last executing test programs:

5m11.361684311s ago: executing program 0 (id=554):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x19, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x8)
r1 = getpid()
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @remote}, {0x2, 0x0, @private}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x4)
write(r3, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27)

5m10.443074919s ago: executing program 0 (id=568):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000180)={0x0, 0x2, 0x1, 0x1000ffff})
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0xfffffffffffffffd, 0x100000000, 0x2000000000000000, 0xc, 0x7, 0xffffffffffffffff, 0x7b, 0xfffffffffffffffd, 0x6ac})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getgroups(0x2, &(0x7f0000000100)=[0xee00, <r2=>0x0])
fchown(r1, 0x0, r2)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x80)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
unlink(&(0x7f0000000180)='./file1\x00')
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x10000}}]}}]}, 0x48}}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

5m9.968483507s ago: executing program 0 (id=577):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000140)='kyber_throttled\x00', r0}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x8010, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffc43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@quota}, {@debug}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000380)='sched_move_numa\x00', r5, 0x0, 0x9}, 0xdd6c9f437b26ec2a)
connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002100)=@newtaction={0x14, 0x30, 0x829, 0x70bd2b}, 0x14}}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r6, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
vmsplice(r9, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
writev(r8, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)

5m8.80996777s ago: executing program 0 (id=584):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x14004, &(0x7f0000000340), 0xfe, 0x272, &(0x7f0000000cc0)="$eJzs3U1oHGUcB+D/7IdrTJSoF0H8ABHRQIgHQfCiF4WAhCAiqBAR8SSJEBO8ZT158aBnW3LqJZTemvZYegm9FHpN2xzSSw8NPTT00B62zM5u2Ww2ZJv9Kpnngc3Mu/N+zIb5vZmEzEwAuTUZEZ9HRDEipiKiHBFJa4V3s9dko7g+trUQUat9cz+p18vKmWa78YioRsSnEaXmttXNH3Yfbn/1wT8r5ffPbX4/NqzP12pvd+fr/bNzf1+c/Xi10HhvorFs/Rz9lHR4r5REvDaIwZ4TSWnUe0A35v+8cDPN/esR8V49/+UoNCL77/ILV8vx0ZlO7V6OiP/u3Xhz2PsL9FetVk5/BlZrQO4U6ufASWE6IrL1QmF6OjuHv1VM4rel5T+mfl1aWfxl1DMV0AdJNfu9d+fLy5VL4235v1vM8t+VTwa8p8BApPn/dn7jdrq+X2zfOpI/zwGD9la2SPM/9dPah9Ex/8ApU2ktyD/kl/xDfsk/nAInzK78Q37JP+SX/MMpVm6uVDtuln/IL/mH/GrLv3/4gxxpzT8AkC+1yqivQAZGZdTzDwAAAAAAAAAAAAAAAAAAcNj62NZC8zWsMa/9H7H3RUSUDo6fPaisWH8eccSL9a8vPUjSak8lWbOe/PhOjx306Hyfr76eq3RbM/uevnKnv+M/q+tvD6bfvw4Wj7y33dpiRDWtPFMqHT7+k8bxd6wj+3/1mIbln7sboF+StvJn3w13/HaPN0Y7/ux2xJV0/pnpNP8V4o36svP8M9F6i+UT+v1Rjx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNE8CAAD//yega0w=")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb8000)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x943, 0x80)
ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f00000021c0)=""/4096)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x23, &(0x7f0000000000), 0x4)
sendmsg$inet(r2, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)

5m8.237023851s ago: executing program 0 (id=596):
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000001, 0x12, r1, 0x0)
symlinkat(&(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000340)='./file0\x00')

5m7.741698581s ago: executing program 0 (id=599):
mkdir(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xb30, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

5m7.741513341s ago: executing program 32 (id=599):
mkdir(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xb30, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

1.630759829s ago: executing program 1 (id=4210):
socket$inet(0x2, 0xa, 0x6)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x3000046, &(0x7f00000002c0)={[{@errors_continue}, {@data_err_abort}, {@nomblk_io_submit}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks}, {@dioread_nolock}]}, 0x21, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r0, 0x1c, 0x5, 0x5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pwritev(r0, 0x0, 0x0, 0x7, 0x4)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000900)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@oldalloc}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x82)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000008000000000030c0001400000000000000101090002"], 0xbc}}, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)="273eebfecb7c0e923301b61c42cb1d11f41d00bdab2a3d983b065a56", 0x1c}, {&(0x7f0000000140)="10eba9fdb4cbab48929e1af151000000fe00"/28, 0x1c}], 0x2)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r6, &(0x7f00000008c0)="3bf58d7d45d32cfe1da7c797b82fee444b42785c24a868a4046cf670ba8f376c429a424fcc374c08887ba2bb530d843b61bf79a3879fa0", 0x37)
sendfile(r6, r3, 0x0, 0x3ffff)
sendfile(r6, r3, 0x0, 0x7fffeffd)
socket$can_bcm(0x1d, 0x2, 0x2)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r7}, 0x18)

1.268188826s ago: executing program 4 (id=4215):
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0x101, 0xa2001, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd17b, 0x0, @perf_config_ext={0x8, 0x6}, 0x1110d4, 0x10002, 0x0, 0x8, 0x8, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x11}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xffffffffffffffff)

1.219929877s ago: executing program 5 (id=4217):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1a, 0xc, &(0x7f0000001080)=ANY=[@ANYBLOB="1859000006000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000b36b4028b3000000b70200000000000085000000860000001c5a00000f0000000000000000000000b4041800fcffffff18000000ed00000000000000000001000000010008000000"], &(0x7f0000000300)='syzkaller\x00', 0x3ff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @tracing=0x17, r2, 0x8, &(0x7f0000000340)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000380)={0x1, 0xe, 0x8, 0x48}, 0x10, 0xffffffffffffffff, r2, 0x4, 0x0, &(0x7f00000003c0)=[{0x3, 0x5, 0x9, 0x7}, {0x5, 0x5, 0xa, 0x6}, {0x1, 0x2, 0xc, 0x5}, {0x2, 0x4, 0xd}], 0x10, 0x3ea}, 0x94)
fgetxattr(r3, &(0x7f0000000400)=@known='trusted.overlay.upper\x00', &(0x7f0000000580)=""/11, 0xb)
openat(r2, &(0x7f00000000c0)='./file0\x00', 0x115880, 0x52abe154ad664fa4)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0xee01, 0xee01}}, './file0\x00'})
sendmsg$nl_netfilter(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000188}, 0xc, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x8008805}, 0x180d0)
write$selinux_attr(r1, &(0x7f0000000040)='system_u:object_r:checkpolicy_exec_t:s0\x00', 0x28)
socket$netlink(0x10, 0x3, 0x8000000004)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x5, 0xfffffffc, 0xb95b5ec032cc8e84, 0x0, 0xe6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x0, 0x1000}, 0x20)

1.149764138s ago: executing program 5 (id=4220):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000280)={<r3=>0x0, <r4=>0x0, <r5=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r2, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)="aa", 0x1}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0000002b14000000000000000100000001000000"], 0x38, 0x40044}}], 0x1, 0x4)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

1.124116729s ago: executing program 4 (id=4221):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000600"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f0000000000)={0x1a, 0x1, 0x1, 0x1, 0x3f, 0x0, @remote}, 0x10)

1.120149349s ago: executing program 5 (id=4222):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000180)='%-010d \x00'}, 0x20)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0xf)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000a00)='ns/mnt\x00')
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080))

1.05294446s ago: executing program 5 (id=4223):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
fchdir(r0)

1.04997483s ago: executing program 4 (id=4225):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44080)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
execve(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0xbffffffd, &(0x7f00000009c0)={0x10, 0x3ff, 0x4})
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r3, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000024)

1.002550081s ago: executing program 4 (id=4226):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a2c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000a0000000060a010400000000000000000100000008000b400000000078000480340001800b00010065afd8686472000024000280080001400000000c080003400000009508000440000000220500020007000000400001800c000100626974776973650030000280080001400000001408000240000000120c0004800500010098000000080003400000000308000580040001000900010073797a3000000000140000001100010000000000000000000700000a"], 0xf4}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x4}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x5}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_REVISION={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x88c}, 0x2004c019)

918.455313ms ago: executing program 5 (id=4227):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000e000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d7"], 0x10b8}, 0x106)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

917.661043ms ago: executing program 4 (id=4228):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r0, 0x0, 0x6}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x2590, &(0x7f0000000300)={0x0, 0x3bc6, 0x40, 0x2, 0x188}, &(0x7f0000000080), &(0x7f0000000100))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffffff7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0x3}, 0x18)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r6, 0x84, 0x15, &(0x7f0000001000)={0xb}, 0x1)
sendto$inet6(r6, &(0x7f0000000040)='l', 0xffe0, 0x8014, &(0x7f0000000100)={0xa, 0x4e23, 0x77, @loopback, 0x10000}, 0x1c)
r7 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
write$binfmt_elf32(r7, &(0x7f0000000000)=ANY=[], 0x58)
close(r7)
r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x1010, r2, 0x0)
syz_io_uring_submit(r9, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r10, 0x80089419, &(0x7f0000000000))
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021181500001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000ec140380300000802c000180250001"], 0x159c}}, 0x40000)
sendmsg$NFT_MSG_GETTABLE(r10, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x30, 0x1, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x440c0)

841.456134ms ago: executing program 5 (id=4229):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f0b2ad1eb9769d74e4f1feff374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724190000006f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0ed9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab778c50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2"], &(0x7f0000000140)='GPL\x00'}, 0x94)
r1 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r1, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
r2 = socket$kcm(0x29, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x94)
r4 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r4, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040)={r4, r3})
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040)={r1, r0})
close(r2)
r5 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000400)={0x28, 0x0, 0x2710, @hyper}, 0x10, 0x80000)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000440)=r0, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
socket(0x28, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="06000000040000"], 0x39)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105142, 0x2c)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r6, 0x0)

729.833906ms ago: executing program 2 (id=4232):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000280)={<r3=>0x0, <r4=>0x0, <r5=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r2, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)="aa", 0x1}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0000002b14000000000000000100000001000000"], 0x38, 0x40044}}], 0x1, 0x4)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

710.623247ms ago: executing program 2 (id=4233):
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0x101, 0xa2001, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd17b, 0x0, @perf_config_ext={0x8, 0x6}, 0x1110d4, 0x10002, 0x0, 0x8, 0x8, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x11}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xffffffffffffffff)

669.807547ms ago: executing program 1 (id=4234):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

663.978098ms ago: executing program 2 (id=4235):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000180)='%-010d \x00'}, 0x20)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0xf)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000a00)='ns/mnt\x00')
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080))

589.760099ms ago: executing program 2 (id=4236):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006000000"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f0000000000)={0x1a, 0x1, 0x1, 0x1, 0x3f, 0x0, @remote}, 0x10)

589.124109ms ago: executing program 2 (id=4237):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff000000006ae9bfa100000000000007010000f8ffff00b702000000000000b70300000000000085000000720000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x3)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080), 0x200002, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
add_key$keyring(&(0x7f0000000140), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ac020000", @ANYRES16=r2, @ANYBLOB="bf4400000000000000000c0000008000058014000280080001000000000008000100090000002c0002800800020001000000080004005fbe0000080001001b00000008000200000000000800020009000000070001006962000034000280080003006400000008000400090000000800030051bd000008000300fc00000008000300a90f0000080001001b0000000c00098008000200000000001c000980080002000e00000008000200e5d8000008000200060000005c0004800900010073797a31000000002c000780080002000300000008000400f50c00000800020005000000080001000000000008000100100000000900010073797a31000000001300010062726f6164636173742d6c696e6b0000e8000280080001000300000008000200020000004c000380080002008100000008000200ff01000008000100000400000800010008000000080002000000000008000100ffff00000800020005000000080002005d0000000800010001000100040004002c0003800800020007000000080001000000000008000100aede010008000100ff7f000008000100810000001c0003800800010007000000080001000600000008000200050000003c000380080002000200000008000100b73500000800010007000000080002000002000008000100ae0d0000080002000700000008000100090000001400028008000100fdffffff08000100060000000c000980080002005b0000006000058008000100657468000800010065746800070001006962"], 0x2ac}}, 0x0)
request_key(&(0x7f0000001000)='dns_resolver\x00', &(0x7f00000002c0)={'syz', 0x2}, &(0x7f00000001c0)='\xa7x{8\xb8\x81\xae$\xbb\x17\x90\xaa\x96\xd4\x9b\xd8\x87\x84\xca\xf6\xa6;\xd2!?,J\r\x94EA\x11\xc2\n\xc4h\xad\xc4\xe7*<\x87\xb5H\xfb\xf6t\x12\xed\x8f\x9caU^\xffW\xa1\x06\xcc', 0x0)
request_key(&(0x7f00000010c0)='dns_resolver\x00', &(0x7f0000001100)={'syz', 0x2}, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)}, 0xc0011122)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0xfeffff, 0xc0, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
fsetxattr(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="7472757374657c2e73b7268a0423e0797a"], &(0x7f0000000040)='kmem_cache_free\x00', 0x10, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x18)
statfs(&(0x7f0000000200)='.\x00', &(0x7f0000000440)=""/137)
socket$pppoe(0x18, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
kexec_load(0x78, 0x0, 0x0, 0x3e0000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0xa, 0x3, 0x3a)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b)

545.29024ms ago: executing program 1 (id=4238):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
fchdir(r1)

482.150611ms ago: executing program 1 (id=4239):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000e000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d7"], 0x10b8}, 0x106)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

353.568944ms ago: executing program 1 (id=4240):
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2, 0x0, 0x10000}, 0x18)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r1, 0x2, 0x6}, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0xa, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], 0x0, 0x8, 0x0, 0x0, 0xc2f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @multicast}, 0x10)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a2c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000a0000000060a010400000000000000000100000008000b400000000078000480340001800b00010065afd8686472000024000280080001400000000c080003400000009508000440000000220500020007000000400001800c000100626974776973650030000280080001400000001408000240000000120c0004800500010098000000080003400000000308000580040001000900010073797a3000000000140000001100010000000000000000000700000a"], 0xf4}}, 0x0)

341.055914ms ago: executing program 3 (id=4241):
socket$can_j1939(0x1d, 0x2, 0x7)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
r3 = dup(r1)
fsetxattr$security_selinux(r3, &(0x7f0000000000), 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', <r4=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000004c0)={r4, 0x3, 0x6}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x1, r4, 0x1, 0x9}, 0x14)
openat$random(0xffffffffffffff9c, 0x0, 0x109000, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r4, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

322.695495ms ago: executing program 2 (id=4242):
socket$inet(0x2, 0xa, 0x6)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x3000046, &(0x7f00000002c0)={[{@errors_continue}, {@data_err_abort}, {@nomblk_io_submit}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks}, {@dioread_nolock}]}, 0x21, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r0, 0x1c, 0x5, 0x5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pwritev(r0, 0x0, 0x0, 0x7, 0x4)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000900)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@oldalloc}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x2400c014)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='netlink_extack\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a00000000000000", @ANYRES32, @ANYBLOB="060015"], 0x38}}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x14, &(0x7f0000000fc0)=ANY=[@ANYBLOB="1800000002000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b703000000000083005509010000000000950000000000000085100000f9ffffff18230000000002000000000000000000000000066b1c51debb35cd0344019b97e2e8c7e8f2834ffaa96c0541b3139c7682a5a4f90b67a7308cbd85f2611481cd9be018a946a006f680654dd2faf0d2aba19cd27af6ddc5644a1b82702bcc2f3d03f49bc1eaf01d4677324c8d54b6667f5a24fe0dea8a60740f16a4aa6c7b3cd1003f018aab8090487a23e0c33733b51baa7a3600b7ed30567afc7d81740ea09692a63deeb8a823489de11a0e5ecea218fc2e2cee21ee8275d9044cd975631c3101d51d5ebbc169e7057941e5485b538908d5a8fea795b33b09197dbc108600bd9db48c85db00e6feaa276a3973ba", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x8, 0x47, &(0x7f00000005c0)=""/71, 0x41100, 0x10, '\x00', r4, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000640)={0x0, 0xc, 0x1de3400, 0x7fffffff}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[{0x1, 0x4, 0xa, 0xb}], 0x10, 0xb}, 0x94)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000008000000000030c0001400000000000000101090002"], 0xbc}}, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="273eebfecb7c0e923301b61c42cb1d11f41d00bdab2a3d983b065a56", 0x1c}, {&(0x7f0000000140)="10eba9fdb4cbab48929e1af151000000fe00"/28, 0x1c}], 0x2)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r7, &(0x7f00000008c0)="3bf58d7d45d32cfe1da7c797b82fee444b42785c24a868a4046cf670ba8f376c429a424fcc374c08887ba2bb530d843b61bf79a3879fa0", 0x37)
sendfile(r7, r3, 0x0, 0x3ffff)
sendfile(r7, r3, 0x0, 0x7fffeffd)
socket$can_bcm(0x1d, 0x2, 0x2)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r8}, 0x18)

266.163575ms ago: executing program 3 (id=4243):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x8000000, 0x1000}, 0x20)

212.072787ms ago: executing program 3 (id=4244):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = getpid()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r4)
sendmsg$DEVLINK_CMD_RELOAD(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="46000000d03e88ae0fa72ce6f3490b9b5363fc872b090c53cf6a0522ee2b741b5a9af01f66aa1fb3b9a619a558a57aee9e6263867af503db36e7af7bb9a504c7697134d5c61387ff08889612f635aef3b42247245b270ff9db07d0ee0c8c8075559d2f60c9901d6989b2f869d9040c6b150b3abe011aa733ca10dd5743550fcf0115c328da3ae945ad9006c6", @ANYRES16=r5, @ANYBLOB="010026bd700000000000250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=r3, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, &(0x7f00000004c0), &(0x7f0000001c40)=r2}, 0x20)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000088000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d44001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000003ef0001800e000100636f6e6e6c696d69740000000c000280080001400000e41f08000340000001"], 0xd0}, 0x1, 0x0, 0x0, 0x60000800}, 0x4000024)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r8}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYRES32=r9, @ANYRES32, @ANYRES64=r7], 0x0, 0x3fc, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRESDEC], 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r10}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00'}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))

165.989607ms ago: executing program 3 (id=4245):
r0 = perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0x101, 0xa2001, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd17b, 0x0, @perf_config_ext={0x8, 0x6}, 0x1110d4, 0x10002, 0x0, 0x8, 0x8, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x11}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xae, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000300)='net/snmp6\x00')

99.709058ms ago: executing program 1 (id=4246):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x7c, &(0x7f00000000c0)=[{&(0x7f0000000180)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe55a10a000400110000000a600e41b0000900ac00060411000000160012000a0003000248035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000680))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0xddd3, 0x4, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x7, 0x4, 0x80, 0xe, 0x28}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
msgsnd(0x0, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0)
msgrcv(0x0, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r6, 0x0, 0x5}, 0x18)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000540)={'\x00', 0x7e, 0x7527, 0x5c8, 0x7fff, 0x9})
ioctl$BLKTRACETEARDOWN(r7, 0x1276, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x8, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000000000085000000a800000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')

35.19284ms ago: executing program 4 (id=4247):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006000000"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f0000000000)={0x1a, 0x1, 0x1, 0x1, 0x3f, 0x0, @remote}, 0x10)

34.32113ms ago: executing program 3 (id=4248):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000180)='%-010d \x00'}, 0x20)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000a00)='ns/mnt\x00')
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080))

0s ago: executing program 3 (id=4249):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0a41, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="120000000800000004000000b47c000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200"/28], 0x48)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write$P9_RREAD(r4, &(0x7f0000000580)=ANY=[], 0xa0)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7fffeffd)

kernel console output (not intermixed with test programs):

cutor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  344.593091][T14889] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  344.610775][   T29] audit: type=1326 audit(1759040197.999:23735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  344.618519][T14889] FAT-fs (loop2): Filesystem has been set read-only
[  344.621311][T14889] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  344.642232][   T29] audit: type=1326 audit(1759040197.999:23736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  344.648885][T14889] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  344.656699][   T29] audit: type=1326 audit(1759040197.999:23737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  344.711701][   T29] audit: type=1326 audit(1759040197.999:23738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  344.735577][   T29] audit: type=1326 audit(1759040197.999:23739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f23dd1fef03 code=0x7ffc0000
[  344.759066][   T29] audit: type=1326 audit(1759040197.999:23740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f23dd1fd97f code=0x7ffc0000
[  344.782860][   T29] audit: type=1326 audit(1759040197.999:23741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f23dd1fef57 code=0x7ffc0000
[  344.806452][   T29] audit: type=1326 audit(1759040197.999:23742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f23dd1fd710 code=0x7ffc0000
[  345.531583][T14905] lo speed is unknown, defaulting to 1000
[  345.538210][T14905] lo speed is unknown, defaulting to 1000
[  345.674510][T14901] lo speed is unknown, defaulting to 1000
[  345.680719][T14901] lo speed is unknown, defaulting to 1000
[  345.980257][T14911] random: crng reseeded on system resumption
[  346.135648][T14930] loop2: detected capacity change from 0 to 164
[  346.158141][T14927] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3706'.
[  346.203557][T14936] FAULT_INJECTION: forcing a failure.
[  346.203557][T14936] name failslab, interval 1, probability 0, space 0, times 0
[  346.216445][T14936] CPU: 1 UID: 0 PID: 14936 Comm: syz.3.3709 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  346.216565][T14936] Tainted: [W]=WARN
[  346.216575][T14936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  346.216592][T14936] Call Trace:
[  346.216602][T14936]  <TASK>
[  346.216613][T14936]  __dump_stack+0x1d/0x30
[  346.216640][T14936]  dump_stack_lvl+0xe8/0x140
[  346.216738][T14936]  dump_stack+0x15/0x1b
[  346.216819][T14936]  should_fail_ex+0x265/0x280
[  346.216850][T14936]  ? __xdp_reg_mem_model+0x173/0x3e0
[  346.216959][T14936]  should_failslab+0x8c/0xb0
[  346.216993][T14936]  __kmalloc_cache_noprof+0x4c/0x320
[  346.217036][T14936]  __xdp_reg_mem_model+0x173/0x3e0
[  346.217131][T14936]  ? page_pool_create_percpu+0x51d/0x650
[  346.217211][T14936]  xdp_reg_mem_model+0x22/0x40
[  346.217242][T14936]  bpf_test_run_xdp_live+0x172/0xfe0
[  346.217269][T14936]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  346.217359][T14936]  ? __pfx_autoremove_wake_function+0x10/0x10
[  346.217429][T14936]  ? 0xffffffffa0205340
[  346.217445][T14936]  ? synchronize_rcu+0x45/0x320
[  346.217491][T14936]  ? 0xffffffffa0205340
[  346.217509][T14936]  ? 0xffffffffa0205340
[  346.217526][T14936]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[  346.217599][T14936]  ? 0xffffffffa0203254
[  346.217628][T14936]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  346.217734][T14936]  bpf_prog_test_run_xdp+0x4f5/0x910
[  346.217775][T14936]  ? __rcu_read_unlock+0x4f/0x70
[  346.217807][T14936]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  346.217830][T14936]  bpf_prog_test_run+0x22a/0x390
[  346.217913][T14936]  __sys_bpf+0x4b9/0x7b0
[  346.217959][T14936]  __x64_sys_bpf+0x41/0x50
[  346.218059][T14936]  x64_sys_call+0x2aea/0x2ff0
[  346.218087][T14936]  do_syscall_64+0xd2/0x200
[  346.218184][T14936]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  346.218210][T14936]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  346.218239][T14936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.218340][T14936] RIP: 0033:0x7f3c9561eec9
[  346.218359][T14936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.218381][T14936] RSP: 002b:00007f3c9407f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  346.218513][T14936] RAX: ffffffffffffffda RBX: 00007f3c95875fa0 RCX: 00007f3c9561eec9
[  346.218526][T14936] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  346.218539][T14936] RBP: 00007f3c9407f090 R08: 0000000000000000 R09: 0000000000000000
[  346.218552][T14936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.218569][T14936] R13: 00007f3c95876038 R14: 00007f3c95875fa0 R15: 00007ffc55a7fba8
[  346.218595][T14936]  </TASK>
[  346.489819][T14938] loop3: detected capacity change from 0 to 1024
[  346.495360][T14938] EXT4-fs: Ignoring removed bh option
[  346.506211][T14938] EXT4-fs: inline encryption not supported
[  346.513452][T14938] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  346.524967][T14938] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  346.535514][T14938] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.3709: lblock 2 mapped to illegal pblock 2 (length 1)
[  346.550162][T14938] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3709: lblock 0 mapped to illegal pblock 48 (length 1)
[  346.566179][T14938] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3709: Failed to acquire dquot type 0
[  346.577801][T14938] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  346.588483][T14938] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.3709: mark_inode_dirty error
[  346.600770][T14938] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  346.614306][T14938] EXT4-fs (loop3): 1 orphan inode deleted
[  346.625047][T14938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.638796][T14938] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm syz.3.3709: lblock 1 mapped to illegal pblock 1 (length 1)
[  346.664554][   T12] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  346.679732][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:0: Failed to release dquot type 0
[  346.760089][T14949] lo speed is unknown, defaulting to 1000
[  346.766820][T14949] lo speed is unknown, defaulting to 1000
[  347.104254][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.132900][T11957] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  347.186262][T11957] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  347.203998][T11957] EXT4-fs error (device loop3): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  347.248916][T14963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3719'.
[  347.258027][T14969] loop5: detected capacity change from 0 to 1024
[  347.286752][T14969] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.287463][T14974] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3722'.
[  347.308281][T14974] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3722'.
[  347.484726][ T5248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.550628][T14982] FAULT_INJECTION: forcing a failure.
[  347.550628][T14982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.563982][T14982] CPU: 0 UID: 0 PID: 14982 Comm: syz.5.3724 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  347.564090][T14982] Tainted: [W]=WARN
[  347.564100][T14982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  347.564114][T14982] Call Trace:
[  347.564123][T14982]  <TASK>
[  347.564134][T14982]  __dump_stack+0x1d/0x30
[  347.564159][T14982]  dump_stack_lvl+0xe8/0x140
[  347.564181][T14982]  dump_stack+0x15/0x1b
[  347.564253][T14982]  should_fail_ex+0x265/0x280
[  347.564285][T14982]  should_fail+0xb/0x20
[  347.564307][T14982]  should_fail_usercopy+0x1a/0x20
[  347.564336][T14982]  _copy_from_user+0x1c/0xb0
[  347.564392][T14982]  ___sys_sendmsg+0xc1/0x1d0
[  347.564436][T14982]  __x64_sys_sendmsg+0xd4/0x160
[  347.564473][T14982]  x64_sys_call+0x191e/0x2ff0
[  347.564503][T14982]  do_syscall_64+0xd2/0x200
[  347.564552][T14982]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  347.564591][T14982]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  347.564662][T14982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.564691][T14982] RIP: 0033:0x7f9500baeec9
[  347.564711][T14982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.564736][T14982] RSP: 002b:00007f94ff60f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.564756][T14982] RAX: ffffffffffffffda RBX: 00007f9500e05fa0 RCX: 00007f9500baeec9
[  347.564769][T14982] RDX: 0000000000008840 RSI: 0000200000000740 RDI: 0000000000000005
[  347.564782][T14982] RBP: 00007f94ff60f090 R08: 0000000000000000 R09: 0000000000000000
[  347.564850][T14982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.564866][T14982] R13: 00007f9500e06038 R14: 00007f9500e05fa0 R15: 00007ffd5ce4fbe8
[  347.564887][T14982]  </TASK>
[  347.907624][T14975] loop3: detected capacity change from 0 to 2048
[  347.916360][T14975] vfat: Unknown parameter '—ƒ'
[  347.925642][T14989] caif0: entered allmulticast mode
[  347.997805][T14995] loop4: detected capacity change from 0 to 1024
[  348.015922][T14995] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.089660][T14992] lo speed is unknown, defaulting to 1000
[  348.098740][T14992] lo speed is unknown, defaulting to 1000
[  348.134047][   T37] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  348.144068][   T37] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.181923][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.269464][   T37] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  348.279323][   T37] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.335311][   T37] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  348.345255][   T37] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.363531][T14992] chnl_net:caif_netlink_parms(): no params data found
[  348.387069][T15028] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3737'.
[  348.397928][T15024] delete_channel: no stack
[  348.430236][T15032] netlink: 'syz.4.3738': attribute type 1 has an invalid length.
[  348.456057][   T37] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  348.466174][   T37] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.485938][T15035] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3738'.
[  348.524837][T15032] 8021q: adding VLAN 0 to HW filter on device bond0
[  348.543252][T14992] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.550592][T14992] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.564017][T14992] bridge_slave_0: entered allmulticast mode
[  348.570694][T14992] bridge_slave_0: entered promiscuous mode
[  348.581128][T15035] bond0 (unregistering): Released all slaves
[  348.611199][T14992] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.618340][T14992] bridge0: port 2(bridge_slave_1) entered disabled state
[  348.626772][T14992] bridge_slave_1: entered allmulticast mode
[  348.640486][T14992] bridge_slave_1: entered promiscuous mode
[  348.702497][T15039] syzkaller0: entered promiscuous mode
[  348.708032][T15039] syzkaller0: entered allmulticast mode
[  348.730614][T14992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  348.740078][   T37] bridge_slave_1: left allmulticast mode
[  348.745774][   T37] bridge_slave_1: left promiscuous mode
[  348.751651][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  348.768600][   T37] bridge_slave_0: left allmulticast mode
[  348.774399][   T37] bridge_slave_0: left promiscuous mode
[  348.780115][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.870634][T15047] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3741'.
[  348.904175][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  348.915887][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  348.926135][   T37] bond0 (unregistering): Released all slaves
[  348.935853][T14992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  348.984088][   T37] tipc: Left network mode
[  348.993312][T14992] team0: Port device team_slave_0 added
[  349.008207][T14992] team0: Port device team_slave_1 added
[  349.065242][   T37] hsr_slave_0: left promiscuous mode
[  349.074383][   T37] hsr_slave_1: left promiscuous mode
[  349.080577][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  349.088061][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  349.126344][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  349.133903][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  349.153497][   T37] veth1_macvtap: left promiscuous mode
[  349.162960][   T37] veth0_macvtap: left promiscuous mode
[  349.164763][T15061] loop2: detected capacity change from 0 to 128
[  349.169707][   T37] veth1_vlan: left promiscuous mode
[  349.180239][   T37] veth0_vlan: left promiscuous mode
[  349.193015][T15061] ext4: Unknown parameter 'smackfstransmute'
[  349.398229][T15068] loop3: detected capacity change from 0 to 128
[  349.511956][T15071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3749'.
[  349.559843][T15068] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  349.593752][T15068] System zones: 1-3, 19-19, 35-36
[  349.639980][T15068] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  349.743319][T15068] ext4 filesystem being mounted at /191/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  349.911708][   T37] team0 (unregistering): Port device team_slave_1 removed
[  349.921190][   T29] kauditd_printk_skb: 177 callbacks suppressed
[  349.921208][   T29] audit: type=1400 audit(1759040203.389:23916): avc:  denied  { unmount } for  pid=11957 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  349.948973][T11957] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  349.950830][   T29] audit: type=1400 audit(1759040203.389:23917): avc:  denied  { recv } for  pid=15026 comm="syz.4.3738" saddr=10.128.0.163 src=30036 daddr=10.128.1.183 dest=47928 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  350.014999][   T37] team0 (unregistering): Port device team_slave_0 removed
[  350.031532][   T29] audit: type=1400 audit(1759040203.499:23918): avc:  denied  { read write } for  pid=11957 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  350.056058][   T29] audit: type=1400 audit(1759040203.499:23919): avc:  denied  { open } for  pid=11957 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  350.080359][   T29] audit: type=1400 audit(1759040203.499:23920): avc:  denied  { ioctl } for  pid=11957 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  350.106663][   T37] team0 (unregistering): Port device dummy0 removed
[  350.119224][   T29] audit: type=1400 audit(1759040203.589:23921): avc:  denied  { create } for  pid=15073 comm="syz.3.3751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  350.140067][   T57] smc: removing ib device syz2
[  350.144932][   T29] audit: type=1400 audit(1759040203.619:23922): avc:  denied  { create } for  pid=15073 comm="syz.3.3751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  350.164844][   T29] audit: type=1400 audit(1759040203.619:23923): avc:  denied  { create } for  pid=15073 comm="syz.3.3751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  350.182021][T14992] batman_adv: batadv0: Adding interface: batadv_slave_0
[  350.185647][   T29] audit: type=1400 audit(1759040203.619:23924): avc:  denied  { prog_load } for  pid=15073 comm="syz.3.3751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  350.192703][T14992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.211928][   T29] audit: type=1400 audit(1759040203.619:23925): avc:  denied  { bpf } for  pid=15073 comm="syz.3.3751" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  350.237836][T14992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  350.272820][T15074] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3751'.
[  350.285171][T14992] batman_adv: batadv0: Adding interface: batadv_slave_1
[  350.292185][T14992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.318184][T14992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  350.396666][ T5048] lo speed is unknown, defaulting to 1000
[  350.402530][ T5048] syz2: Port: 1 Link DOWN
[  350.463053][T15084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3753'.
[  350.472252][T15084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3753'.
[  350.481214][T15084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3753'.
[  350.504063][T15084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3753'.
[  350.513324][T15084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3753'.
[  350.526584][T14992] hsr_slave_0: entered promiscuous mode
[  350.539037][T14992] hsr_slave_1: entered promiscuous mode
[  350.545562][T14992] debugfs: 'hsr0' already exists in 'hsr'
[  350.551314][T14992] Cannot create hsr debugfs directory
[  350.803452][T15106] FAULT_INJECTION: forcing a failure.
[  350.803452][T15106] name failslab, interval 1, probability 0, space 0, times 0
[  350.816233][T15106] CPU: 0 UID: 0 PID: 15106 Comm: syz.2.3760 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  350.816301][T15106] Tainted: [W]=WARN
[  350.816313][T15106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  350.816329][T15106] Call Trace:
[  350.816338][T15106]  <TASK>
[  350.816348][T15106]  __dump_stack+0x1d/0x30
[  350.816374][T15106]  dump_stack_lvl+0xe8/0x140
[  350.816394][T15106]  dump_stack+0x15/0x1b
[  350.816443][T15106]  should_fail_ex+0x265/0x280
[  350.816599][T15106]  ? __pfx_cond_bools_destroy+0x10/0x10
[  350.816634][T15106]  should_failslab+0x8c/0xb0
[  350.816662][T15106]  kmem_cache_alloc_noprof+0x50/0x310
[  350.816699][T15106]  ? hashtab_duplicate+0xfe/0x360
[  350.816820][T15106]  ? __pfx_cond_bools_destroy+0x10/0x10
[  350.816857][T15106]  hashtab_duplicate+0xfe/0x360
[  350.816919][T15106]  ? __pfx_cond_bools_copy+0x10/0x10
[  350.816953][T15106]  cond_policydb_dup+0xd2/0x4e0
[  350.816985][T15106]  security_set_bools+0xa0/0x340
[  350.817019][T15106]  sel_commit_bools_write+0x1ea/0x270
[  350.817096][T15106]  vfs_writev+0x406/0x8b0
[  350.817176][T15106]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  350.817219][T15106]  ? mutex_lock+0xd/0x30
[  350.817327][T15106]  do_writev+0xe7/0x210
[  350.817396][T15106]  __x64_sys_writev+0x45/0x50
[  350.817428][T15106]  x64_sys_call+0x1e9a/0x2ff0
[  350.817452][T15106]  do_syscall_64+0xd2/0x200
[  350.817494][T15106]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  350.817526][T15106]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  350.817563][T15106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.817595][T15106] RIP: 0033:0x7f23dd1feec9
[  350.817669][T15106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.817692][T15106] RSP: 002b:00007f23dbc5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  350.817712][T15106] RAX: ffffffffffffffda RBX: 00007f23dd455fa0 RCX: 00007f23dd1feec9
[  350.817727][T15106] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000003
[  350.817740][T15106] RBP: 00007f23dbc5f090 R08: 0000000000000000 R09: 0000000000000000
[  350.817754][T15106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.817790][T15106] R13: 00007f23dd456038 R14: 00007f23dd455fa0 R15: 00007ffce5570a18
[  350.817862][T15106]  </TASK>
[  351.083564][T15108] loop4: detected capacity change from 0 to 764
[  351.175010][T15120] FAULT_INJECTION: forcing a failure.
[  351.175010][T15120] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  351.188326][T15120] CPU: 1 UID: 0 PID: 15120 Comm: syz.4.3767 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  351.188369][T15120] Tainted: [W]=WARN
[  351.188418][T15120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  351.188436][T15120] Call Trace:
[  351.188445][T15120]  <TASK>
[  351.188453][T15120]  __dump_stack+0x1d/0x30
[  351.188479][T15120]  dump_stack_lvl+0xe8/0x140
[  351.188499][T15120]  dump_stack+0x15/0x1b
[  351.188529][T15120]  should_fail_ex+0x265/0x280
[  351.188560][T15120]  should_fail_alloc_page+0xf2/0x100
[  351.188592][T15120]  __alloc_frozen_pages_noprof+0xff/0x360
[  351.188651][T15120]  alloc_pages_bulk_noprof+0x4b8/0x540
[  351.188753][T15120]  ? __kmalloc_noprof+0x1dd/0x3e0
[  351.188790][T15120]  ? copy_splice_read+0xc2/0x660
[  351.188867][T15120]  copy_splice_read+0xf3/0x660
[  351.188903][T15120]  sock_splice_read+0xa5/0xb0
[  351.188983][T15120]  ? __pfx_sock_splice_read+0x10/0x10
[  351.189020][T15120]  splice_file_to_pipe+0x241/0x3a0
[  351.189049][T15120]  do_splice+0xc4d/0x10b0
[  351.189075][T15120]  ? proc_fail_nth_write+0x13b/0x160
[  351.189116][T15120]  ? __rcu_read_unlock+0x4f/0x70
[  351.189139][T15120]  ? __fget_files+0x184/0x1c0
[  351.189181][T15120]  __se_sys_splice+0x26c/0x3a0
[  351.189209][T15120]  __x64_sys_splice+0x78/0x90
[  351.189235][T15120]  x64_sys_call+0x28a3/0x2ff0
[  351.189281][T15120]  do_syscall_64+0xd2/0x200
[  351.189318][T15120]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  351.189384][T15120]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  351.189416][T15120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.189443][T15120] RIP: 0033:0x7f5b1e5ceec9
[  351.189461][T15120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.189562][T15120] RSP: 002b:00007f5b1d02f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  351.189584][T15120] RAX: ffffffffffffffda RBX: 00007f5b1e825fa0 RCX: 00007f5b1e5ceec9
[  351.189599][T15120] RDX: 000000000000000a RSI: 0000000000000000 RDI: 0000000000000008
[  351.189615][T15120] RBP: 00007f5b1d02f090 R08: 0000000000000001 R09: 0000000000000000
[  351.189629][T15120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.189652][T15120] R13: 00007f5b1e826038 R14: 00007f5b1e825fa0 R15: 00007ffdebaac4d8
[  351.189677][T15120]  </TASK>
[  351.467953][T14992] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  351.483807][T15131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  351.501872][T15131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  351.513503][T14992] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  351.534070][T14992] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  351.564245][T14992] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  351.571083][T15130] rdma_op ffff88811a5da580 conn xmit_rdma 0000000000000000
[  351.697859][T15142] loop2: detected capacity change from 0 to 128
[  351.708652][T15142] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  351.716604][T15142] FAT-fs (loop2): Filesystem has been set read-only
[  351.722263][T14992] 8021q: adding VLAN 0 to HW filter on device bond0
[  351.729969][T15142] bio_check_eod: 19423 callbacks suppressed
[  351.729987][T15142] syz.2.3772: attempt to access beyond end of device
[  351.729987][T15142] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  351.736579][T14992] 8021q: adding VLAN 0 to HW filter on device team0
[  351.757403][T15142] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  351.765410][T15142] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  351.773760][T15142] syz.2.3772: attempt to access beyond end of device
[  351.773760][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.795070][ T1769] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.802288][ T1769] bridge0: port 1(bridge_slave_0) entered forwarding state
[  351.809644][T15142] syz.2.3772: attempt to access beyond end of device
[  351.809644][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.824844][T15142] syz.2.3772: attempt to access beyond end of device
[  351.824844][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.833179][ T1769] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.839028][T15142] syz.2.3772: attempt to access beyond end of device
[  351.839028][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.845787][ T1769] bridge0: port 2(bridge_slave_1) entered forwarding state
[  351.904378][T15142] syz.2.3772: attempt to access beyond end of device
[  351.904378][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.904617][T14992] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  351.928135][T14992] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  351.948739][T15142] syz.2.3772: attempt to access beyond end of device
[  351.948739][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.967335][T15142] syz.2.3772: attempt to access beyond end of device
[  351.967335][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.982928][T15142] syz.2.3772: attempt to access beyond end of device
[  351.982928][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.996976][T15142] syz.2.3772: attempt to access beyond end of device
[  351.996976][T15142] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  352.073891][T14992] 8021q: adding VLAN 0 to HW filter on device batadv0
[  352.092997][T15156] FAULT_INJECTION: forcing a failure.
[  352.092997][T15156] name failslab, interval 1, probability 0, space 0, times 0
[  352.105734][T15156] CPU: 0 UID: 0 PID: 15156 Comm: syz.4.3776 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  352.105856][T15156] Tainted: [W]=WARN
[  352.105865][T15156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  352.105882][T15156] Call Trace:
[  352.105890][T15156]  <TASK>
[  352.105901][T15156]  __dump_stack+0x1d/0x30
[  352.105955][T15156]  dump_stack_lvl+0xe8/0x140
[  352.105977][T15156]  dump_stack+0x15/0x1b
[  352.105999][T15156]  should_fail_ex+0x265/0x280
[  352.106025][T15156]  should_failslab+0x8c/0xb0
[  352.106056][T15156]  kmem_cache_alloc_noprof+0x50/0x310
[  352.106134][T15156]  ? security_file_alloc+0x32/0x100
[  352.106174][T15156]  security_file_alloc+0x32/0x100
[  352.106286][T15156]  init_file+0x5c/0x1d0
[  352.106326][T15156]  alloc_empty_file+0x8b/0x200
[  352.106388][T15156]  path_openat+0x68/0x2170
[  352.106410][T15156]  ? _parse_integer_limit+0x170/0x190
[  352.106444][T15156]  ? _parse_integer+0x27/0x40
[  352.106473][T15156]  ? kstrtoull+0x111/0x140
[  352.106541][T15156]  ? kstrtouint+0x76/0xc0
[  352.106574][T15156]  do_filp_open+0x109/0x230
[  352.106614][T15156]  do_sys_openat2+0xa6/0x110
[  352.106717][T15156]  __x64_sys_creat+0x65/0x90
[  352.106737][T15156]  x64_sys_call+0x2d94/0x2ff0
[  352.106760][T15156]  do_syscall_64+0xd2/0x200
[  352.106795][T15156]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  352.106828][T15156]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  352.106939][T15156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.106961][T15156] RIP: 0033:0x7f5b1e5ceec9
[  352.107027][T15156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.107052][T15156] RSP: 002b:00007f5b1d02f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  352.107077][T15156] RAX: ffffffffffffffda RBX: 00007f5b1e825fa0 RCX: 00007f5b1e5ceec9
[  352.107090][T15156] RDX: 0000000000000000 RSI: 0000000000000036 RDI: 00002000000003c0
[  352.107135][T15156] RBP: 00007f5b1d02f090 R08: 0000000000000000 R09: 0000000000000000
[  352.107152][T15156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.107169][T15156] R13: 00007f5b1e826038 R14: 00007f5b1e825fa0 R15: 00007ffdebaac4d8
[  352.107195][T15156]  </TASK>
[  352.596807][T15164] loop3: detected capacity change from 0 to 1024
[  352.618968][T15164] EXT4-fs: Ignoring removed nomblk_io_submit option
[  352.672551][T15164] EXT4-fs: Ignoring removed nobh option
[  352.720899][T15164] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.048412][T14992] veth0_vlan: entered promiscuous mode
[  353.089231][T14992] veth1_vlan: entered promiscuous mode
[  353.174648][T14992] veth0_macvtap: entered promiscuous mode
[  353.182699][T14992] veth1_macvtap: entered promiscuous mode
[  353.193515][T14992] batman_adv: batadv0: Interface activated: batadv_slave_0
[  353.206826][T14992] batman_adv: batadv0: Interface activated: batadv_slave_1
[  353.255198][   T57] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  353.272674][   T57] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.282808][   T57] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.303156][   T57] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.358454][T15187] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.3779: Allocating blocks 1-17 which overlap fs metadata
[  353.374053][T15206] netlink: 'syz.5.3728': attribute type 10 has an invalid length.
[  353.386454][T15164] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.3779: Allocating blocks 1-17 which overlap fs metadata
[  353.402546][T15206] batman_adv: batadv0: Adding interface: macvlan0
[  353.409074][T15206] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  353.435215][T15206] batman_adv: batadv0: Interface activated: macvlan0
[  353.446331][T15206] loop5: detected capacity change from 0 to 128
[  353.448078][T15208] netlink: 'syz.1.3787': attribute type 4 has an invalid length.
[  353.473283][T15206] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  353.489912][T15210] loop4: detected capacity change from 0 to 128
[  353.496939][T15206] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  353.516885][T15210] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  353.524972][T15210] FAT-fs (loop4): Filesystem has been set read-only
[  353.539604][T15210] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  353.547798][T15210] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  353.561829][T15217] __nla_validate_parse: 20 callbacks suppressed
[  353.561852][T15217] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3789'.
[  353.582354][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.666499][T15225] loop3: detected capacity change from 0 to 1024
[  353.674659][T15225] EXT4-fs: Ignoring removed nomblk_io_submit option
[  353.686987][T15225] EXT4-fs: Ignoring removed nobh option
[  353.707792][T15225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.728640][T15225] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3792'.
[  353.868359][T15236] loop2: detected capacity change from 0 to 1024
[  353.927933][T15236] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.148627][T15225] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.3792: Allocating blocks 1-17 which overlap fs metadata
[  354.179946][T15231] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.3792: Allocating blocks 1-17 which overlap fs metadata
[  354.194337][T14992] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  354.261357][T12862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.319292][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.333513][T15248] wg2: entered promiscuous mode
[  354.338488][T15248] wg2: entered allmulticast mode
[  354.380635][T15255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3802'.
[  354.668432][T15279] loop2: detected capacity change from 0 to 128
[  354.675082][T15278] loop3: detected capacity change from 0 to 1024
[  354.684221][T15278] EXT4-fs: Ignoring removed nomblk_io_submit option
[  354.685157][T15279] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  354.691253][T15278] EXT4-fs: Ignoring removed nobh option
[  354.698816][T15279] FAT-fs (loop2): Filesystem has been set read-only
[  354.699700][T15279] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  354.719265][T15279] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  354.921839][   T29] kauditd_printk_skb: 491 callbacks suppressed
[  354.921861][   T29] audit: type=1400 audit(1759040208.239:24415): avc:  denied  { getopt } for  pid=15265 comm="syz.5.3807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  354.967354][T15278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.129633][T15287] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3813'.
[  355.154246][T15278] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3812'.
[  355.247743][   T29] audit: type=1400 audit(1759040208.719:24416): avc:  denied  { setopt } for  pid=15291 comm="syz.1.3815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  355.401645][   T29] audit: type=1400 audit(1759040208.869:24417): avc:  denied  { ioctl } for  pid=15294 comm="syz.1.3816" path="socket:[49588]" dev="sockfs" ino=49588 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  355.451283][   T29] audit: type=1400 audit(1759040208.919:24418): avc:  denied  { append } for  pid=15294 comm="syz.1.3816" name="ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  355.474842][   T29] audit: type=1400 audit(1759040208.919:24419): avc:  denied  { open } for  pid=15294 comm="syz.1.3816" path="/dev/ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  355.514300][T15300] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  355.575017][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.589367][T15299] loop5: detected capacity change from 0 to 512
[  355.599385][T15299] EXT4-fs: Ignoring removed mblk_io_submit option
[  355.609837][T15299] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  355.624614][T15304] netlink: 'syz.2.3820': attribute type 1 has an invalid length.
[  355.632466][T15304] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.3820'.
[  355.642648][   T29] audit: type=1400 audit(1759040209.119:24420): avc:  denied  { getopt } for  pid=15303 comm="syz.2.3820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  355.674202][   T29] audit: type=1400 audit(1759040209.119:24421): avc:  denied  { override_creds } for  pid=15305 comm="syz.3.3821" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  355.707828][   T29] audit: type=1400 audit(1759040209.179:24422): avc:  denied  { getopt } for  pid=15309 comm="syz.2.3823" laddr=::1 lport=56955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  355.708679][T15299] EXT4-fs (loop5): 1 truncate cleaned up
[  355.729747][   T29] audit: type=1400 audit(1759040209.179:24423): avc:  denied  { write } for  pid=15309 comm="syz.2.3823" name="ip_vs" dev="proc" ino=4026533461 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  355.772288][T15299] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.827018][T15308] loop3: detected capacity change from 0 to 1024
[  355.834316][T15308] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  355.845444][T15308] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  355.856769][T15308] JBD2: no valid journal superblock found
[  355.862574][T15308] EXT4-fs (loop3): Could not load journal inode
[  355.881600][   T29] audit: type=1400 audit(1759040209.349:24424): avc:  denied  { setopt } for  pid=15307 comm="syz.3.3822" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  356.040724][T15326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3822'.
[  356.186828][T15334] loop3: detected capacity change from 0 to 128
[  356.198360][T15334] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  356.215674][T15334] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  356.240500][T15337] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3824'.
[  356.255929][   T31] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  356.496941][T15338] tipc: Started in network mode
[  356.501916][T15338] tipc: Node identity 761b691063b9, cluster identity 4711
[  356.509137][T15338] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  356.694792][T14992] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.741148][T15333] tipc: Resetting bearer <eth:syzkaller0>
[  356.772587][T15333] tipc: Disabling bearer <eth:syzkaller0>
[  357.008815][T15355] loop3: detected capacity change from 0 to 128
[  357.030655][T15355] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  357.038560][T15355] FAT-fs (loop3): Filesystem has been set read-only
[  357.056919][T15355] bio_check_eod: 31187 callbacks suppressed
[  357.056939][T15355] syz.3.3831: attempt to access beyond end of device
[  357.056939][T15355] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  357.077841][T15355] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  357.085838][T15355] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  357.094917][T15355] syz.3.3831: attempt to access beyond end of device
[  357.094917][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.108438][T15355] syz.3.3831: attempt to access beyond end of device
[  357.108438][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.123417][T15355] syz.3.3831: attempt to access beyond end of device
[  357.123417][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.136883][T15355] syz.3.3831: attempt to access beyond end of device
[  357.136883][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.151195][T15355] syz.3.3831: attempt to access beyond end of device
[  357.151195][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.170930][T15362] loop2: detected capacity change from 0 to 512
[  357.177404][T15355] syz.3.3831: attempt to access beyond end of device
[  357.177404][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.187952][T15362] EXT4-fs: Ignoring removed mblk_io_submit option
[  357.193199][T15355] syz.3.3831: attempt to access beyond end of device
[  357.193199][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.211259][T15362] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  357.214007][T15355] syz.3.3831: attempt to access beyond end of device
[  357.214007][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.235775][T15355] syz.3.3831: attempt to access beyond end of device
[  357.235775][T15355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  357.250240][T15362] EXT4-fs (loop2): 1 truncate cleaned up
[  357.256604][T15362] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.729030][T15371] loop5: detected capacity change from 0 to 1024
[  357.736136][T15371] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  357.747119][T15371] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  357.852278][T15371] JBD2: no valid journal superblock found
[  357.858150][T15371] EXT4-fs (loop5): Could not load journal inode
[  357.989827][T15373] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3836'.
[  358.032721][T15374] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3837'.
[  358.208145][T15376] loop5: detected capacity change from 0 to 512
[  358.216278][T12862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.242762][T15376] EXT4-fs: Ignoring removed mblk_io_submit option
[  358.252627][T15376] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  358.321445][T15376] EXT4-fs (loop5): 1 truncate cleaned up
[  358.327994][T15376] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.373511][T15382] loop4: detected capacity change from 0 to 2048
[  358.383932][T15386] netlink: 'syz.2.3839': attribute type 1 has an invalid length.
[  358.471147][T15386] 8021q: adding VLAN 0 to HW filter on device bond1
[  358.479933][T15382] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  358.618354][T15390] bond1 (unregistering): Released all slaves
[  359.070709][T15394] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  359.205106][T15394] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  359.217641][T15394] EXT4-fs (loop4): This should not happen!! Data will be lost
[  359.217641][T15394] 
[  359.227321][T15394] EXT4-fs (loop4): Total free blocks count 0
[  359.233388][T15394] EXT4-fs (loop4): Free/Dirty block details
[  359.239298][T15394] EXT4-fs (loop4): free_blocks=2415919104
[  359.245059][T15394] EXT4-fs (loop4): dirty_blocks=2864
[  359.250358][T15394] EXT4-fs (loop4): Block reservation details
[  359.256363][T15394] EXT4-fs (loop4): i_reserved_data_blocks=179
[  359.334292][T14992] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.386837][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  359.446328][T15410] loop4: detected capacity change from 0 to 1024
[  359.453106][T15410] EXT4-fs: Ignoring removed nomblk_io_submit option
[  359.480773][T15410] EXT4-fs: Ignoring removed nobh option
[  359.503104][T15410] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.543356][T15415] __nla_validate_parse: 2 callbacks suppressed
[  359.543379][T15415] netlink: 232 bytes leftover after parsing attributes in process `syz.1.3848'.
[  359.570832][T15415] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3848'.
[  359.614543][T15410] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3846'.
[  359.630546][T15418] loop2: detected capacity change from 0 to 1024
[  359.637758][T15418] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  359.648697][T15418] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  359.659478][T15418] JBD2: no valid journal superblock found
[  359.665270][T15418] EXT4-fs (loop2): Could not load journal inode
[  359.707272][T15422] loop5: detected capacity change from 0 to 1024
[  359.734942][T15422] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.784796][T15418] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3849'.
[  359.927760][T14992] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.951243][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  359.951274][   T29] audit: type=1400 audit(1759040213.419:24506): avc:  denied  { create } for  pid=15435 comm="syz.5.3854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  359.980187][   T29] audit: type=1400 audit(1759040213.449:24507): avc:  denied  { write } for  pid=15435 comm="syz.5.3854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  360.073036][T15438] loop2: detected capacity change from 0 to 512
[  360.079670][T15438] EXT4-fs: Ignoring removed bh option
[  360.114736][T15436] infiniband syz!: set active
[  360.119558][T15436] infiniband syz!: added team_slave_0
[  360.126817][T15438] EXT4-fs: old and new quota format mixing
[  360.139675][T15436] RDS/IB: syz!: added
[  360.143786][T15436] smc: adding ib device syz! with port count 1
[  360.150020][T15436] smc:    ib device syz! port 1 has pnetid 
[  360.467803][T15416] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.3846: Allocating blocks 1-17 which overlap fs metadata
[  360.567745][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.586131][T15445] loop3: detected capacity change from 0 to 2048
[  360.716061][T15445] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  360.743348][T15453] loop4: detected capacity change from 0 to 128
[  360.750096][T15453] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  360.783104][T15453] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  360.826097][T15433] lo speed is unknown, defaulting to 1000
[  360.856560][T15433] lo speed is unknown, defaulting to 1000
[  360.885376][T15455] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  360.904236][   T57] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  360.931559][T15455] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 386 with error 28
[  360.944091][T15455] EXT4-fs (loop3): This should not happen!! Data will be lost
[  360.944091][T15455] 
[  360.953778][T15455] EXT4-fs (loop3): Total free blocks count 0
[  360.959797][T15455] EXT4-fs (loop3): Free/Dirty block details
[  360.965763][T15455] EXT4-fs (loop3): free_blocks=2415919104
[  360.971531][T15455] EXT4-fs (loop3): dirty_blocks=400
[  360.976742][T15455] EXT4-fs (loop3): Block reservation details
[  360.982849][T15455] EXT4-fs (loop3): i_reserved_data_blocks=25
[  361.085227][T15453] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  361.092528][T15453] IPv6: NLM_F_CREATE should be set when creating new route
[  361.137790][T15433] lo speed is unknown, defaulting to 1000
[  361.163272][T15433] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  361.345948][T15433] lo speed is unknown, defaulting to 1000
[  361.367410][   T57] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  361.402553][T15433] lo speed is unknown, defaulting to 1000
[  361.409135][T15433] lo speed is unknown, defaulting to 1000
[  361.418215][T15433] lo speed is unknown, defaulting to 1000
[  361.490748][T15466] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3860'.
[  361.511842][T15466] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3860'.
[  361.528947][T15433] lo speed is unknown, defaulting to 1000
[  361.547655][   T29] audit: type=1400 audit(1759040215.019:24508): avc:  denied  { block_suspend } for  pid=15432 comm="syz.2.3853" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  361.772820][T15471] lo speed is unknown, defaulting to 1000
[  362.033804][   T29] audit: type=1326 audit(1759040215.489:24509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15463 comm="syz.3.3860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  362.057490][   T29] audit: type=1326 audit(1759040215.489:24510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15463 comm="syz.3.3860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  362.081218][   T29] audit: type=1326 audit(1759040215.489:24511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15463 comm="syz.3.3860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  362.104881][   T29] audit: type=1326 audit(1759040215.489:24512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15463 comm="syz.3.3860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  362.128662][   T29] audit: type=1326 audit(1759040215.489:24513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15463 comm="syz.3.3860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  362.152703][   T29] audit: type=1326 audit(1759040215.489:24514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15463 comm="syz.3.3860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  362.176507][   T29] audit: type=1326 audit(1759040215.489:24515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15463 comm="syz.3.3860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  362.449264][T15479] loop3: detected capacity change from 0 to 128
[  362.473686][T15479] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  362.481766][T15479] FAT-fs (loop3): Filesystem has been set read-only
[  362.544703][T15479] bio_check_eod: 11771 callbacks suppressed
[  362.544725][T15479] syz.3.3863: attempt to access beyond end of device
[  362.544725][T15479] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  362.575449][T15482] loop4: detected capacity change from 0 to 2048
[  362.586142][T15479] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  362.594105][T15479] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  362.604203][T15479] syz.3.3863: attempt to access beyond end of device
[  362.604203][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.618334][T15479] syz.3.3863: attempt to access beyond end of device
[  362.618334][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.633607][T15482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.647272][T15479] syz.3.3863: attempt to access beyond end of device
[  362.647272][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.660908][T15479] syz.3.3863: attempt to access beyond end of device
[  362.660908][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.675887][T15479] syz.3.3863: attempt to access beyond end of device
[  362.675887][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.687090][T15482] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.701678][T15479] syz.3.3863: attempt to access beyond end of device
[  362.701678][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.740479][T15479] syz.3.3863: attempt to access beyond end of device
[  362.740479][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.754284][T15479] syz.3.3863: attempt to access beyond end of device
[  362.754284][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.768360][T15479] syz.3.3863: attempt to access beyond end of device
[  362.768360][T15479] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  362.799958][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.820363][T15488] syzkaller0: entered allmulticast mode
[  362.927831][T15491] syzkaller0: entered promiscuous mode
[  362.978687][T15491] syzkaller0 (unregistering): left allmulticast mode
[  362.985487][T15491] syzkaller0 (unregistering): left promiscuous mode
[  363.332558][T15500] loop5: detected capacity change from 0 to 2048
[  363.384127][T15500] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  363.447996][T15505] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3869'.
[  363.562434][T15506] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  363.591294][T15514] loop3: detected capacity change from 0 to 512
[  363.598071][T15514] EXT4-fs: Ignoring removed mblk_io_submit option
[  363.604915][T15506] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 84 with error 28
[  363.605971][T15513] loop4: detected capacity change from 0 to 1024
[  363.617283][T15506] EXT4-fs (loop5): This should not happen!! Data will be lost
[  363.617283][T15506] 
[  363.617307][T15506] EXT4-fs (loop5): Total free blocks count 0
[  363.617322][T15506] EXT4-fs (loop5): Free/Dirty block details
[  363.617382][T15506] EXT4-fs (loop5): free_blocks=2415919104
[  363.651247][T15506] EXT4-fs (loop5): dirty_blocks=96
[  363.656427][T15506] EXT4-fs (loop5): Block reservation details
[  363.662509][T15506] EXT4-fs (loop5): i_reserved_data_blocks=6
[  363.670762][T15514] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  363.681911][T15515] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3873'.
[  363.691178][T15515] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3873'.
[  363.704845][T15514] EXT4-fs (loop3): 1 truncate cleaned up
[  363.711837][T15514] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  364.098461][   T57] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  364.103479][T15528] tipc: Started in network mode
[  364.115625][T15528] tipc: Node identity dad8fc7e8815, cluster identity 4711
[  364.122922][T15528] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  364.144473][T15530] loop4: detected capacity change from 0 to 128
[  364.151350][T15530] /dev/loop4: Can't open blockdev
[  364.186206][T15532] loop5: detected capacity change from 0 to 1024
[  364.202688][T15527] tipc: Resetting bearer <eth:syzkaller0>
[  364.232703][T15527] tipc: Disabling bearer <eth:syzkaller0>
[  364.244273][T15532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  364.247073][T15537] loop4: detected capacity change from 0 to 1024
[  364.292014][T15537] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  364.611160][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.616900][T15556] tap0: tun_chr_ioctl cmd 2147767521
[  364.667907][T15558] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  364.683688][T15532] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.3878: Allocating blocks 449-513 which overlap fs metadata
[  364.773934][T15559] lo speed is unknown, defaulting to 1000
[  364.906381][T15560] syzkaller0: entered promiscuous mode
[  364.912020][T15560] syzkaller0: entered allmulticast mode
[  364.937375][T15531] EXT4-fs (loop5): pa ffff888106dcfb60: logic 48, phys. 177, len 21
[  364.945612][T15531] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  364.963491][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.009841][T15557] tipc: Resetting bearer <eth:syzkaller0>
[  365.026720][T15557] tipc: Disabling bearer <eth:syzkaller0>
[  365.062004][   T29] kauditd_printk_skb: 139 callbacks suppressed
[  365.062024][   T29] audit: type=1400 audit(1759040218.539:24655): avc:  denied  { recv } for  pid=22 comm="ksoftirqd/1" saddr=10.128.0.163 src=30036 daddr=10.128.1.183 dest=47928 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  365.099248][T14992] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.110205][   T29] audit: type=1400 audit(1759040218.569:24656): avc:  denied  { unmount } for  pid=14992 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  365.157403][   T29] audit: type=1400 audit(1759040218.609:24657): avc:  denied  { read write } for  pid=14992 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  365.181851][   T29] audit: type=1400 audit(1759040218.609:24658): avc:  denied  { open } for  pid=14992 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  365.206172][   T29] audit: type=1400 audit(1759040218.609:24659): avc:  denied  { ioctl } for  pid=14992 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  365.231971][   T29] audit: type=1400 audit(1759040218.629:24660): avc:  denied  { open } for  pid=15561 comm="syz.5.3889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  365.251672][   T29] audit: type=1400 audit(1759040218.629:24661): avc:  denied  { perfmon } for  pid=15561 comm="syz.5.3889" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  365.272813][   T29] audit: type=1400 audit(1759040218.629:24662): avc:  denied  { kernel } for  pid=15561 comm="syz.5.3889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  365.306326][   T29] audit: type=1400 audit(1759040218.709:24663): avc:  denied  { allowed } for  pid=15561 comm="syz.5.3889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  365.325901][   T29] audit: type=1400 audit(1759040218.729:24664): avc:  denied  { create } for  pid=15561 comm="syz.5.3889" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  365.418077][T15566] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3888'.
[  365.458191][T15566] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3888'.
[  365.584820][T15580] loop3: detected capacity change from 0 to 128
[  365.591714][T15580] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  365.607208][T15580] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  365.624248][ T1769] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  365.661796][T15580] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  365.671163][T15579] tipc: Resetting bearer <eth:syzkaller0>
[  365.694816][T15579] tipc: Disabling bearer <eth:syzkaller0>
[  365.760812][T15586] lo speed is unknown, defaulting to 1000
[  365.766689][T15586] lo speed is unknown, defaulting to 1000
[  365.790109][T15586] lo speed is unknown, defaulting to 1000
[  365.820007][T15586] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  365.856325][T15586] lo speed is unknown, defaulting to 1000
[  365.872188][T15586] lo speed is unknown, defaulting to 1000
[  365.878442][T15586] lo speed is unknown, defaulting to 1000
[  365.900330][T15586] lo speed is unknown, defaulting to 1000
[  365.916316][T15586] lo speed is unknown, defaulting to 1000
[  365.918054][T15591] loop5: detected capacity change from 0 to 1024
[  365.930154][T15591] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  365.941132][T15591] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  365.953886][T15591] JBD2: no valid journal superblock found
[  365.959650][T15591] EXT4-fs (loop5): Could not load journal inode
[  366.029812][T15605] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3899'.
[  366.374071][T15616] lo speed is unknown, defaulting to 1000
[  366.381232][T15616] lo speed is unknown, defaulting to 1000
[  366.570187][T15633] loop5: detected capacity change from 0 to 512
[  366.582805][T15633] EXT4-fs: Ignoring removed mblk_io_submit option
[  366.590872][T15633] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  366.677572][T15633] EXT4-fs (loop5): 1 truncate cleaned up
[  366.813380][T15636] lo speed is unknown, defaulting to 1000
[  366.820033][T15636] lo speed is unknown, defaulting to 1000
[  366.896260][T15633] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  368.699109][T15655] lo speed is unknown, defaulting to 1000
[  368.705298][T15655] lo speed is unknown, defaulting to 1000
[  368.764708][T15659] lo speed is unknown, defaulting to 1000
[  368.771190][T15659] lo speed is unknown, defaulting to 1000
[  368.909119][T14992] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.925775][T15671] loop4: detected capacity change from 0 to 1024
[  368.941935][T15671] EXT4-fs: Ignoring removed nomblk_io_submit option
[  368.948809][T15671] EXT4-fs: Ignoring removed nobh option
[  368.975632][T15671] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.034090][T15683] netlink: 'syz.2.3928': attribute type 1 has an invalid length.
[  369.047694][T15675] loop5: detected capacity change from 0 to 512
[  369.068597][T15671] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3926'.
[  369.089570][T15685] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3928'.
[  369.149431][T15683] 8021q: adding VLAN 0 to HW filter on device bond1
[  369.149572][T15687] loop3: detected capacity change from 0 to 1024
[  369.182665][T15685] bond1 (unregistering): Released all slaves
[  369.190052][T15687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.372653][T15698] loop5: detected capacity change from 0 to 1024
[  369.457836][T15698] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  369.469221][T15698] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  369.548213][T15698] JBD2: no valid journal superblock found
[  369.554026][T15698] EXT4-fs (loop5): Could not load journal inode
[  369.699273][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.927406][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.071602][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  370.071621][   T29] audit: type=1326 audit(1759040223.519:24932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.101547][   T29] audit: type=1326 audit(1759040223.529:24933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.125125][   T29] audit: type=1326 audit(1759040223.529:24934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.148731][   T29] audit: type=1326 audit(1759040223.529:24935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.172412][   T29] audit: type=1326 audit(1759040223.529:24936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.196092][   T29] audit: type=1326 audit(1759040223.529:24937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.219625][   T29] audit: type=1326 audit(1759040223.529:24938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.243387][   T29] audit: type=1326 audit(1759040223.529:24939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.267064][   T29] audit: type=1326 audit(1759040223.529:24940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.269504][T15714] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3934'.
[  370.290729][   T29] audit: type=1326 audit(1759040223.529:24941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15701 comm="syz.3.3935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c9561eec9 code=0x7ffc0000
[  370.622020][T15719] lo speed is unknown, defaulting to 1000
[  370.628825][T15719] lo speed is unknown, defaulting to 1000
[  371.037398][T15725] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  371.049804][T15731] loop5: detected capacity change from 0 to 128
[  371.052186][T15725] syzkaller0: entered promiscuous mode
[  371.061779][T15725] syzkaller0: entered allmulticast mode
[  371.062138][T15731] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  371.083835][T15723] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  371.103487][T15722] tipc: Resetting bearer <eth:syzkaller0>
[  371.142044][T15731] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  371.152544][T15722] tipc: Disabling bearer <eth:syzkaller0>
[  371.181744][  T166] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  371.195220][T15724] tipc: Resetting bearer <eth:syzkaller0>
[  371.200828][T15733] loop4: detected capacity change from 0 to 1024
[  371.209056][T15733] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  371.210180][T15724] tipc: Disabling bearer <eth:syzkaller0>
[  371.220037][T15733] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  371.238641][T15733] JBD2: no valid journal superblock found
[  371.244453][T15733] EXT4-fs (loop4): Could not load journal inode
[  371.306272][T15731] tipc: Started in network mode
[  371.311207][T15731] tipc: Node identity ce2cea9a2f75, cluster identity 4711
[  371.318679][T15731] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  371.329390][T15730] tipc: Resetting bearer <eth:syzkaller0>
[  371.348205][T15730] tipc: Disabling bearer <eth:syzkaller0>
[  371.366490][T15734] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3945'.
[  371.395550][T15738] loop3: detected capacity change from 0 to 1024
[  371.416271][T15733] SELinux: failure in sel_netif_sid_slow(), invalid network interface (11)
[  371.431980][T15738] EXT4-fs: Ignoring removed nomblk_io_submit option
[  371.449367][T15738] EXT4-fs: Ignoring removed nobh option
[  371.594648][T15738] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.766042][T15755] lo speed is unknown, defaulting to 1000
[  371.772571][T15755] lo speed is unknown, defaulting to 1000
[  371.869204][T15738] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3947'.
[  372.193000][T15768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3956'.
[  372.256414][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.274498][T15775] FAULT_INJECTION: forcing a failure.
[  372.274498][T15775] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  372.287814][T15775] CPU: 0 UID: 0 PID: 15775 Comm: syz.3.3957 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  372.287921][T15775] Tainted: [W]=WARN
[  372.287930][T15775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  372.288003][T15775] Call Trace:
[  372.288012][T15775]  <TASK>
[  372.288023][T15775]  __dump_stack+0x1d/0x30
[  372.288049][T15775]  dump_stack_lvl+0xe8/0x140
[  372.288074][T15775]  dump_stack+0x15/0x1b
[  372.288209][T15775]  should_fail_ex+0x265/0x280
[  372.288235][T15775]  should_fail_alloc_page+0xf2/0x100
[  372.288264][T15775]  __alloc_frozen_pages_noprof+0xff/0x360
[  372.288311][T15775]  alloc_pages_mpol+0xb3/0x250
[  372.288357][T15775]  alloc_pages_noprof+0x90/0x130
[  372.288450][T15775]  __pmd_alloc+0x47/0x470
[  372.288516][T15775]  handle_mm_fault+0x19d4/0x2c20
[  372.288540][T15775]  ? __rcu_read_unlock+0x4f/0x70
[  372.288571][T15775]  do_user_addr_fault+0x3fe/0x1090
[  372.288621][T15775]  exc_page_fault+0x62/0xa0
[  372.288715][T15775]  asm_exc_page_fault+0x26/0x30
[  372.288736][T15775] RIP: 0010:rep_movs_alternative+0x33/0x90
[  372.288762][T15775] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 cd f6 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  372.288819][T15775] RSP: 0018:ffffc90002333e10 EFLAGS: 00050216
[  372.288840][T15775] RAX: 0000000000000000 RBX: 0000000000000020 RCX: 0000000000000020
[  372.288856][T15775] RDX: 0000000000000000 RSI: ffffc90002333e48 RDI: 0000200000000080
[  372.288869][T15775] RBP: 0000000000000000 R08: 00000000000006bf R09: 0000000000000000
[  372.288881][T15775] R10: 0001c90002333e48 R11: 0001c90002333e67 R12: 00002000000000a0
[  372.288920][T15775] R13: 00007ffffffff000 R14: 0000200000000080 R15: ffffc90002333e48
[  372.288945][T15775]  _copy_to_user+0x7c/0xa0
[  372.288986][T15775]  __x64_sys_ustat+0xd3/0x120
[  372.289035][T15775]  x64_sys_call+0xc88/0x2ff0
[  372.289092][T15775]  do_syscall_64+0xd2/0x200
[  372.289125][T15775]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  372.289153][T15775]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  372.289191][T15775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.289272][T15775] RIP: 0033:0x7f3c9561eec9
[  372.289288][T15775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.289336][T15775] RSP: 002b:00007f3c9407f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000088
[  372.289355][T15775] RAX: ffffffffffffffda RBX: 00007f3c95875fa0 RCX: 00007f3c9561eec9
[  372.289368][T15775] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000001
[  372.289448][T15775] RBP: 00007f3c9407f090 R08: 0000000000000000 R09: 0000000000000000
[  372.289461][T15775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.289473][T15775] R13: 00007f3c95876038 R14: 00007f3c95875fa0 R15: 00007ffc55a7fba8
[  372.289494][T15775]  </TASK>
[  372.353146][T15776] netlink: 'syz.4.3958': attribute type 1 has an invalid length.
[  372.517993][T15783] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3958'.
[  372.717570][T15784] lo speed is unknown, defaulting to 1000
[  372.724116][T15784] lo speed is unknown, defaulting to 1000
[  372.827986][T15776] 8021q: adding VLAN 0 to HW filter on device bond0
[  372.963304][T15787] loop5: detected capacity change from 0 to 128
[  372.976704][T15787] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  373.005640][T15783] bond0 (unregistering): Released all slaves
[  373.012503][T15787] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  373.032383][   T51] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  373.134164][T15789] loop2: detected capacity change from 0 to 512
[  373.155675][T15789] EXT4-fs: Ignoring removed mblk_io_submit option
[  373.181673][T15789] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  373.196715][T15794] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  373.204205][T15789] EXT4-fs (loop2): 1 truncate cleaned up
[  373.207091][T15787] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  373.210330][T15789] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.217117][T15787] IPv6: NLM_F_CREATE should be set when creating new route
[  373.249403][T15786] tipc: Resetting bearer <eth:syzkaller0>
[  373.309962][T15786] tipc: Disabling bearer <eth:syzkaller0>
[  373.316178][T15801] loop4: detected capacity change from 0 to 2048
[  373.338462][T15801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  373.522519][T15812] netlink: 'syz.5.3967': attribute type 1 has an invalid length.
[  373.562911][T15807] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  373.581759][T15815] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3967'.
[  373.614795][T15811] loop3: detected capacity change from 0 to 1024
[  373.626064][T15812] 8021q: adding VLAN 0 to HW filter on device bond1
[  373.643507][T15807] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 224 with error 28
[  373.655950][T15807] EXT4-fs (loop4): This should not happen!! Data will be lost
[  373.655950][T15807] 
[  373.665645][T15807] EXT4-fs (loop4): Total free blocks count 0
[  373.671682][T15807] EXT4-fs (loop4): Free/Dirty block details
[  373.677676][T15807] EXT4-fs (loop4): free_blocks=2415919104
[  373.683497][T15807] EXT4-fs (loop4): dirty_blocks=240
[  373.688705][T15807] EXT4-fs (loop4): Block reservation details
[  373.694712][T15807] EXT4-fs (loop4): i_reserved_data_blocks=15
[  373.702500][T15811] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  373.713707][T15811] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  373.736474][T15815] bond1 (unregistering): Released all slaves
[  373.758148][T15799] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  373.782142][T15811] JBD2: no valid journal superblock found
[  373.787923][T15811] EXT4-fs (loop3): Could not load journal inode
[  373.885268][T12862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.904144][T15820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3968'.
[  374.212934][T15824] lo speed is unknown, defaulting to 1000
[  374.219519][T15824] lo speed is unknown, defaulting to 1000
[  374.392373][   T31] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  374.843058][T15842] netlink: 'syz.1.3975': attribute type 1 has an invalid length.
[  374.866655][T15841] loop2: detected capacity change from 0 to 2048
[  374.870163][T15844] netlink: 'syz.3.3974': attribute type 1 has an invalid length.
[  374.897752][T15841] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  374.922354][T15842] 8021q: adding VLAN 0 to HW filter on device bond2
[  374.932545][T15849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3975'.
[  375.003594][T15850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3974'.
[  375.025341][T15849] bond2 (unregistering): Released all slaves
[  375.075182][T15844] 8021q: adding VLAN 0 to HW filter on device bond2
[  375.090720][T15853] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  375.113365][T15853] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 784 with error 28
[  375.125959][T15853] EXT4-fs (loop2): This should not happen!! Data will be lost
[  375.125959][T15853] 
[  375.135632][T15853] EXT4-fs (loop2): Total free blocks count 0
[  375.141656][T15853] EXT4-fs (loop2): Free/Dirty block details
[  375.147560][T15853] EXT4-fs (loop2): free_blocks=2415919104
[  375.153369][T15853] EXT4-fs (loop2): dirty_blocks=800
[  375.158573][T15853] EXT4-fs (loop2): Block reservation details
[  375.164596][T15853] EXT4-fs (loop2): i_reserved_data_blocks=50
[  375.188575][T15850] bond2 (unregistering): Released all slaves
[  375.256093][T15857] tipc: Started in network mode
[  375.261006][T15857] tipc: Node identity 7aef77d2967, cluster identity 4711
[  375.268136][T15857] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  375.283212][T15857] syzkaller0: entered promiscuous mode
[  375.288726][T15857] syzkaller0: entered allmulticast mode
[  375.299182][T15856] tipc: Resetting bearer <eth:syzkaller0>
[  375.311177][T15856] tipc: Disabling bearer <eth:syzkaller0>
[  375.364230][T15861] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  375.400754][T15861] syzkaller0: entered promiscuous mode
[  375.406414][T15861] syzkaller0: entered allmulticast mode
[  375.460449][T15860] tipc: Resetting bearer <eth:syzkaller0>
[  375.474399][T15860] tipc: Disabling bearer <eth:syzkaller0>
[  375.643279][T15868] loop5: detected capacity change from 0 to 512
[  375.654699][   T29] kauditd_printk_skb: 106 callbacks suppressed
[  375.654716][   T29] audit: type=1400 audit(1759040229.129:25048): avc:  denied  { mounton } for  pid=15867 comm="syz.5.3982" path="/syzcgroup/unified/syz5/cgroup" dev="cgroup2" ino=213 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  375.657723][T15868] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  375.704115][T15868] EXT4-fs (loop5): can't mount with journal_async_commit, fs mounted w/o journal
[  375.744284][ T1769] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  375.787246][   T29] audit: type=1400 audit(1759040229.259:25049): avc:  denied  { create } for  pid=15874 comm="syz.2.3984" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  375.833748][   T29] audit: type=1400 audit(1759040229.309:25050): avc:  denied  { create } for  pid=15876 comm="syz.5.3985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  375.873398][T15877] loop5: detected capacity change from 0 to 128
[  375.881714][   T29] audit: type=1400 audit(1759040229.339:25051): avc:  denied  { ioctl } for  pid=15876 comm="syz.5.3985" path="socket:[50469]" dev="sockfs" ino=50469 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  375.906549][   T29] audit: type=1400 audit(1759040229.349:25052): avc:  denied  { create } for  pid=15876 comm="syz.5.3985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  375.944502][   T29] audit: type=1326 audit(1759040229.419:25053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15880 comm="syz.2.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  375.964307][T15877] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  375.968291][   T29] audit: type=1326 audit(1759040229.419:25054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15880 comm="syz.2.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  375.975991][T15877] FAT-fs (loop5): Filesystem has been set read-only
[  375.999580][   T29] audit: type=1326 audit(1759040229.419:25055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15880 comm="syz.2.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  376.030042][   T29] audit: type=1326 audit(1759040229.419:25056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15880 comm="syz.2.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  376.053746][   T29] audit: type=1326 audit(1759040229.419:25057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15880 comm="syz.2.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f23dd1feec9 code=0x7ffc0000
[  376.054686][T15877] bio_check_eod: 7548 callbacks suppressed
[  376.054699][T15877] syz.5.3985: attempt to access beyond end of device
[  376.054699][T15877] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  376.150640][T15877] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  376.158639][T15877] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  376.168045][T15877] syz.5.3985: attempt to access beyond end of device
[  376.168045][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.185103][T15877] syz.5.3985: attempt to access beyond end of device
[  376.185103][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.198763][T15877] syz.5.3985: attempt to access beyond end of device
[  376.198763][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.215956][T15877] syz.5.3985: attempt to access beyond end of device
[  376.215956][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.230284][T15877] syz.5.3985: attempt to access beyond end of device
[  376.230284][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.244583][T15877] syz.5.3985: attempt to access beyond end of device
[  376.244583][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.259228][T15877] syz.5.3985: attempt to access beyond end of device
[  376.259228][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.274107][T15877] syz.5.3985: attempt to access beyond end of device
[  376.274107][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.287999][T15877] syz.5.3985: attempt to access beyond end of device
[  376.287999][T15877] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  376.368920][T15890] loop2: detected capacity change from 0 to 1024
[  376.393707][T15890] EXT4-fs: Ignoring removed nomblk_io_submit option
[  376.426884][T15890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.488582][T12862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.522507][T15894] loop2: detected capacity change from 0 to 1024
[  376.549646][T15894] EXT4-fs: Ignoring removed nomblk_io_submit option
[  376.586265][T15894] EXT4-fs: Ignoring removed nobh option
[  376.623403][T15894] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.679302][T15894] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3991'.
[  376.706147][T15905] loop5: detected capacity change from 0 to 128
[  376.736815][T15905] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  376.744904][T15905] FAT-fs (loop5): Filesystem has been set read-only
[  376.759920][T15905] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  376.767867][T15905] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  376.846311][T15913] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3998'.
[  376.913154][T15913] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3998'.
[  376.950975][T15918] loop4: detected capacity change from 0 to 1024
[  377.008258][T15918] EXT4-fs: Ignoring removed nomblk_io_submit option
[  377.117672][T15918] EXT4-fs: Ignoring removed nobh option
[  377.130711][T15894] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.3991: Allocating blocks 1-17 which overlap fs metadata
[  377.153246][T15908] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.3991: Allocating blocks 1-17 which overlap fs metadata
[  377.191328][T15918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.272969][T15925] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  377.281053][T15924] tipc: Resetting bearer <eth:syzkaller0>
[  377.289588][T15918] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4000'.
[  377.300929][T15924] tipc: Disabling bearer <eth:syzkaller0>
[  377.670213][T15928] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.4000: Allocating blocks 1-17 which overlap fs metadata
[  377.686065][T15933] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  377.702240][T15918] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.4000: Allocating blocks 1-17 which overlap fs metadata
[  377.719720][T12862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.730230][T15932] tipc: Resetting bearer <eth:syzkaller0>
[  377.812448][T15932] tipc: Disabling bearer <eth:syzkaller0>
[  377.911399][T15941] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4009'.
[  377.939847][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.941676][T15941] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4009'.
[  377.965813][T15943] netlink: 'syz.2.4011': attribute type 10 has an invalid length.
[  377.990414][T15943] team0: Port device dummy0 added
[  378.167261][T15959] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4015'.
[  378.344695][T15965] loop4: detected capacity change from 0 to 1024
[  378.353940][T15965] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  378.364886][T15965] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  378.377057][T15971] loop3: detected capacity change from 0 to 128
[  378.386803][T15971] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  378.394834][T15971] FAT-fs (loop3): Filesystem has been set read-only
[  378.401574][T15971] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  378.409451][T15971] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  378.434281][T15965] JBD2: no valid journal superblock found
[  378.440047][T15965] EXT4-fs (loop4): Could not load journal inode
[  378.471266][T15965] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4018'.
[  378.578605][T15982] loop4: detected capacity change from 0 to 512
[  378.728073][T15991] loop4: detected capacity change from 0 to 1024
[  378.785480][T15991] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.076663][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.138377][T15996] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4028'.
[  379.182427][T15996] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4028'.
[  379.456132][T16009] loop5: detected capacity change from 0 to 2048
[  379.474432][T16009] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  379.504171][T16013] program syz.3.4033 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  379.631826][T16022] loop2: detected capacity change from 0 to 1024
[  379.638685][T16018] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  379.641786][T16022] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  379.655320][T16018] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 434 with max blocks 1184 with error 28
[  379.664553][T16022] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  379.686973][T16018] EXT4-fs (loop5): This should not happen!! Data will be lost
[  379.686973][T16018] 
[  379.696664][T16018] EXT4-fs (loop5): Total free blocks count 0
[  379.702709][T16018] EXT4-fs (loop5): Free/Dirty block details
[  379.708729][T16018] EXT4-fs (loop5): free_blocks=2415919104
[  379.714522][T16018] EXT4-fs (loop5): dirty_blocks=1632
[  379.719868][T16018] EXT4-fs (loop5): Block reservation details
[  379.725924][T16018] EXT4-fs (loop5): i_reserved_data_blocks=102
[  379.755919][T16028] loop3: detected capacity change from 0 to 512
[  379.764267][T16022] JBD2: no valid journal superblock found
[  379.770037][T16022] EXT4-fs (loop2): Could not load journal inode
[  379.967126][T16038] lo speed is unknown, defaulting to 1000
[  379.973694][T16038] lo speed is unknown, defaulting to 1000
[  380.425279][ T1769] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  380.520790][T16058] netlink: 'syz.1.4050': attribute type 4 has an invalid length.
[  380.537076][T16062] loop5: detected capacity change from 0 to 1024
[  380.551902][T16062] EXT4-fs: Ignoring removed nomblk_io_submit option
[  380.561635][T16062] EXT4-fs: Ignoring removed nobh option
[  380.576081][T16054] lo speed is unknown, defaulting to 1000
[  380.582485][T16054] lo speed is unknown, defaulting to 1000
[  380.594627][T16062] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.667463][   T29] kauditd_printk_skb: 427 callbacks suppressed
[  380.667506][   T29] audit: type=1400 audit(1759040234.139:25483): avc:  denied  { mount } for  pid=16064 comm="syz.4.4051" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  380.668283][T16068] netlink: 'syz.4.4051': attribute type 1 has an invalid length.
[  380.720232][   T29] audit: type=1400 audit(1759040234.189:25484): avc:  denied  { read open } for  pid=16061 comm="syz.5.4046" path="/40/file1/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  380.762490][   T29] audit: type=1400 audit(1759040234.239:25485): avc:  denied  { write } for  pid=16061 comm="syz.5.4046" name="bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  380.826707][T16078] netlink: 'syz.2.4053': attribute type 1 has an invalid length.
[  380.948225][   T29] audit: type=1400 audit(1759040234.259:25486): avc:  denied  { tracepoint } for  pid=16057 comm="syz.1.4050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  380.968500][   T29] audit: type=1400 audit(1759040234.279:25487): avc:  denied  { write } for  pid=16057 comm="syz.1.4050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  380.988111][   T29] audit: type=1326 audit(1759040234.329:25488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.1.4050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437131eec9 code=0x7ffc0000
[  381.011688][   T29] audit: type=1326 audit(1759040234.329:25489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.1.4050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437131eec9 code=0x7ffc0000
[  381.035298][   T29] audit: type=1400 audit(1759040234.389:25490): avc:  denied  { create } for  pid=16061 comm="syz.5.4046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  381.102169][T16087] loop3: detected capacity change from 0 to 1024
[  381.110337][T16087] EXT4-fs: Ignoring removed nomblk_io_submit option
[  381.117747][T16087] EXT4-fs: Ignoring removed nobh option
[  381.142382][T16087] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  381.157100][T16078] 8021q: adding VLAN 0 to HW filter on device bond1
[  381.168562][T16084] bond1 (unregistering): Released all slaves
[  381.218578][T16068] 8021q: adding VLAN 0 to HW filter on device bond0
[  381.239094][T16081] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.4046: Allocating blocks 1-17 which overlap fs metadata
[  381.283749][T16062] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.4046: Allocating blocks 1-17 which overlap fs metadata
[  381.427085][T14992] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.573204][T16102] loop5: detected capacity change from 0 to 512
[  381.586570][   T29] audit: type=1400 audit(1759040235.059:25491): avc:  denied  { remount } for  pid=16101 comm="syz.5.4059" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  381.691776][   T29] audit: type=1326 audit(1759040235.099:25492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16104 comm="syz.1.4060" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f437131eec9 code=0x0
[  381.825499][T16092] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.4055: Allocating blocks 1-17 which overlap fs metadata
[  381.841119][T16087] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.4055: Allocating blocks 1-17 which overlap fs metadata
[  381.998055][T16112] lo speed is unknown, defaulting to 1000
[  382.004499][T16112] lo speed is unknown, defaulting to 1000
[  382.074396][T16113] loop5: detected capacity change from 0 to 128
[  382.126027][T16113] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  382.263387][T16113] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  382.367673][   T37] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  382.436167][T16111] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  382.447048][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.472558][T16111] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  382.479833][T16111] IPv6: NLM_F_CREATE should be set when creating new route
[  382.516787][T16110] tipc: Resetting bearer <eth:syzkaller0>
[  382.569571][T16121] loop3: detected capacity change from 0 to 1024
[  382.576943][T16110] tipc: Disabling bearer <eth:syzkaller0>
[  382.583679][T16120] loop2: detected capacity change from 0 to 512
[  382.586830][T16121] EXT4-fs: Ignoring removed nomblk_io_submit option
[  382.606835][T16120] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  382.611633][T16121] EXT4-fs: Ignoring removed nobh option
[  382.630278][T16120] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082]
[  382.638660][T16120] System zones: 1-12
[  382.644256][T16120] EXT4-fs (loop2): 1 truncate cleaned up
[  382.650401][T16120] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.667820][T16124] netlink: 'syz.1.4067': attribute type 4 has an invalid length.
[  382.689825][T16121] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.724879][T16128] __nla_validate_parse: 6 callbacks suppressed
[  382.724896][T16128] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4068'.
[  382.783012][T16128] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4068'.
[  382.799594][T16121] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4063'.
[  383.008611][T16138] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  383.015899][T16138] syzkaller0: entered promiscuous mode
[  383.021384][T16138] syzkaller0: entered allmulticast mode
[  383.030350][T16137] tipc: Resetting bearer <eth:syzkaller0>
[  383.053032][T16137] tipc: Disabling bearer <eth:syzkaller0>
[  383.088198][T12862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.197690][T16121] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.4063: Allocating blocks 1-17 which overlap fs metadata
[  383.241940][T16133] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.4063: Allocating blocks 1-17 which overlap fs metadata
[  383.439548][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.470877][T16157] loop2: detected capacity change from 0 to 512
[  383.478415][T16160] netlink: 'syz.3.4079': attribute type 4 has an invalid length.
[  383.498203][T16162] loop5: detected capacity change from 0 to 128
[  383.508359][T16162] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  383.516453][T16162] FAT-fs (loop5): Filesystem has been set read-only
[  383.524097][T16162] bio_check_eod: 44121 callbacks suppressed
[  383.524117][T16162] syz.5.4080: attempt to access beyond end of device
[  383.524117][T16162] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  383.577247][T16162] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  383.585181][T16162] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  383.631059][T16162] syz.5.4080: attempt to access beyond end of device
[  383.631059][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.667452][T16162] syz.5.4080: attempt to access beyond end of device
[  383.667452][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.687806][T16162] syz.5.4080: attempt to access beyond end of device
[  383.687806][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.701395][T16162] syz.5.4080: attempt to access beyond end of device
[  383.701395][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.734247][T16162] syz.5.4080: attempt to access beyond end of device
[  383.734247][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.747879][T16162] syz.5.4080: attempt to access beyond end of device
[  383.747879][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.762954][T16162] syz.5.4080: attempt to access beyond end of device
[  383.762954][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.770772][T16168] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4082'.
[  383.777386][T16162] syz.5.4080: attempt to access beyond end of device
[  383.777386][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.794022][T16168] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4082'.
[  383.799847][T16162] syz.5.4080: attempt to access beyond end of device
[  383.799847][T16162] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  383.936498][T16177] sctp: [Deprecated]: syz.2.4086 (pid 16177) Use of struct sctp_assoc_value in delayed_ack socket option.
[  383.936498][T16177] Use struct sctp_sack_info instead
[  384.161398][T16194] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4091'.
[  384.248608][T16193] loop3: detected capacity change from 0 to 512
[  384.287373][T16193] EXT4-fs: Ignoring removed mblk_io_submit option
[  384.308274][T16193] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  384.351590][T16202] netlink: 'syz.4.4093': attribute type 1 has an invalid length.
[  384.390989][T16193] EXT4-fs (loop3): 1 truncate cleaned up
[  384.399545][T16202] 8021q: adding VLAN 0 to HW filter on device bond1
[  384.423703][T16193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.532607][T16202] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4093'.
[  384.620733][T16202] bond1 (unregistering): Released all slaves
[  384.714041][T16219] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4099'.
[  384.851825][T16219] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4099'.
[  385.229872][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.254299][T16221] loop2: detected capacity change from 0 to 512
[  385.364958][T16223] loop3: detected capacity change from 0 to 512
[  385.382012][T16223] EXT4-fs: Ignoring removed mblk_io_submit option
[  385.398904][T16223] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  385.425305][T16223] EXT4-fs (loop3): 1 truncate cleaned up
[  385.432775][T16223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.637810][T16228] loop2: detected capacity change from 0 to 1024
[  385.660032][T16228] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  385.671003][T16228] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  385.702174][T16228] JBD2: no valid journal superblock found
[  385.707970][T16228] EXT4-fs (loop2): Could not load journal inode
[  385.791433][   T29] kauditd_printk_skb: 262 callbacks suppressed
[  385.797788][   T29] audit: type=1400 audit(1759040239.259:25755): avc:  denied  { create } for  pid=16227 comm="syz.2.4103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  385.830807][T16243] tipc: Can't bind to reserved service type 0
[  385.856668][T16228] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4103'.
[  385.896613][   T29] audit: type=1400 audit(1759040239.289:25756): avc:  denied  { setopt } for  pid=16227 comm="syz.2.4103" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  385.917293][   T29] audit: type=1400 audit(1759040239.289:25757): avc:  denied  { module_request } for  pid=16227 comm="syz.2.4103" kmod="netdev-syz_tun" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  385.939675][   T29] audit: type=1400 audit(1759040239.299:25758): avc:  denied  { create } for  pid=16242 comm="syz.5.4107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  385.959515][   T29] audit: type=1400 audit(1759040239.299:25759): avc:  denied  { bind } for  pid=16242 comm="syz.5.4107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  385.979322][   T29] audit: type=1400 audit(1759040239.309:25760): avc:  denied  { sys_module } for  pid=16227 comm="syz.2.4103" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  386.000679][   T29] audit: type=1400 audit(1759040239.339:25761): avc:  denied  { create } for  pid=16242 comm="syz.5.4107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  386.021564][   T29] audit: type=1400 audit(1759040239.339:25762): avc:  denied  { ioctl } for  pid=16242 comm="syz.5.4107" path="socket:[52318]" dev="sockfs" ino=52318 ioctlcmd=0x5828 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  386.046957][   T29] audit: type=1400 audit(1759040239.339:25763): avc:  denied  { write } for  pid=16242 comm="syz.5.4107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  386.068010][   T29] audit: type=1400 audit(1759040239.339:25764): avc:  denied  { write } for  pid=16242 comm="syz.5.4107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  386.662280][T16273] lo speed is unknown, defaulting to 1000
[  386.669074][T16273] lo speed is unknown, defaulting to 1000
[  386.902353][T16278] netlink: 'syz.1.4121': attribute type 1 has an invalid length.
[  386.964324][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.979881][T16279] loop2: detected capacity change from 0 to 1024
[  386.987441][T16279] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  386.998634][T16279] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  387.021408][T16278] 8021q: adding VLAN 0 to HW filter on device bond2
[  387.026987][T16279] JBD2: no valid journal superblock found
[  387.034101][T16279] EXT4-fs (loop2): Could not load journal inode
[  387.043138][T16281] bond2 (unregistering): Released all slaves
[  387.191900][T16290] FAULT_INJECTION: forcing a failure.
[  387.191900][T16290] name failslab, interval 1, probability 0, space 0, times 0
[  387.204650][T16290] CPU: 0 UID: 0 PID: 16290 Comm: syz.5.4125 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  387.204685][T16290] Tainted: [W]=WARN
[  387.204692][T16290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  387.204708][T16290] Call Trace:
[  387.204717][T16290]  <TASK>
[  387.204728][T16290]  __dump_stack+0x1d/0x30
[  387.204785][T16290]  dump_stack_lvl+0xe8/0x140
[  387.204805][T16290]  dump_stack+0x15/0x1b
[  387.204834][T16290]  should_fail_ex+0x265/0x280
[  387.204865][T16290]  should_failslab+0x8c/0xb0
[  387.204898][T16290]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  387.204951][T16290]  ? sidtab_sid2str_get+0xa0/0x130
[  387.204983][T16290]  kmemdup_noprof+0x2b/0x70
[  387.205014][T16290]  sidtab_sid2str_get+0xa0/0x130
[  387.205138][T16290]  security_sid_to_context_core+0x1eb/0x2e0
[  387.205171][T16290]  security_sid_to_context+0x27/0x40
[  387.205197][T16290]  selinux_lsmprop_to_secctx+0x67/0xf0
[  387.205279][T16290]  security_lsmprop_to_secctx+0x43/0x80
[  387.205319][T16290]  audit_log_task_context+0x77/0x190
[  387.205360][T16290]  audit_log_task+0xf4/0x250
[  387.205397][T16290]  audit_seccomp+0x61/0x100
[  387.205445][T16290]  ? __seccomp_filter+0x68c/0x10d0
[  387.205468][T16290]  __seccomp_filter+0x69d/0x10d0
[  387.205491][T16290]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  387.205594][T16290]  ? vfs_write+0x7e8/0x960
[  387.205623][T16290]  ? __rcu_read_unlock+0x4f/0x70
[  387.205700][T16290]  ? __fget_files+0x184/0x1c0
[  387.205812][T16290]  __secure_computing+0x82/0x150
[  387.205836][T16290]  syscall_trace_enter+0xcf/0x1e0
[  387.205862][T16290]  do_syscall_64+0xac/0x200
[  387.205893][T16290]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  387.205934][T16290]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  387.205972][T16290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.206001][T16290] RIP: 0033:0x7f12f45beec9
[  387.206021][T16290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.206040][T16290] RSP: 002b:00007f12f301f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad
[  387.206086][T16290] RAX: ffffffffffffffda RBX: 00007f12f4815fa0 RCX: 00007f12f45beec9
[  387.206100][T16290] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000002
[  387.206128][T16290] RBP: 00007f12f301f090 R08: 0000000000000000 R09: 0000000000000000
[  387.206238][T16290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.206255][T16290] R13: 00007f12f4816038 R14: 00007f12f4815fa0 R15: 00007ffe0cd1ff68
[  387.206281][T16290]  </TASK>
[  387.535280][T16295] loop3: detected capacity change from 0 to 512
[  387.662084][T16303] loop3: detected capacity change from 0 to 1024
[  387.694679][T16303] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  387.751387][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.893216][T16312] lo speed is unknown, defaulting to 1000
[  387.899921][T16312] lo speed is unknown, defaulting to 1000
[  387.977334][T16314] netlink: 'syz.2.4131': attribute type 4 has an invalid length.
[  388.494222][T16326] loop3: detected capacity change from 0 to 1024
[  388.534903][T16326] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  388.585722][T16326] netlink: 'syz.3.4135': attribute type 1 has an invalid length.
[  388.608938][T16326] loop3: detected capacity change from 0 to 512
[  388.632574][T16337] loop4: detected capacity change from 0 to 512
[  388.649451][T16326] EXT4-fs: Ignoring removed mblk_io_submit option
[  388.681241][T16326] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  388.834191][T16326] EXT4-fs (loop3): 1 truncate cleaned up
[  388.840184][T16326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.075675][T16356] lo speed is unknown, defaulting to 1000
[  389.081995][T16356] lo speed is unknown, defaulting to 1000
[  389.231072][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.499604][T16371] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  389.519196][T16370] tipc: Resetting bearer <eth:syzkaller0>
[  389.555509][T16370] tipc: Disabling bearer <eth:syzkaller0>
[  389.649700][T16391] loop5: detected capacity change from 0 to 1024
[  389.668922][T16391] EXT4-fs: Ignoring removed nomblk_io_submit option
[  389.684279][T16391] EXT4-fs: Ignoring removed nobh option
[  389.721339][T16391] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.760904][T16409] loop2: detected capacity change from 0 to 1024
[  389.769076][T16409] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  389.780124][T16409] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  389.790936][T16409] JBD2: no valid journal superblock found
[  389.796760][T16409] EXT4-fs (loop2): Could not load journal inode
[  389.797119][T16414] loop3: detected capacity change from 0 to 128
[  389.841244][T16414] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  389.849219][T16414] FAT-fs (loop3): Filesystem has been set read-only
[  389.866253][T16414] bio_check_eod: 11648 callbacks suppressed
[  389.866273][T16414] syz.3.4158: attempt to access beyond end of device
[  389.866273][T16414] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  389.886398][T16421] __nla_validate_parse: 4 callbacks suppressed
[  389.886415][T16421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4160'.
[  389.903811][T16414] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  389.911708][T16414] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  389.919750][T16414] syz.3.4158: attempt to access beyond end of device
[  389.919750][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  389.933195][T16414] syz.3.4158: attempt to access beyond end of device
[  389.933195][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  389.946619][T16414] syz.3.4158: attempt to access beyond end of device
[  389.946619][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  389.960271][T16414] syz.3.4158: attempt to access beyond end of device
[  389.960271][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  389.973909][T16414] syz.3.4158: attempt to access beyond end of device
[  389.973909][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  389.987523][T16414] syz.3.4158: attempt to access beyond end of device
[  389.987523][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  390.002216][T16414] syz.3.4158: attempt to access beyond end of device
[  390.002216][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  390.016349][T16414] syz.3.4158: attempt to access beyond end of device
[  390.016349][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  390.036476][T16414] syz.3.4158: attempt to access beyond end of device
[  390.036476][T16414] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  390.290432][T16415] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.4156: Allocating blocks 1-17 which overlap fs metadata
[  390.429226][T16432] lo speed is unknown, defaulting to 1000
[  390.435643][T16432] lo speed is unknown, defaulting to 1000
[  390.536650][T16391] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.4156: Allocating blocks 1-17 which overlap fs metadata
[  390.621493][T16436] loop2: detected capacity change from 0 to 128
[  390.686874][T16436] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  390.752871][T16436] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  390.771507][T14992] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.801817][   T29] kauditd_printk_skb: 304 callbacks suppressed
[  390.801894][   T29] audit: type=1400 audit(1759040244.279:26068): avc:  denied  { remount } for  pid=16435 comm="syz.2.4168" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  390.803885][ T1769] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  390.886805][T16443] tipc: Started in network mode
[  390.891794][T16443] tipc: Node identity 12940561e1ad, cluster identity 4711
[  390.899121][T16443] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  390.908141][T16446] loop5: detected capacity change from 0 to 128
[  390.915041][T16446] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  390.929562][   T29] audit: type=1400 audit(1759040244.399:26069): avc:  denied  { unmount } for  pid=11957 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  390.950788][T16446] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  390.967858][T16435] tipc: Resetting bearer <eth:syzkaller0>
[  390.987306][ T1769] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  391.056585][T16452] loop4: detected capacity change from 0 to 128
[  391.062197][T16435] tipc: Disabling bearer <eth:syzkaller0>
[  391.063632][T16452] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  391.084256][T16452] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  391.125320][T16446] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  391.130393][T16457] loop3: detected capacity change from 0 to 512
[  391.139938][T16445] tipc: Resetting bearer <eth:syzkaller0>
[  391.143331][ T1769] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  391.181439][T16445] tipc: Disabling bearer <eth:syzkaller0>
[  391.199614][T16452] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  391.226406][   T29] audit: type=1400 audit(1759040244.689:26070): avc:  denied  { read write } for  pid=11957 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  391.242158][T16462] loop2: detected capacity change from 0 to 2048
[  391.250888][   T29] audit: type=1400 audit(1759040244.689:26071): avc:  denied  { open } for  pid=11957 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  391.281474][   T29] audit: type=1400 audit(1759040244.689:26072): avc:  denied  { ioctl } for  pid=11957 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  391.307267][   T29] audit: type=1400 audit(1759040244.699:26073): avc:  denied  { recv } for  pid=22 comm="ksoftirqd/1" saddr=10.128.0.163 src=30036 daddr=10.128.1.183 dest=47928 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  391.314360][T16462] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  391.332776][   T29] audit: type=1400 audit(1759040244.699:26074): avc:  denied  { map_create } for  pid=16461 comm="syz.2.4178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  391.364140][   T29] audit: type=1400 audit(1759040244.699:26075): avc:  denied  { bpf } for  pid=16461 comm="syz.2.4178" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  391.384921][   T29] audit: type=1400 audit(1759040244.699:26076): avc:  denied  { map_read map_write } for  pid=16461 comm="syz.2.4178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  391.405089][   T29] audit: type=1400 audit(1759040244.699:26077): avc:  denied  { prog_load } for  pid=16461 comm="syz.2.4178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  391.488686][T16472] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  391.541541][T16472] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1708 with error 28
[  391.554316][T16472] EXT4-fs (loop2): This should not happen!! Data will be lost
[  391.554316][T16472] 
[  391.564276][T16472] EXT4-fs (loop2): Total free blocks count 0
[  391.570553][T16472] EXT4-fs (loop2): Free/Dirty block details
[  391.576511][T16472] EXT4-fs (loop2): free_blocks=2415919104
[  391.582310][T16472] EXT4-fs (loop2): dirty_blocks=1712
[  391.582327][T16472] EXT4-fs (loop2): Block reservation details
[  391.582339][T16472] EXT4-fs (loop2): i_reserved_data_blocks=107
[  391.678974][T16478] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  391.686180][T16478] syzkaller0: entered promiscuous mode
[  391.691750][T16478] syzkaller0: entered allmulticast mode
[  391.733174][T16477] tipc: Resetting bearer <eth:syzkaller0>
[  391.798402][T16477] tipc: Disabling bearer <eth:syzkaller0>
[  391.831150][T16486] loop3: detected capacity change from 0 to 1024
[  391.838597][T16486] EXT4-fs: Ignoring removed nomblk_io_submit option
[  391.846371][T16486] EXT4-fs: Ignoring removed nobh option
[  391.860295][T16484] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  391.869767][T16486] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.883085][T16484] syzkaller0: entered promiscuous mode
[  391.888659][T16484] syzkaller0: entered allmulticast mode
[  391.904256][T16483] tipc: Resetting bearer <eth:syzkaller0>
[  391.909916][T16486] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4184'.
[  391.953647][T16483] tipc: Disabling bearer <eth:syzkaller0>
[  392.115508][ T7394] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  392.165174][T16499] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4187'.
[  392.329590][T16492] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.4184: Allocating blocks 1-17 which overlap fs metadata
[  392.348752][T16486] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.4184: Allocating blocks 1-17 which overlap fs metadata
[  392.537366][T16519] tap0: tun_chr_ioctl cmd 2147767521
[  392.632031][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.740516][T16529] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4200'.
[  392.785232][T16538] loop3: detected capacity change from 0 to 128
[  392.796598][T16538] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  392.804574][T16538] FAT-fs (loop3): Filesystem has been set read-only
[  392.815460][T16538] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  392.823406][T16538] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  392.869718][T16540] loop4: detected capacity change from 0 to 128
[  392.886976][T16540] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  392.922883][T16540] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  392.957039][ T7394] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  392.983573][T16540] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  393.127678][T16550] loop4: detected capacity change from 0 to 512
[  393.144814][T16550] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  393.173246][T16550] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082]
[  393.202811][T16550] System zones: 1-12
[  393.218677][T16550] EXT4-fs (loop4): 1 truncate cleaned up
[  393.242575][T16550] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  393.262543][T16558] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4210'.
[  393.369594][T16563] veth0: entered promiscuous mode
[  393.403865][T16563] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4212'.
[  393.549929][T13031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.830726][T16597] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4224'.
[  393.989648][T16607] loop5: detected capacity change from 0 to 128
[  394.022833][T16607] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  394.030757][T16607] FAT-fs (loop5): Filesystem has been set read-only
[  394.053018][T16607] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  394.060917][T16607] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  394.229150][T16625] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4237'.
[  394.240366][T16625] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4237'.
[  394.475971][T16633] syzkaller0: entered allmulticast mode
[  394.527049][T16635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4241'.
[  394.556951][T16638] syzkaller0: entered promiscuous mode
[  394.564663][T16638] syzkaller0 (unregistering): left allmulticast mode
[  394.571395][T16638] syzkaller0 (unregistering): left promiscuous mode
[  394.605815][T16642] loop2: detected capacity change from 0 to 1024
[  394.623263][T16642] EXT4-fs: Ignoring removed nomblk_io_submit option
[  394.642067][T16642] EXT4-fs: Ignoring removed nobh option
[  394.663843][T16647] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  394.672812][T16646] tipc: Disabling bearer <eth:syzkaller0>
[  394.680866][T16642] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.726603][T16651] netlink: 'syz.1.4246': attribute type 4 has an invalid length.
[  394.816438][T16654] ==================================================================
[  394.824581][T16654] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[  394.831754][T16654] 
[  394.834270][T16654] write to 0xffff888106f853ec of 4 bytes by task 16642 on cpu 0:
[  394.841999][T16654]  xas_set_mark+0x12b/0x140
[  394.846554][T16654]  __folio_start_writeback+0x1dd/0x440
[  394.852037][T16654]  ext4_bio_write_folio+0x5ad/0x9f0
[  394.857261][T16654]  mpage_process_page_bufs+0x4a1/0x620
[  394.862735][T16654]  mpage_prepare_extent_to_map+0x786/0xc00
[  394.868558][T16654]  ext4_do_writepages+0xa05/0x2750
[  394.873721][T16654]  ext4_writepages+0x176/0x300
[  394.878503][T16654]  do_writepages+0x1c3/0x310
[  394.883109][T16654]  file_write_and_wait_range+0x156/0x2c0
[  394.888763][T16654]  generic_buffers_fsync_noflush+0x45/0x120
[  394.894674][T16654]  ext4_sync_file+0x1ab/0x690
[  394.899362][T16654]  vfs_fsync_range+0x10a/0x130
[  394.904135][T16654]  ext4_buffered_write_iter+0x34f/0x3c0
[  394.909706][T16654]  ext4_file_write_iter+0xdbf/0xf00
[  394.914924][T16654]  iter_file_splice_write+0x666/0xa60
[  394.920313][T16654]  direct_splice_actor+0x156/0x2a0
[  394.925446][T16654]  splice_direct_to_actor+0x312/0x680
[  394.930835][T16654]  do_splice_direct+0xda/0x150
[  394.935617][T16654]  do_sendfile+0x380/0x650
[  394.940062][T16654]  __x64_sys_sendfile64+0x105/0x150
[  394.945320][T16654]  x64_sys_call+0x2bb0/0x2ff0
[  394.950095][T16654]  do_syscall_64+0xd2/0x200
[  394.954628][T16654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.960535][T16654] 
[  394.962863][T16654] read to 0xffff888106f853ec of 4 bytes by task 16654 on cpu 1:
[  394.970524][T16654]  xas_find_marked+0x5dc/0x620
[  394.975310][T16654]  find_get_entry+0x5d/0x380
[  394.979908][T16654]  filemap_get_folios_tag+0x92/0x210
[  394.985204][T16654]  mpage_prepare_extent_to_map+0x320/0xc00
[  394.991028][T16654]  ext4_do_writepages+0x708/0x2750
[  394.996166][T16654]  ext4_writepages+0x176/0x300
[  395.000943][T16654]  do_writepages+0x1c3/0x310
[  395.005550][T16654]  filemap_write_and_wait_range+0x144/0x340
[  395.011474][T16654]  filemap_invalidate_pages+0xa4/0x1a0
[  395.016943][T16654]  kiocb_invalidate_pages+0x6e/0x80
[  395.022150][T16654]  __iomap_dio_rw+0x5d4/0x1250
[  395.026945][T16654]  iomap_dio_rw+0x40/0x90
[  395.031284][T16654]  ext4_file_write_iter+0xad9/0xf00
[  395.036509][T16654]  iter_file_splice_write+0x666/0xa60
[  395.041894][T16654]  direct_splice_actor+0x156/0x2a0
[  395.047015][T16654]  splice_direct_to_actor+0x312/0x680
[  395.052398][T16654]  do_splice_direct+0xda/0x150
[  395.057173][T16654]  do_sendfile+0x380/0x650
[  395.061648][T16654]  __x64_sys_sendfile64+0x105/0x150
[  395.066865][T16654]  x64_sys_call+0x2bb0/0x2ff0
[  395.071553][T16654]  do_syscall_64+0xd2/0x200
[  395.076098][T16654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.082004][T16654] 
[  395.084331][T16654] value changed: 0x0a000021 -> 0x04000021
[  395.090053][T16654] 
[  395.092384][T16654] Reported by Kernel Concurrency Sanitizer on:
[  395.098792][T16654] CPU: 1 UID: 0 PID: 16654 Comm: syz.2.4242 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  395.110221][T16654] Tainted: [W]=WARN
[  395.114031][T16654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  395.124097][T16654] ==================================================================
[  395.135019][T16607] bio_check_eod: 40282 callbacks suppressed
[  395.135035][T16607] syz.5.4229: attempt to access beyond end of device
[  395.135035][T16607] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  395.186742][T16661] loop3: detected capacity change from 0 to 512
[  395.195145][T16661] EXT4-fs: Ignoring removed mblk_io_submit option
[  395.202072][T16661] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  395.217973][T16661] EXT4-fs (loop3): 1 truncate cleaned up
[  395.224545][T16661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  395.508635][T12862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.053628][T11957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.