]  __get_user_pages+0x7b6/0x1a40
[  694.916118][T24167]  ? follow_page_mask+0x19a0/0x19a0
[  694.916133][T24167]  ? __vma_adjust+0x1840/0x1840
[  694.932735][T24167]  ? lock_acquire+0x16f/0x3f0
[  694.999316][T24167]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  695.005565][T24167]  populate_vma_page_range+0x20d/0x2a0
[  695.011029][T24167]  __mm_populate+0x204/0x380
[  695.015623][T24167]  ? populate_vma_page_range+0x2a0/0x2a0
[  695.021261][T24167]  __x64_sys_mlockall+0x35c/0x520
[  695.026287][T24167]  do_syscall_64+0x103/0x610
[  695.030881][T24167]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  695.036769][T24167] RIP: 0033:0x457f29
[  695.040661][T24167] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  695.060263][T24167] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  695.068689][T24167] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  695.076659][T24167] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  695.084634][T24167] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  695.092612][T24167] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  695.100701][T24167] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  695.116137][T24167] memory: usage 307200kB, limit 307200kB, failcnt 553
[  695.122974][T24167] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  695.122982][T24167] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  695.122990][T24167] Memory cgroup stats for /syz3: cache:0KB rss:297100KB rss_huge:264192KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:257344KB active_anon:15284KB inactive_file:4KB active_file:0KB unevictable:24640KB
[  695.159617][T24167] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=5353,uid=0
[  695.159734][T24167] Memory cgroup out of memory: Killed process 5353 (syz-executor.3) total-vm:72576kB, anon-rss:18120kB, file-rss:34816kB, shmem-rss:0kB
[  695.200145][ T1042] oom_reaper: reaped process 5353 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
08:03:15 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x5000000, 0x0)

08:03:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x600], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:15 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x600000000000000], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:15 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:15 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xfec00)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:15 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)

08:03:15 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:15 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x1000000], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:16 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x6, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:16 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:16 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xfffff)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  695.597926][T24342] XFS (loop5): Invalid superblock magic number
[  695.649164][T24377] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  695.661907][T24377] CPU: 1 PID: 24377 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  695.669644][T24377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  695.669650][T24377] Call Trace:
[  695.669671][T24377]  dump_stack+0x172/0x1f0
[  695.669694][T24377]  dump_header+0x10f/0xb6c
[  695.691736][T24377]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  695.697534][T24377]  ? ___ratelimit+0x60/0x595
[  695.702115][T24377]  ? do_raw_spin_unlock+0x57/0x270
[  695.707216][T24377]  oom_kill_process.cold+0x10/0x15
[  695.712338][T24377]  out_of_memory+0x79a/0x1280
[  695.717005][T24377]  ? lock_downgrade+0x880/0x880
[  695.721847][T24377]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  695.728085][T24377]  ? oom_killer_disable+0x280/0x280
[  695.733337][T24377]  ? find_held_lock+0x35/0x130
[  695.738112][T24377]  mem_cgroup_out_of_memory+0x1ca/0x230
[  695.743645][T24377]  ? memcg_event_wake+0x230/0x230
[  695.748661][T24377]  ? do_raw_spin_unlock+0x57/0x270
[  695.753764][T24377]  ? _raw_spin_unlock+0x2d/0x50
[  695.758610][T24377]  try_charge+0x102c/0x15c0
[  695.763096][T24377]  ? find_held_lock+0x35/0x130
[  695.767856][T24377]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  695.773391][T24377]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  695.779624][T24377]  ? kasan_check_read+0x11/0x20
[  695.784484][T24377]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  695.790021][T24377]  mem_cgroup_try_charge+0x24d/0x5e0
[  695.795309][T24377]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  695.800938][T24377]  __handle_mm_fault+0x1e1f/0x3ec0
[  695.806046][T24377]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  695.811581][T24377]  ? find_held_lock+0x35/0x130
[  695.816340][T24377]  ? handle_mm_fault+0x322/0xb30
[  695.821275][T24377]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  695.827518][T24377]  ? kasan_check_read+0x11/0x20
[  695.832358][T24377]  handle_mm_fault+0x43f/0xb30
[  695.837116][T24377]  __get_user_pages+0x7b6/0x1a40
[  695.842047][T24377]  ? follow_page_mask+0x19a0/0x19a0
[  695.847242][T24377]  ? __vma_adjust+0x1840/0x1840
[  695.852087][T24377]  ? lock_acquire+0x16f/0x3f0
[  695.856747][T24377]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  695.862967][T24377]  populate_vma_page_range+0x20d/0x2a0
[  695.868404][T24377]  __mm_populate+0x204/0x380
[  695.872972][T24377]  ? populate_vma_page_range+0x2a0/0x2a0
[  695.878615][T24377]  __x64_sys_mlockall+0x35c/0x520
[  695.883617][T24377]  do_syscall_64+0x103/0x610
[  695.888197][T24377]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  695.894080][T24377] RIP: 0033:0x457f29
[  695.897965][T24377] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  695.917550][T24377] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  695.925940][T24377] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  695.933895][T24377] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  695.941849][T24377] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  695.949804][T24377] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  695.957759][T24377] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
08:03:16 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  696.263655][T24377] memory: usage 307200kB, limit 307200kB, failcnt 673
[  696.271532][T24377] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  696.321513][T24377] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  696.329021][T24377] Memory cgroup stats for /syz3: cache:0KB rss:297132KB rss_huge:262144KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:259392KB active_anon:15284KB inactive_file:4KB active_file:0KB unevictable:22584KB
08:03:16 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x6000000, 0x0)

08:03:16 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x6000000], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:16 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:16 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x600, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:16 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x80ffff)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  696.357593][T24377] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=6268,uid=0
[  696.382991][T24377] Memory cgroup out of memory: Killed process 6268 (syz-executor.3) total-vm:72576kB, anon-rss:18120kB, file-rss:34816kB, shmem-rss:0kB
[  696.609780][T24781] XFS (loop5): Invalid superblock magic number
08:03:17 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)

08:03:17 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:17 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x100000000000000], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:17 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x1000000, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:17 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xec0f00)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:17 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:17 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420, 0x600000000000000], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  697.072659][T25186] xt_check_target: 20 callbacks suppressed
[  697.072676][T25186] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  697.123670][T25216] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  697.138700][T25007] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  697.170994][T25007] CPU: 1 PID: 25007 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  697.178672][T25007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  697.188736][T25007] Call Trace:
[  697.192057][T25007]  dump_stack+0x172/0x1f0
[  697.196401][T25007]  dump_header+0x10f/0xb6c
[  697.200831][T25007]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  697.206655][T25007]  ? ___ratelimit+0x60/0x595
[  697.211267][T25007]  ? do_raw_spin_unlock+0x57/0x270
[  697.216397][T25007]  oom_kill_process.cold+0x10/0x15
[  697.221522][T25007]  out_of_memory+0x79a/0x1280
[  697.226213][T25007]  ? lock_downgrade+0x880/0x880
[  697.231071][T25007]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  697.237327][T25007]  ? oom_killer_disable+0x280/0x280
[  697.242529][T25007]  ? find_held_lock+0x35/0x130
[  697.247304][T25007]  mem_cgroup_out_of_memory+0x1ca/0x230
[  697.252857][T25007]  ? memcg_event_wake+0x230/0x230
[  697.257894][T25007]  ? do_raw_spin_unlock+0x57/0x270
[  697.263017][T25007]  ? _raw_spin_unlock+0x2d/0x50
[  697.267877][T25007]  try_charge+0x102c/0x15c0
[  697.272382][T25007]  ? find_held_lock+0x35/0x130
[  697.277170][T25007]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  697.282719][T25007]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  697.288968][T25007]  ? kasan_check_read+0x11/0x20
[  697.293822][T25007]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  697.293838][T25007]  mem_cgroup_try_charge+0x24d/0x5e0
[  697.293859][T25007]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  697.293877][T25007]  __handle_mm_fault+0x1e1f/0x3ec0
[  697.293896][T25007]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  697.293910][T25007]  ? find_held_lock+0x35/0x130
[  697.293923][T25007]  ? handle_mm_fault+0x322/0xb30
[  697.293945][T25007]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  697.310460][T25007]  ? kasan_check_read+0x11/0x20
[  697.310485][T25007]  handle_mm_fault+0x43f/0xb30
[  697.321147][T25007]  __get_user_pages+0x7b6/0x1a40
[  697.321179][T25007]  ? follow_page_mask+0x19a0/0x19a0
[  697.330837][T25007]  ? __vma_adjust+0x1840/0x1840
[  697.330861][T25007]  ? lock_acquire+0x16f/0x3f0
[  697.341944][T25007]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  697.341963][T25007]  populate_vma_page_range+0x20d/0x2a0
[  697.341982][T25007]  __mm_populate+0x204/0x380
[  697.351651][T25007]  ? populate_vma_page_range+0x2a0/0x2a0
[  697.351676][T25007]  __x64_sys_mlockall+0x35c/0x520
[  697.361684][T25007]  do_syscall_64+0x103/0x610
[  697.361703][T25007]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  697.361719][T25007] RIP: 0033:0x457f29
[  697.372597][T25007] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  697.372606][T25007] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  697.372619][T25007] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  697.372631][T25007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  697.451514][T25007] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  697.459486][T25007] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  697.467456][T25007] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  697.476711][T25007] memory: usage 307200kB, limit 307200kB, failcnt 711
[  697.483569][T25007] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  697.491394][T25007] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  697.498488][T25007] Memory cgroup stats for /syz3: cache:0KB rss:297060KB rss_huge:260096KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:261440KB active_anon:15284KB inactive_file:4KB active_file:0KB unevictable:20508KB
[  697.524541][T25007] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=6816,uid=0
[  697.543617][T25007] Memory cgroup out of memory: Killed process 6816 (syz-executor.3) total-vm:72576kB, anon-rss:18120kB, file-rss:34816kB, shmem-rss:0kB
[  697.571375][ T1042] oom_reaper: reaped process 6816 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
08:03:18 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x7000000, 0x0)

08:03:18 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x6000000, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:18 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x1000000)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:18 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:18 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x6, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  697.748873][T25325] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  697.777524][T25326] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  697.946850][T25410] XFS (loop5): Invalid superblock magic number
08:03:18 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)

08:03:18 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:18 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x600, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:18 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x100000000000000, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:18 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x2000000)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  698.096532][T25551] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  698.112533][T25549] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:18 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:18 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x600000000000000, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  698.300431][T25554] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  698.314557][T25751] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  698.345580][T25751] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  698.356768][T25554] CPU: 0 PID: 25554 Comm: syz-executor.3 Not tainted 5.0.0+ #16
[  698.364427][T25554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  698.374508][T25554] Call Trace:
[  698.377822][T25554]  dump_stack+0x172/0x1f0
[  698.382170][T25554]  dump_header+0x10f/0xb6c
[  698.386592][T25554]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  698.392410][T25554]  ? ___ratelimit+0x60/0x595
[  698.397014][T25554]  ? do_raw_spin_unlock+0x57/0x270
[  698.402134][T25554]  oom_kill_process.cold+0x10/0x15
[  698.407265][T25554]  out_of_memory+0x79a/0x1280
[  698.411953][T25554]  ? lock_downgrade+0x880/0x880
[  698.416821][T25554]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  698.423080][T25554]  ? oom_killer_disable+0x280/0x280
[  698.428288][T25554]  ? find_held_lock+0x35/0x130
[  698.433090][T25554]  mem_cgroup_out_of_memory+0x1ca/0x230
[  698.439469][T25554]  ? memcg_event_wake+0x230/0x230
[  698.444524][T25554]  ? do_raw_spin_unlock+0x57/0x270
[  698.449647][T25554]  ? _raw_spin_unlock+0x2d/0x50
[  698.454509][T25554]  try_charge+0x102c/0x15c0
[  698.459016][T25554]  ? find_held_lock+0x35/0x130
[  698.463804][T25554]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  698.469366][T25554]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  698.475618][T25554]  ? kasan_check_read+0x11/0x20
[  698.480483][T25554]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[  698.486041][T25554]  mem_cgroup_try_charge+0x24d/0x5e0
[  698.491527][T25554]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  698.497168][T25554]  __handle_mm_fault+0x1e1f/0x3ec0
[  698.502300][T25554]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  698.507853][T25554]  ? find_held_lock+0x35/0x130
[  698.512628][T25554]  ? handle_mm_fault+0x322/0xb30
[  698.517589][T25554]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  698.523847][T25554]  ? kasan_check_read+0x11/0x20
[  698.528722][T25554]  handle_mm_fault+0x43f/0xb30
[  698.533525][T25554]  __get_user_pages+0x7b6/0x1a40
[  698.538496][T25554]  ? follow_page_mask+0x19a0/0x19a0
[  698.543700][T25554]  ? __vma_adjust+0x1840/0x1840
[  698.548573][T25554]  ? lock_acquire+0x16f/0x3f0
[  698.553253][T25554]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  698.559530][T25554]  populate_vma_page_range+0x20d/0x2a0
[  698.565002][T25554]  __mm_populate+0x204/0x380
[  698.569623][T25554]  ? populate_vma_page_range+0x2a0/0x2a0
[  698.575274][T25554]  __x64_sys_mlockall+0x35c/0x520
[  698.580490][T25554]  do_syscall_64+0x103/0x610
[  698.585094][T25554]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  698.590989][T25554] RIP: 0033:0x457f29
[  698.594896][T25554] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  698.615246][T25554] RSP: 002b:00007f35afdd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  698.623670][T25554] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457f29
[  698.631649][T25554] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  698.639633][T25554] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  698.647621][T25554] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35afdd36d4
[  698.655607][T25554] R13: 00000000004c3c7f R14: 00000000004d6e28 R15: 00000000ffffffff
[  698.691180][T25554] memory: usage 306992kB, limit 307200kB, failcnt 731
[  698.704516][T25554] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  698.723215][T25554] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[  698.744383][T25554] Memory cgroup stats for /syz3: cache:0KB rss:297092KB rss_huge:258048KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:263488KB active_anon:15284KB inactive_file:4KB active_file:0KB unevictable:18436KB
[  698.772063][T25554] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=7257,uid=0
08:03:19 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x8000000, 0x0)

08:03:19 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x1000000, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:19 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:19 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x3000000)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:19 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  698.788086][T25554] Memory cgroup out of memory: Killed process 7257 (syz-executor.3) total-vm:72576kB, anon-rss:18120kB, file-rss:34816kB, shmem-rss:0kB
[  698.822007][ T1042] oom_reaper: reaped process 7257 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  698.885462][T25875] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
[  699.087938][T25881] XFS (loop5): Invalid superblock magic number
08:03:19 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:19 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:19 executing program 3:
r0 = socket$inet6(0xa, 0x401000000001, 0x0)
close(r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='comm\x00')
r2 = open(&(0x7f0000000400)='./bus\x00', 0x1141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r0, r2, 0x0, 0x8000fffffffe)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000080))

08:03:19 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x4000000)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

[  699.457371][T25996] x_tables: eb_tables: arpreply target: used from hooks POSTROUTING, but only usable from PREROUTING
08:03:19 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:20 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:20 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:20 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x9000000, 0x0)

[  699.952709][T26288] XFS (loop5): Invalid superblock magic number
08:03:20 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x6000000, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:20 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000007c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x3}}, 0x18)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x7000000)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)

08:03:20 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:20 executing program 2:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:20 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
fdatasync(r0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f00000001c0))

08:03:21 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x800)
read(r0, 0x0, 0x0)

08:03:21 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

08:03:21 executing program 5:
syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0xa000000, 0x0)

08:03:21 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  700.739919][T26419] ==================================================================
[  700.748062][T26419] BUG: KASAN: use-after-free in lockdep_register_key+0x3b9/0x490
[  700.755802][T26419] Read of size 8 at addr ffff88809ff4dd98 by task syz-executor.5/26419
[  700.764042][T26419] 
[  700.766388][T26419] CPU: 0 PID: 26419 Comm: syz-executor.5 Not tainted 5.0.0+ #16
[  700.774023][T26419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  700.774029][T26419] Call Trace:
08:03:21 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  700.774057][T26419]  dump_stack+0x172/0x1f0
[  700.774081][T26419]  ? lockdep_register_key+0x3b9/0x490
[  700.774108][T26419]  print_address_description.cold+0x7c/0x20d
[  700.803120][T26419]  ? lockdep_register_key+0x3b9/0x490
[  700.803134][T26419]  ? lockdep_register_key+0x3b9/0x490
[  700.803151][T26419]  kasan_report.cold+0x1b/0x40
[  700.803168][T26419]  ? lockdep_register_key+0x3b9/0x490
[  700.824034][T26419]  __asan_report_load8_noabort+0x14/0x20
[  700.829701][T26419]  lockdep_register_key+0x3b9/0x490
[  700.834917][T26419]  alloc_workqueue+0x427/0xe70
[  700.834928][T26419]  ? up_write+0x1c/0x150
[  700.834948][T26419]  ? register_shrinker_prepared+0x116/0x190
[  700.843971][T26419]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  700.843986][T26419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  700.844003][T26419]  ? xfs_open_devices+0x14a/0x560
[  700.844026][T26419]  xfs_init_mount_workqueues+0x5f/0x660
[  700.872462][T26419]  ? sb_set_blocksize+0xe4/0x110
[  700.877424][T26419]  xfs_fs_fill_super+0x749/0x1670
[  700.882464][T26419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
08:03:21 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  700.888731][T26419]  mount_bdev+0x307/0x3c0
[  700.893074][T26419]  ? xfs_test_remount_options+0x90/0x90
[  700.898648][T26419]  xfs_fs_mount+0x35/0x40
[  700.903004][T26419]  mount_fs+0x106/0x3ff
[  700.907164][T26419]  ? emergency_thaw_all+0x1a0/0x1a0
[  700.907179][T26419]  ? __init_waitqueue_head+0x36/0x90
[  700.907198][T26419]  vfs_kern_mount.part.0+0x6f/0x410
[  700.907213][T26419]  do_mount+0x581/0x2d30
[  700.907234][T26419]  ? copy_mount_string+0x40/0x40
[  700.917704][T26419]  ? kmem_cache_alloc_trace+0x354/0x760
08:03:21 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x19, 0x1, 0x1b8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000180c20000000000000000000000b8000000f000000028010000697000000000870000000000000000000000000000000000000000000000000020000000000000007f000001ac14140000000000000000000084300000000a0000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa00000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0000000000000000000000"]}, 0x230)

[  700.937592][T26419]  ? _copy_from_user+0xdd/0x150
[  700.942466][T26419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  700.948729][T26419]  ? copy_mount_options+0x280/0x3a0
[  700.953942][T26419]  ksys_mount+0xdb/0x150
[  700.958203][T26419]  __x64_sys_mount+0xbe/0x150
[  700.962899][T26419]  do_syscall_64+0x103/0x610
[  700.967513][T26419]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  700.973430][T26419] RIP: 0033:0x45a99a
[  700.973444][T26419] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[  700.973455][T26419] RSP: 002b:00007f96196d0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  700.973466][T26419] RAX: ffffffffffffffda RBX: 00007f96196d0b30 RCX: 000000000045a99a
[  700.973483][T26419] RDX: 00007f96196d0ad0 RSI: 00000000200000c0 RDI: 00007f96196d0af0
[  700.996957][T26419] RBP: 00000000200000c0 R08: 00007f96196d0b30 R09: 00007f96196d0ad0
[  700.996964][T26419] R10: 000000000a000000 R11: 0000000000000206 R12: 0000000000000003
[  700.996971][T26419] R13: 000000000a000000 R14: 00000000004dbee0 R15: 00000000ffffffff
[  700.996982][T26419] 
[  700.996989][T26419] Allocated by task 18867:
[  700.997010][T26419]  save_stack+0x45/0xd0
[  700.997024][T26419]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  700.997034][T26419]  kasan_kmalloc+0x9/0x10
[  700.997051][T26419]  kmem_cache_alloc_trace+0x151/0x760
[  700.997063][T26419]  alloc_workqueue+0x7f9/0xe70
[  700.997082][T26419]  xfs_init_mount_workqueues+0x137/0x660
[  701.029413][T26419]  xfs_fs_fill_super+0x749/0x1670
[  701.029425][T26419]  mount_bdev+0x307/0x3c0
[  701.029442][T26419]  xfs_fs_mount+0x35/0x40
[  701.045381][T26419]  mount_fs+0x106/0x3ff
[  701.045396][T26419]  vfs_kern_mount.part.0+0x6f/0x410
[  701.045407][T26419]  do_mount+0x581/0x2d30
[  701.045418][T26419]  ksys_mount+0xdb/0x150
[  701.045429][T26419]  __x64_sys_mount+0xbe/0x150
[  701.045445][T26419]  do_syscall_64+0x103/0x610
[  701.045468][T26419]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  701.128462][T26419] 
[  701.130790][T26419] Freed by task 18867:
[  701.134884][T26419]  save_stack+0x45/0xd0
[  701.139042][T26419]  __kasan_slab_free+0x102/0x150
[  701.143985][T26419]  kasan_slab_free+0xe/0x10
[  701.148490][T26419]  kfree+0xcf/0x230
[  701.152303][T26419]  alloc_workqueue+0xc3e/0xe70
[  701.157069][T26419]  xfs_init_mount_workqueues+0x137/0x660
[  701.162703][T26419]  xfs_fs_fill_super+0x749/0x1670
[  701.167732][T26419]  mount_bdev+0x307/0x3c0
[  701.172059][T26419]  xfs_fs_mount+0x35/0x40
[  701.176387][T26419]  mount_fs+0x106/0x3ff
[  701.180541][T26419]  vfs_kern_mount.part.0+0x6f/0x410
[  701.185742][T26419]  do_mount+0x581/0x2d30
[  701.189991][T26419]  ksys_mount+0xdb/0x150
[  701.194235][T26419]  __x64_sys_mount+0xbe/0x150
[  701.198917][T26419]  do_syscall_64+0x103/0x610
[  701.203509][T26419]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  701.209387][T26419] 
[  701.211713][T26419] The buggy address belongs to the object at ffff88809ff4dc80
[  701.211713][T26419]  which belongs to the cache kmalloc-512 of size 512
[  701.225768][T26419] The buggy address is located 280 bytes inside of
[  701.225768][T26419]  512-byte region [ffff88809ff4dc80, ffff88809ff4de80)
[  701.239048][T26419] The buggy address belongs to the page:
[  701.244683][T26419] page:ffffea00027fd340 count:1 mapcount:0 mapping:ffff88812c3f0940 index:0xffff88809ff4d780
[  701.254833][T26419] flags: 0x1fffc0000000200(slab)
[  701.259776][T26419] raw: 01fffc0000000200 ffffea00020c6288 ffffea00023f9188 ffff88812c3f0940
[  701.268380][T26419] raw: ffff88809ff4d780 ffff88809ff4d000 0000000100000003 0000000000000000
[  701.276962][T26419] page dumped because: kasan: bad access detected
[  701.283358][T26419] 
[  701.285675][T26419] Memory state around the buggy address:
[  701.291314][T26419]  ffff88809ff4dc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  701.299376][T26419]  ffff88809ff4dd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  701.307432][T26419] >ffff88809ff4dd80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  701.315486][T26419]                             ^
[  701.320331][T26419]  ffff88809ff4de00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  701.328396][T26419]  ffff88809ff4de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  701.336448][T26419] ==================================================================
[  701.344505][T26419] Disabling lock debugging due to kernel taint
[  701.350651][T26419] Kernel panic - not syncing: panic_on_warn set ...
[  701.357240][T26419] CPU: 0 PID: 26419 Comm: syz-executor.5 Tainted: G    B             5.0.0+ #16
[  701.366253][T26419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  701.376299][T26419] Call Trace:
[  701.379598][T26419]  dump_stack+0x172/0x1f0
[  701.383929][T26419]  panic+0x2cb/0x65c
[  701.387822][T26419]  ? __warn_printk+0xf3/0xf3
[  701.392410][T26419]  ? lock_downgrade+0x880/0x880
[  701.397260][T26419]  ? lockdep_register_key+0x3b9/0x490
[  701.402633][T26419]  ? trace_hardirqs_off+0x62/0x220
[  701.407747][T26419]  ? trace_hardirqs_off+0x59/0x220
[  701.412875][T26419]  ? lockdep_register_key+0x3b9/0x490
[  701.418257][T26419]  end_report+0x47/0x4f
[  701.422415][T26419]  ? lockdep_register_key+0x3b9/0x490
[  701.427793][T26419]  kasan_report.cold+0xe/0x40
[  701.432472][T26419]  ? lockdep_register_key+0x3b9/0x490
[  701.437846][T26419]  __asan_report_load8_noabort+0x14/0x20
[  701.443475][T26419]  lockdep_register_key+0x3b9/0x490
[  701.448678][T26419]  alloc_workqueue+0x427/0xe70
[  701.453446][T26419]  ? up_write+0x1c/0x150
[  701.457696][T26419]  ? register_shrinker_prepared+0x116/0x190
[  701.463596][T26419]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  701.469317][T26419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  701.475565][T26419]  ? xfs_open_devices+0x14a/0x560
[  701.480597][T26419]  xfs_init_mount_workqueues+0x5f/0x660
[  701.486144][T26419]  ? sb_set_blocksize+0xe4/0x110
[  701.491086][T26419]  xfs_fs_fill_super+0x749/0x1670
[  701.496107][T26419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  701.502336][T26419]  mount_bdev+0x307/0x3c0
[  701.506651][T26419]  ? xfs_test_remount_options+0x90/0x90
[  701.512179][T26419]  xfs_fs_mount+0x35/0x40
[  701.516493][T26419]  mount_fs+0x106/0x3ff
[  701.520633][T26419]  ? emergency_thaw_all+0x1a0/0x1a0
[  701.525818][T26419]  ? __init_waitqueue_head+0x36/0x90
[  701.531094][T26419]  vfs_kern_mount.part.0+0x6f/0x410
[  701.536291][T26419]  do_mount+0x581/0x2d30
[  701.540526][T26419]  ? copy_mount_string+0x40/0x40
[  701.545457][T26419]  ? kmem_cache_alloc_trace+0x354/0x760
[  701.550991][T26419]  ? _copy_from_user+0xdd/0x150
[  701.555825][T26419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  701.562052][T26419]  ? copy_mount_options+0x280/0x3a0
[  701.567331][T26419]  ksys_mount+0xdb/0x150
[  701.571556][T26419]  __x64_sys_mount+0xbe/0x150
[  701.576223][T26419]  do_syscall_64+0x103/0x610
[  701.580810][T26419]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  701.586683][T26419] RIP: 0033:0x45a99a
[  701.590649][T26419] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[  701.610250][T26419] RSP: 002b:00007f96196d0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  701.618653][T26419] RAX: ffffffffffffffda RBX: 00007f96196d0b30 RCX: 000000000045a99a
[  701.626607][T26419] RDX: 00007f96196d0ad0 RSI: 00000000200000c0 RDI: 00007f96196d0af0
[  701.634560][T26419] RBP: 00000000200000c0 R08: 00007f96196d0b30 R09: 00007f96196d0ad0
[  701.642514][T26419] R10: 000000000a000000 R11: 0000000000000206 R12: 0000000000000003
[  701.650483][T26419] R13: 000000000a000000 R14: 00000000004dbee0 R15: 00000000ffffffff
[  701.659557][T26419] Kernel Offset: disabled
[  701.663881][T26419] Rebooting in 86400 seconds..