last executing test programs:

3m18.705350182s ago: executing program 4 (id=837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
r2 = gettid()
r3 = getpid()
rt_tgsigqueueinfo(r3, r2, 0x1a, &(0x7f0000000140)={0x0, 0x0, 0x3})

3m18.663109303s ago: executing program 4 (id=838):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000240)=[{&(0x7f0000000280)="580000001400add427323b472545b45602117fffffff81004e204e227f000001925aa80020007b0009008003000000000000000000ff0000f03ac71002000000fffffffffeffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
ioprio_set$pid(0x1, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
ioprio_set$pid(0x1, 0x0, 0x4007)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r5}, 0x18)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200000000140001"], 0xfc}}, 0x20000004)
sendfile(r2, r3, 0x0, 0x20000023896)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x10, 0x1418, 0x1, 0x20, 0x25dfdbfe}, 0x10}}, 0x0)
getsockopt$bt_hci(r6, 0x84, 0x70, &(0x7f0000000000)=""/4103, &(0x7f0000001080)=0x1007)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e0301000000000064050000000000006916300000000000bf07000000000000260507000fff07206706000020000000470600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
timer_create(0x1, &(0x7f00000003c0)={0x0, 0x16, 0x0, @thr={&(0x7f0000000180)="abf5368d5489d27b01cc8228d66daab4c170c07c4a0c411bc4f32fbcd1cbd1a1834c1d0fd6afa50d35c8c522107129f60bff0c3bb801b7f0a2ac80b09fc89269ff57e9", &(0x7f0000000300)="a187679daef9832d5fec3cbd43d4445936a2ca80778f2b6970ee52e44757a6c71bfd9c40160d054ae19c61a0f84cd1d8686df1e31facb88d3261f8a87592318ead953325f2a2589c6c9ac78866ff37c163684c97e1978a3a01633df19d19c492c7b474b26da262333b671d2c8b0f4f2ece762b6d5604f7d777cbf6f9f9cf183a077f3637a1596ff401dc1939f79b1c5d720721270a6e71e9f833ec4919071ce3358231605a57e8b501ce57a756c84b699e44db0c0d61170ce087a67ed5"}}, &(0x7f0000000400))
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

3m18.572491214s ago: executing program 4 (id=840):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, 0x0, 0x82, 0x2000000}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

3m18.506859485s ago: executing program 4 (id=841):
socket$nl_audit(0x10, 0x3, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = epoll_create(0x3ff)
r1 = epoll_create1(0x80000)
r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000340)='syz0\x00', 0x200002, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r3=>r2}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x5}, @jmp={0x5, 0x0, 0x9, 0x0, 0x4, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x1200000, &(0x7f0000000940)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@noquota}, {@nobh}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x57e, &(0x7f0000001b40)="$eJzs3c9rHOUbAPBnNkl/f79NoRT1IIEerNRumsQfFYTWo2ixoPe6JNNQsumW7KY0sdD2YC9epAgiFsQ/wLvH4j8gePVc0EKREvTgJTKb2XabzSabZHW37ucD077vzGSfeXfmffd5d3bZAAbWWPZPIeLFiPgiiTjctG048o1ja/utPL4xnS1JrK5+9HsSSb6usX+S/38wr7wQET9+FnGy0Bq3urQ8VyqX04W8Pl6bvzpeXVo+dXm+NJvOplcmp6bOvDE1+fZbb3atra9e+PPrD++/d+bz4ytfff/wyN0kzsWhfFtzO3bhVnNlLMby52Qkzq3bcaILwfpJ0usDYEeG8n4+EtkYcDiG8l4P/PfdjIhVYEAl+j8MqEYe0Jjbd2ke/Nx49O7aBKi1/cNr743Evvrc6MBK8szMKJvvjnYhfhbjh9/u3c2W2OJ9iJtdiAfQcOt2RJweHm4d/5J8/Nu50/U3jze3Psagvf5AL93P8p/XNsp/Ck/yn2jJf36uZ467HR+io/5feNiFMG1l+d87G+a/T4au0aG89r96zjeSXLpcTk9HxP8j4kSM7M3qm93PObPyYLXdtub8L1uy+I1cMD+Oh8N7n/2bmVKttJs2N3t0O+Klp/lvEi3j/756rrs+/82ejwsdxjiW3nu53bat29+s+xnw6ncRr2x4/p/e0Uo2vz85Xr8exhtXRas/7hz7qV387bW/+7Lzf2Dz9o8mzfdrq9uP8e2+v9J223Z6/e9JPq6X9+TrrpdqtYWJiD3JB63rJ5/+baPe2D9r/4njm49/G13/+yPikw7bf+fonba79sP5n9nW+d9+4cH7n37TLn5n5//1eulEvqaT8a/TA9zNcwcAAAAAAAD9phARhyIpFJ+UC4Vice07vEfjQKFcqdZOXqosXpmJ+ndlR2Ok0LjTfbjp8xAT+edhG/XJdfWpiDgSEV8O7a/Xi9OV8kyvGw8AAAAAAAAAAAAAAAAAAAB94mCb7/9nfh3q9dEB/zg/+Q2Da8v+341fegL6ktd/GFz6Pwwu/R8GV4f9/5ctf80deO54/YfBpf/D4NL/YXBt3P/N9gEAAAAAAAAAAAAAAAAAAAAAAAAAAGCHLpw/ny2rK49vTGf1mWtLi3OVa6dm0upccX5xujhdWbhanK1UZstpcboyv9XjlSuVqxOTsXh9vJZWa+PVpeWL85XFK7WLl+dLs+nFdORfaRUAAAAAAAAAAAAAAAAAAAA8X6pLy3OlcjldUGhbOBt9cRg7LiRbneWz+cWwoxDDm+2zfzePrNDLQg8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY5+8AAAD//5d3NP0=")
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
setns(r6, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x9000, &(0x7f0000001dc0)={0x8, 0x70, 0x80000}, 0x20)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0), 0x111}}, 0x20)
r7 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
write$tun(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="080008000700000000031400000045f0003afffe0000002f9078ac1414bbffffffffa20022eb", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000003f88a8349f246e0000000000000069524fcdba7ef0c5b3"], 0x48)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000280)={0x2000000})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000005000000080000000f"], 0x50)
r8 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f00000000c0)={@private2, 0x0, 0x0, 0x1, 0x1, 0x4000, 0x1}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000840), 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ffc40bffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400210000000404000001000000b7050000220000006a0a00fe00000000850000000b000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f0170720596bb3b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100"/172], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070"], 0x40}}, 0x0)
socket$rxrpc(0x21, 0x2, 0x2)

3m16.940987749s ago: executing program 4 (id=859):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
r2 = gettid()
r3 = getpid()
rt_tgsigqueueinfo(r3, r2, 0x1a, &(0x7f0000000140)={0x0, 0x0, 0x3})

3m16.708758393s ago: executing program 4 (id=865):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc4642d7b58d8c93efd7b6b39c68a16d75a7852dfc37a6a50cb28a9b6f685a465d08fc603d81d8ddd5296fae97be1401a8be7748a71fcdc85ba2049e96c4e6dce59b88cd5472726bc237fbcf3ffcbf32e2aac9b2f9d6013b59780ded723b08c767fa091e2fa4d51863500fcd5041bcc98a685504835743194113ea0b97b4f9ddc395b9ac4defefadd37a8871fd91f31a56eb96ecf90000000000000000000000000000000000000000000c447ea475c236c3b7f24079fe375f3f861fc54d9d8a04a6cb8c0dbf9e9cc53a84a5795ae5ebcbd825e3572df16fbdcd395e995fa4fcbbf31583d9e1d3ff537f401a3139200a8bd2122157887199cd54075a4d5b29935dda5c6aa0f3ac6895eb73c7abbd4603abdaa8629dedb2cab0fa80f9514ad310491a9a300015c18cdfd9342cff50d849d7516134d45d1a8cf157abe0c79de543993cf689f8a7113508fbf8a610417045e6c38a5d4ff4656dbd9656ad6ce625e1674ab57944ebb834743a248a2be304ba1e037cb63a169d340be8befc1b238aa26e24"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183}, 0x94)
r2 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
sendmsg$rds(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002980)=""/4112, 0x1010}], 0x1}, 0x0)
write(r2, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f00000004c0)}, 0x8}], 0x1, 0x40010000, 0x0)

3m16.637002414s ago: executing program 32 (id=865):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc4642d7b58d8c93efd7b6b39c68a16d75a7852dfc37a6a50cb28a9b6f685a465d08fc603d81d8ddd5296fae97be1401a8be7748a71fcdc85ba2049e96c4e6dce59b88cd5472726bc237fbcf3ffcbf32e2aac9b2f9d6013b59780ded723b08c767fa091e2fa4d51863500fcd5041bcc98a685504835743194113ea0b97b4f9ddc395b9ac4defefadd37a8871fd91f31a56eb96ecf90000000000000000000000000000000000000000000c447ea475c236c3b7f24079fe375f3f861fc54d9d8a04a6cb8c0dbf9e9cc53a84a5795ae5ebcbd825e3572df16fbdcd395e995fa4fcbbf31583d9e1d3ff537f401a3139200a8bd2122157887199cd54075a4d5b29935dda5c6aa0f3ac6895eb73c7abbd4603abdaa8629dedb2cab0fa80f9514ad310491a9a300015c18cdfd9342cff50d849d7516134d45d1a8cf157abe0c79de543993cf689f8a7113508fbf8a610417045e6c38a5d4ff4656dbd9656ad6ce625e1674ab57944ebb834743a248a2be304ba1e037cb63a169d340be8befc1b238aa26e24"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183}, 0x94)
r2 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
sendmsg$rds(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002980)=""/4112, 0x1010}], 0x1}, 0x0)
write(r2, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f00000004c0)}, 0x8}], 0x1, 0x40010000, 0x0)

2.708025149s ago: executing program 1 (id=3496):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00'}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x3}, 0x8)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x6, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

2.094898068s ago: executing program 2 (id=3505):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x30, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x80}, [@FRA_SRC={0x14, 0x2, @empty}]}, 0x30}, 0x1, 0x0, 0x0, 0xc1}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setresuid(0x0, 0xee00, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
set_mempolicy(0x3, &(0x7f00000000c0)=0x3, 0x5)
setns(r2, 0x24020000)
syz_clone(0x16040020, 0x0, 0x0, 0x0, 0x0, 0x0)

2.078364639s ago: executing program 2 (id=3506):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x2, 0x4001}, 0xc)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000a40)={0x0, 0x465d, 0x800, 0x6, 0x14a}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0x0)

2.033760189s ago: executing program 1 (id=3507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$nl_audit(0x10, 0x3, 0x9)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
fspick(0xffffffffffffffff, 0x0, 0x1)

1.947156761s ago: executing program 2 (id=3509):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
dup(r1)
socket(0x10, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
dup(r2)
eventfd2(0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
getpeername$packet(r5, &(0x7f0000000000)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r4, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r6}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1.902615231s ago: executing program 1 (id=3511):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @dev={0xac, 0x14, 0x14, 0x32}}, 0xc)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000001000), 0xe09)
r3 = socket(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a044300040018000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160012000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f)

1.858969712s ago: executing program 2 (id=3512):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffee5)
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1d0000001900000012bb00000c00000080040700", @ANYRES32, @ANYBLOB="0300002100"/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYBLOB], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

1.843376822s ago: executing program 1 (id=3514):
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)={0xa})
epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)

1.721254064s ago: executing program 5 (id=3517):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) (async)
removexattr(&(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000000)=@known='trusted.overlay.nlink\x00') (async)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) (async, rerun: 32)
ioctl$TIOCL_BLANKSCREEN(r1, 0x4b67, &(0x7f0000000180)) (rerun: 32)

1.654921345s ago: executing program 5 (id=3518):
r0 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000001440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r3, 0x0, r2, 0x0, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
r5 = add_key$user(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)="7dc16b94c4750e3c3ea493f1553008bcab0da311c96fcc41854bbcdca66a6c6b4ab56f10f2a588e2555f399c03a41e300c2b63c4383cb7db6993ac7d0d779099597820cc1b7f20eeb3dc8728c7a9df8119f998e9f1f3105e9d710a90b11771480a3fe6169fe969a1b5d12795432b260999dd66118575be44afcb23fcf0796f28e2279960ce33b0d8b4d8daa0c273f5367ddf441ffd033c0e7b1847c2558056946f1edf0d67fb85683506b13692f921480134fac01daeac1113f85e42d217", 0xbe, 0xfffffffffffffffd)
r6 = request_key(&(0x7f00000002c0)='.request_key_auth\x00', &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000340)='\x00', 0xfffffffffffffffc)
keyctl$instantiate(0xc, r5, &(0x7f0000000240)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', '', 0x20, 0x6}, 0x2a, r6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0xf904}, 0x18)
syz_clone(0x44066000, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setpipe(r1, 0x4, 0xfffffffffffff000)

1.236911862s ago: executing program 0 (id=3528):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x100000001)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
connect$inet(r0, 0x0, 0x0)
close(r0)

1.222106992s ago: executing program 0 (id=3529):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f00000006c0)={[{@grpjquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@grpquota}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000001200)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r2, 0x0, 0x0, 0xe7b, 0x0, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = fcntl$getown(r3, 0x9)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000}, r4, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
listen(0xffffffffffffffff, 0xc)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00'}, 0x18)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x368, 0x1d0, 0x11, 0x148, 0x0, 0x0, 0x2d0, 0x2a8, 0x2a8, 0x2d0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x188, 0x1d0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@remote, [0xffffff00, 0xff, 0xffffff00], @ipv6=@dev={0xfe, 0x80, '\x00', 0xe}, [0x0, 0xffffff00], @ipv4=@private=0xa010100, [0xffffff00, 0x0, 0xffffff00], @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0xff000000, 0xff000000, 0xff], 0x8, 0x6, 0x5e, 0x4e21, 0x4e23, 0x4e24, 0x4e21}, 0x40, 0x8e0}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0xffffffff, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@addrtype={{0x30}, {0x242, 0x75f65a4e97d6873f, 0x1}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x3, 0x6, 0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3c8)

1.117075194s ago: executing program 0 (id=3530):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0xa0, 0x71, 0x10, 0x1a}}, 0x0, 0x5}, 0x94)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000480), 0xc0d00)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(r4, 0x4004550d, 0x0)

1.086573583s ago: executing program 0 (id=3531):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000003000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000028ed990cd300b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x934, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}}}, 0x108)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
r6 = socket(0x10, 0x2, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "d1b29b99d21d88a2"}, 0x28)
write$binfmt_script(r7, &(0x7f0000000780)={'#! ', './file0'}, 0xb)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r6, r7, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r10=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r10}}], 0x20, 0x2400e044}, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000340)={0x0, 0x3, 0x0, 0xb, 0x6, 0xff, 0x3, 0x5, r10}, &(0x7f0000000380)=0x20)
getsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={r10, 0x8}, &(0x7f0000000080)=0x8)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r11 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r11, 0x0)

1.044988815s ago: executing program 2 (id=3534):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000002000000000000800000000850000000f0000009500000000"], 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
umount2(&(0x7f00000003c0)='./file0/../file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x14, &(0x7f0000000400)=ANY=[@ANYRES16=r2, @ANYRES32=r0, @ANYBLOB="00000000df000013b7080000000000007b8af8ff00000800bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r3}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r6}, 0x10)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
r8 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x63, 0x0, 0x1, 0x0, 0x0, 0x0, 0x35690, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x2, @perf_bp={0x0}, 0x4220, 0x3, 0x40, 0x5, 0xffffffffffffbbfe, 0x0, 0x4, 0x0, 0xfffffffe, 0x0, 0x192}, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f1, &(0x7f0000000080))
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000180)='./file0/../file0\x00', 0x40002, &(0x7f00000007c0)=ANY=[@ANYRES16=r7, @ANYRESDEC=r5, @ANYRESHEX=r8, @ANYRES16=0x0, @ANYRES32=r3, @ANYRESDEC], 0x1, 0x2f4, &(0x7f00000004c0)="$eJzs3L9PE2EYwPGnPyhtCZTBaDQxvNFFlwtUZ6UxkBibSJAa0cTkgKs2PVvSa2pqjLi5Gv8IB8LIRqL8Ayxuuri4sZg4yGCsae+O0vb4VUqL8P0k5B7ueR/ufdtCnrfhuvno/Yts2tLSelH8YSU+EZEtkWHxi8vnHP21OCQ7vZXrA7++Xn4w+/heIpmcmFZqMjFzI66UGhr59PJ1xBm21i8bw083f8Z/bJzfuLj5d+Z5xlIZS+XyRaWrufz3oj5nGmohY2U1paZMQ7cMlclZRsHO5+182swvLpaVnlsYjC4WDMtSeq6sskZZFfOqWCirwDM9k1OapqnBqGA/qeXpaT3RZvF8hyeDY1IoJPSAiERaMqnlnkwIAAD0VHP/7xfVyf5/5cp6ceDh6pDT/6+FvPr/m9/sn9XQ/4dFxLP/d6/v2f/rh+v/Wzuis+VI/T9OhpFQyylfPawmCwk96vz+2tknK6O1iP4fAAAAAAAAAAAAAAAAAAAAAID/wValEqtUKjH36H71i0hYRNzvPUoDInK7B1NGBx3h+ccpUL9xLzgkYr4rpUop++gMWBcRUwwZlZj8qb0eHNXYvfNIVQ3LZ3PJqV8qpQK1TCItmVr9mMT6pLm+Upm8m5wYU7bG+j6J7qyPS0zOyWzQoz7eUt+/VEqF5NrVHfWaxOTLvOTFlIXaPOr1b8aUunM/2XT9SG0cAAAAAACngaa2ee7fNW23vF2/vb9ufn8gUN9fj3ru74NyKdjbtQMAAAAAcFZY5VdZ3TSNwh5BRPYf034QNE3fgaZxyMBd4UGr3P9lOL6V7hG4F29IhZ2THX9YfId4WHYJ/NJO1Uh1Neqoq3DfNtptjEyNd+8ZbJjGhQ8ff3fuErdWw/ustP0gsPcLoK9rf4AAAAAAdE296XfPjPd2QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnEHd+Ji0Xq8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCn+BQAA//8ycAIY")
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f000051b000/0x1000)=nil, 0x1000, 0x9)
r9 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
write$cgroup_int(r9, &(0x7f0000000540), 0xfffffdd8)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)

698.26427ms ago: executing program 1 (id=3537):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc9ffb}]})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0xa100, 0xc8, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6307e08102030000fe0ea66718330200975a65789ff57b00000000000000cade22000000000000ac9ccb"], 0xfdef)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='bcache_alloc\x00', r5}, 0xffb0)
wait4(0x0, 0x0, 0x40000000, 0x0)

642.985621ms ago: executing program 5 (id=3538):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300000f0000000000000000000000010018000000000005000600000000000a00000000000000fc0200000700000000000000000000000000000000000000020001000000000000000218ff00000005000500000000000a"], 0x78}, 0x1, 0x7}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x7}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYBLOB], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
getpid()
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

515.933563ms ago: executing program 5 (id=3541):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x30, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x80}, [@FRA_SRC={0x14, 0x2, @empty}]}, 0x30}, 0x1, 0x0, 0x0, 0xc1}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setresuid(0x0, 0x0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
set_mempolicy(0x3, &(0x7f00000000c0)=0x3, 0x5)
setns(r2, 0x24020000)
r3 = accept$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @local}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000002c0)={<r4=>0x0, 0x4, 0x20, 0x2, 0x5}, &(0x7f0000000300)=0x18)
setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000340)={r4, 0x7}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000ffffffff00000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0xb)
r6 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r6, &(0x7f00000004c0)={'#! ', '', [{0x20, '\t\t\xf2`:y\xd4H\xfa\xee=d\xd7T\x0f7\x93`\xc6\xd04\xa3\xacQT\x8cj\x83\xa8\xb1\x88H\xe3\x16\xeb\x16\xaa\x91Pn\xcd\xde}$\xad`\xd6(\xa8\xaa\xc67?anM_\xa0\xcf\x82\x84\xf8\xb0\x8amlKL!\xd7\xaaK\xces\x04\x1e*p\x9e\xf2\x16\x01`\xd2+FG\tX)\x910\x00\x00\x00B\x1d\xc7\xd8\xb5\x81\x15\x0f[D8\x88@A$\x88\xa5O&\xae\xe3\b\xa8\xd4\x9b\xabo\xf4\xd1\f\"e\xcdzA\xf49\xc1\xc8\f\x8c\xf3\xa7*O\xe3\xc3L\xd6H\ta\xf5\xc6\xee\xa2\xd4\xde\xe5\x1b\x1e34~\xa8\xb8aQtp\xc8r_\x14K\xd35;\x8f_\xe0|Y\x8b'}]}, 0xb8)
r7 = getuid()
quotactl$Q_SETINFO(0xffffffff00000c04, &(0x7f0000000180)=@sr0, r7, &(0x7f00000001c0)={0x7f, 0xfffffffffffffff6, 0x0, 0x2})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000b00000/0x1000)=nil, 0x1000, 0x17)
syz_emit_ethernet(0x3a, &(0x7f0000000740)=ANY=[@ANYBLOB="ffffffffffffaaaa2aaaaa0008004503002c05000000002f90780000000000000000000088be5352a669900d126d323dc4af17de8f0528b5ecceb3ff7e2e4b5527c2b02597f2dbfd850206d458dc6f84499dc31904fcb70486364fe274ab03c8042cfb8cbf519dba0ccf591e5839dbffd94afdf8fba217fda1d4b39ac24f085319f8970293ad37db0999f1ba0b9688d1cc5cc35bc6ab320c5afd7e645b9107002d5a71b4f7d003b924181d94c70494cbfb1cc23169bd3ef2441af0aaef0d65df403e02a26db572b9ea0000000000000000000000000000e21d886e37970d781ba1424fc9a034887e67bbda2490c375b4a7f4e370e1c9ee419e46f39cddc36561f1620d7368387038c0a27cf9b6d9232bf0bdb5857968e95cca047208f74e256a96b1fa9810d838378fbb9b4c4e45fa6ccb354d0161b42bb9a51d5bbccad84e47752b6e41c9e9031425a7f1ebc9aaf1aba22b1f76dd3295990d0d9430de301d278e6adcdd9371abdc430857fe7947a438febe11a70fcddf4eb8107efaf5ab87d113c6e44ff42e6eb0fdfe282ed231c3b607db67196b13efa420ea42174a3340c94627cb9828f02deef3a7c315bafc32e2fa768cfba698aac2b3106267a253acefbfc589b8f269b5a78a09"], 0x0)
close(r6)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r6, 0x4040534e, &(0x7f0000000080)={0x12, @time={0x1, 0x786a}, 0x4, {0x9, 0x1}, 0x5, 0x0, 0x6})
syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)

484.612943ms ago: executing program 1 (id=3543):
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRES16=r2, @ANYRES64=r1], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20)
r5 = socket$netlink(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140), 0x4240a2ca)
splice(r0, 0x0, r5, 0x0, 0x84ffe0, 0x0)
read(r3, &(0x7f0000032440)=""/102358, 0x18fd6)

446.150743ms ago: executing program 5 (id=3544):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file3\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file7\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffee5)
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1d0000001900000012bb00000c00000080040700", @ANYRES32, @ANYBLOB="0300002100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000040000000300"/24, @ANYRES32, @ANYBLOB], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

431.379674ms ago: executing program 5 (id=3546):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffee5)
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1d0000001900000012bb00000c00000080040700", @ANYRES32, @ANYBLOB="0300002100"/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYBLOB], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

249.276877ms ago: executing program 3 (id=3548):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x50}}, 0x4820)
socket$netlink(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02080000000100000080", @ANYRES32=<r2=>0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x1d, 0x10, &(0x7f0000000440)=ANY=[@ANYRESHEX=r2, @ANYRES8=0x0, @ANYRES16=r1], 0x0, 0x1, 0x0, 0x0, 0x83c00, 0x3b, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
unshare(0x2c060000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="000000920000000000b70800030000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000", @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x7ff}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x18, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="b45478037246f9552ee40a98738926fcdff504a55f63d20d5b56a6f96249a51763c2149616640000000000", @ANYRES8=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
eventfd(0x7)
unshare(0xc000000)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r6, 0x0, 0x4, &(0x7f0000000340)="89", 0x1)

226.923047ms ago: executing program 0 (id=3549):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000002a00)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@acl}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8WloIFETFI2nSBz1wAYHEAQQSHIo4BSetSt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPRenfTxLVDHk6c4s9H2nZmd92Z786OPTtjN4CuNZT+kUTsjohfI2Iwyy4/YSj76+bCbOWvhdlKErXaa38m9fNuLMxW8n9i8XW7sh21Wp7f0aTc+TcjxqvVyct5fmTm4jsj01euPnX+4vi5yXOTl8ZOnz5x/HDfqbGTbYkzjevGwfenDh148Y1rL1fOXHvrx6/T+u7OjxdxtNNQdnWberTdhXXYniXppNzBirAmabulzdVb7/+D0RMDi8cG44WPOlo5YFPVarVas8/n3FwN+A9LotM1ADqj+KBPn3+LbYuGHtvCH89mD0Bp3DfzLTtSjlJ+Tm/D82079UfEmbm/v0i32KR5CACApb5Nxz9PNhv/leKeJef9L19D2RsR/4+IfRFxV0Tsj4i7I+rn3hsR962x/MYVktvHP6Xr6wpsldLx3zP52tby8V8x+ou9PXluTz3+3uTs+erksfyaHI3eHWl+dNlLlvvu+V8+a9z3aT7NPrRk/JduafnFWDCvx/VywwTdxPjMeFuCT+P/MOJguVn8SRTLOElEHIiIg+ss4/zjXx1qdezf419BG9aZal9GPJa1/1w0xF9IWq5Pjj59auzkSH9UJ4+NFHfF7X76ef7VVuVvKP42SNt/Z9P7P4s/fUZM+iOmr1y9UF+vnV57GfO/fVxJWhzbv877vy95vZ7uy/e9Nz4zc3k0oi95Kc0OLNs/duu1Rb44P43/6JHm/X9f9nhWvxL3R0R6Ex+OiAci4sG87R6KiIcj4sgK8f/w3CNvtzrWuv1XmJVvozT+iRXaP33LS1O32n/tiZ4L33/Tqvzaqtr/RD11NN+zmve/1VZwI9cOAAAA7hSl+nfgk9LwYrpUGh7OvsO/P3aWqlPTM0+cnXr30kT2Xfm90VsqZroGl8yHjuZzw0V+rCF/PJ83/rxnoJ4frkxVJzodPHS5XS36f+r3nk7XDth0fq8F3Uv/h+6l/0P30v+he+n/0KX6mu/+YKvrAXTE2j//+zelHsDWM/6H7qX/Q/fS/6ErtfxtfGlDP/m/UxPl7VGNpomB7VGNIhGlbVGN9iVe+STrEtulPkWivOr/zGKdiR1ND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gkAAP//Uo/mdg==")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x0, &(0x7f00000008c0)={[{@jqfmt_vfsv1}, {@nouid32}, {@block_validity}, {@norecovery}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=ANY=[@ANYBLOB="13000000000019ec84e7a49c6eb97a8920ef21a460de63bdfdb24541d8637468bff82c5bbe81a21a49767cc696d627644bdad2e9eaae2b1912e6f0a43256e50228abca38be14bbc89e4a69e1dec0597638ad4a7cc86206b3760f9555fcedb8b292de145d4ee1ac75b60b71127467381124a6fb56ebed4cef245cd23750d55f3dcb62e3c69b7a4ae755d4a715510650dbb7cb7255eebc62e81332465f7ee652c5abc8f056fb3bbf995a13d774b0e8b7e06452860f8bbf64b679fe566c9d561ace5eaab23a97891d276f4a7154e7f5ff", @ANYRES32, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYBLOB="05000000050000000100"/28], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000005000000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x65, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7}, 0x94)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r3, 0x5453, 0x0)
ioctl$TIOCMBIC(r3, 0x5415, 0x0)
socket(0x2, 0x80805, 0x8000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB], 0x164}, 0x1, 0x0, 0x0, 0x400480d}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r5 = open_tree(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x80800)
move_mount(r5, 0x0, 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00'}, 0x10)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'veth0_to_bond\x00'})
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

193.985847ms ago: executing program 3 (id=3550):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x50}}, 0x4820)
socket$netlink(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02080000000100000080", @ANYRES32=<r2=>0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x1d, 0x10, &(0x7f0000000440)=ANY=[@ANYRESHEX=r2, @ANYRES8=0x0, @ANYRES16=r1], 0x0, 0x1, 0x0, 0x0, 0x83c00, 0x3b, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
unshare(0x2c060000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="000000920000000000b70800030000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000", @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x7ff}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x18, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="b45478037246f9552ee40a98738926fcdff504a55f63d20d5b56a6f96249a51763c2149616640000000000", @ANYRES8=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
eventfd(0x7)
unshare(0xc000000)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r6, 0x0, 0x4, &(0x7f0000000340)="89", 0x1)

128.971339ms ago: executing program 2 (id=3551):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000400)={0xa})
epoll_pwait(r1, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)

128.030128ms ago: executing program 3 (id=3552):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000140), 0x0, 0x0, 0x3)

107.677609ms ago: executing program 3 (id=3553):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000003e000701fcf7fffffedbdf25017c00000c00"], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

84.478869ms ago: executing program 0 (id=3554):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f00000006c0)={[{@grpjquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@grpquota}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000001200)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r2, 0x0, 0x0, 0xe7b, 0x0, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = fcntl$getown(r3, 0x9)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000}, r4, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
listen(0xffffffffffffffff, 0xc)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00'}, 0x18)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x368, 0x1d0, 0x11, 0x148, 0x0, 0x0, 0x2d0, 0x2a8, 0x2a8, 0x2d0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x188, 0x1d0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@remote, [0xffffff00, 0xff, 0xffffff00], @ipv6=@dev={0xfe, 0x80, '\x00', 0xe}, [0x0, 0xffffff00], @ipv4=@private=0xa010100, [0xffffff00, 0x0, 0xffffff00], @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0xff000000, 0xff000000, 0xff], 0x8, 0x6, 0x5e, 0x4e21, 0x4e23, 0x4e24, 0x4e21}, 0x40, 0x8e0}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0xffffffff, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@addrtype={{0x30}, {0x242, 0x75f65a4e97d6873f, 0x1}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x3, 0x6, 0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3c8)

75.644739ms ago: executing program 3 (id=3555):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@deltclass={0x44, 0x29, 0x200, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x9, 0xfff1}, {0xffff, 0xe}, {0x0, 0x2}}, [@tclass_kind_options=@c_ingress={0xc}, @tclass_kind_options=@c_drr={{0x8}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0x3}}}]}, 0x44}}, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
close(r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a68000000060a0b040000000000000000020000003c000480200001800a00010071756f7461000000100002800c00014000000000000004011800018011000100666c6f775f6f66666c6f6164000000000900010073797a30000000000900020073797a32"], 0x90}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
syz_open_dev$evdev(&(0x7f0000000040), 0x80000000, 0x444800)
r6 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000100)=@name, &(0x7f0000000140)=0x10, 0x80000)
getsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f00000001c0), &(0x7f00000003c0)=0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x504, &(0x7f00000001c0)="$eJzs3c9vI1cdAPCvvevEyaZNWnoABO3SFha0WifxtlHVQyknhFAlRI8gbYPjjaLYcRQ7pQk5pGeuSFTiBEf+AM49ceeC4MalHJD4EYEaJA6DZjxJnay9iTZZO40/H2k0782b+PveZue99TcbvwDG1u2I2I+IiYh4LyJm8+uF/Ii30yNJkiSt7NUOD/ZqhUiSd/9ZyNo/PdirRc/XpG7lr1mOiB9+N+InhUfjtnd215cbjfpWXp/vNDfn2zu799aay6v11fpGtbq0uLTwxv3Xq5c21peaE3npq5/8Yf9bP0u7NZNf6R3HZeoOvXQcJ3UzIr7/NIKNwI18PBOj7ghPpBgRz0fEy9nzPxs3su8mAHCdJclsJLO9dQDguitmObBCsZLnAmaiWKxUujm8F2K62Gi1O3cftrY3Vrq5srkoFR+uNeoLea5wLkqFtL6YlT+rV0/V70fEcxHxi8mprF6ptRoro/yHDwCMsVun1v//THbXfwDgmiuPugMAwNBZ/wFg/Fj/AWD8WP8BYPx01/+pUXcDABgi7/8BYPxY/wFgrPzgnXfSIznMP/965f2d7fXW+/dW6u31SnO7Vqm1tjYrq63WavaZPc2zXq/Ram0uvhbbH8y9tdnuzLd3dh80W9sbnQfZ53o/qJeyu/aHMDIAYJDnXvr4z4V0RX5zKjuiZy+H0kh7BjxtxVF3ABiZG6PuADAydvuC8XWB9/jSA3BN9Nmi94Ryv18QSvJtgYHPpTtfkv+HcdWT//e/gGHMyP/D+JL/h/GVJIXz7vkf570RALja5PiBAT//fz4//zb/4cCPV07f8dHT7BUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbUf7/1byvcBnolisVCKeiYi5KBUerjXqCxHxbET8abI0mdYXR9xnAOCiin8r5Pt/3Zl9deZE04u3josTEfHTX737yw+WO52tP0ZMFP41eXS981F+vTr83gMAZztap7Nzzxv5Tw/2akfHMPvz9+9ERLkb//BgIg6P49+Mm9m5HKWImP53Ia93FXpyFxex/2FEfLHf+Asxk+VAujufno6fxn5mqPGLJ+IXs7buOf2z+MIl9AXGzcfp/PN2v+evGLezc//nv5zNUBeXz3/pS9UOsznws/hH89+NAfPf7fPGeO333+uWph5t+zDiyzcjjmIf9sw/R/ELA+K/es74f/nKiy8Pakt+HXEn+sfvjTXfaW7Ot3d27601l1frq/WNanVpcWnhjfuvV+ezHPX84NXgH2/efXZQWzr+6QHxy2eM/+vnHP9v/vfej772mPjffKVf/GK88Jj46Zr4jXPGX57+XXlQWxp/ZcD4z/r+3z1n/E/+uvvItuEAwOi0d3bXlxuN+paCwrAKbz3xl6d/Za/KKE4Xvj2sWBPRv+nnr3Sf6VNNSfJEsQbNGJeRdQOuguOHPiL++7gbS8PrEwAAAAAAAAAAAAAAcNIwfmNp1GMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+vp/AAAA///rttDp")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c6173740000000014000000101801"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)

0s ago: executing program 3 (id=3556):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

kernel console output (not intermixed with test programs):

_get:1398: comm syz.0.2901: couldn't read orphan inode 15 (err -117)
[  244.559462][T15829] loop3: detected capacity change from 0 to 1024
[  244.579241][T15832] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2911'.
[  244.615450][T15829] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.2908: Allocating blocks 385-513 which overlap fs metadata
[  244.673024][T15829] netlink: 'syz.3.2908': attribute type 4 has an invalid length.
[  244.680833][T15829] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.2908'.
[  244.715360][T15829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2908'.
[  244.793675][T15828] EXT4-fs (loop3): pa ffff888106aac9a0: logic 16, phys. 129, len 24
[  244.801922][T15828] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  246.313234][T15842] loop2: detected capacity change from 0 to 512
[  246.826183][   T29] kauditd_printk_skb: 42 callbacks suppressed
[  246.826195][   T29] audit: type=1326 audit(1751022761.222:14067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15856 comm="syz.3.2919" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f00ffdae929 code=0x0
[  246.858933][T15858] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2916'.
[  246.961764][T15842] ext4 filesystem being mounted at /578/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  247.033403][T15866] loop0: detected capacity change from 0 to 512
[  247.058905][T15866] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2921: iget: bad extended attribute block 1
[  247.129532][T15866] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2921: couldn't read orphan inode 15 (err -117)
[  247.205261][T15872] 9pnet_fd: Insufficient options for proto=fd
[  247.211814][   T29] audit: type=1400 audit(1751022761.602:14068): avc:  denied  { mounton } for  pid=15870 comm="syz.1.2923" path=2F3538322FE91F7189591E9233614B dev="tmpfs" ino=3119 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  247.261564][   T29] audit: type=1400 audit(1751022761.642:14069): avc:  denied  { ioctl } for  pid=15870 comm="syz.1.2923" path="uts:[4026532375]" dev="nsfs" ino=4026532375 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  247.377693][T15880] loop0: detected capacity change from 0 to 512
[  247.415303][T15880] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2924: iget: bad extended attribute block 1
[  247.455345][T15880] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2924: couldn't read orphan inode 15 (err -117)
[  247.581196][T15894] loop5: detected capacity change from 0 to 2048
[  248.110006][T15909] loop3: detected capacity change from 0 to 1024
[  248.135312][T15909] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.2934: Allocating blocks 385-513 which overlap fs metadata
[  248.155267][T15909] netlink: 'syz.3.2934': attribute type 4 has an invalid length.
[  248.164393][T15909] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.2934'.
[  248.177115][T15907] EXT4-fs (loop3): pa ffff888106aac9a0: logic 16, phys. 129, len 24
[  248.185250][T15907] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  248.236355][T15915] loop3: detected capacity change from 0 to 512
[  248.244498][T15915] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.2936: iget: bad extended attribute block 1
[  248.258954][T15915] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2936: couldn't read orphan inode 15 (err -117)
[  248.559580][   T29] audit: type=1326 audit(1751022762.952:14070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.0.2940" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x0
[  248.717030][   T29] audit: type=1326 audit(1751022763.112:14071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.2.2941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f242242e929 code=0x7ffc0000
[  248.740833][   T29] audit: type=1326 audit(1751022763.112:14072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.2.2941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f242242e929 code=0x7ffc0000
[  248.764657][   T29] audit: type=1326 audit(1751022763.112:14073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.2.2941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f242242e929 code=0x7ffc0000
[  248.788280][   T29] audit: type=1326 audit(1751022763.112:14074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.2.2941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f242242e929 code=0x7ffc0000
[  248.812036][   T29] audit: type=1326 audit(1751022763.112:14075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.2.2941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f242242e929 code=0x7ffc0000
[  248.832310][T15934] loop2: detected capacity change from 0 to 8192
[  248.835732][   T29] audit: type=1326 audit(1751022763.112:14076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.2.2941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f242242e929 code=0x7ffc0000
[  249.082195][T15939] lo speed is unknown, defaulting to 1000
[  249.315865][T15942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2945'.
[  249.353291][T15942] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2945'.
[  249.453716][T15944] loop0: detected capacity change from 0 to 512
[  249.488437][T15946] loop5: detected capacity change from 0 to 1024
[  249.504364][T15944] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2946: iget: bad extended attribute block 1
[  249.548575][T15946] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.2947: Allocating blocks 385-513 which overlap fs metadata
[  249.566247][T15944] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2946: couldn't read orphan inode 15 (err -117)
[  249.584420][T15948] loop3: detected capacity change from 0 to 512
[  249.599393][T15946] netlink: 'syz.5.2947': attribute type 4 has an invalid length.
[  249.608517][T15946] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.2947'.
[  249.659546][T15948] EXT4-fs (loop3): too many log groups per flexible block group
[  249.667362][T15948] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  249.700336][T15948] EXT4-fs (loop3): mount failed
[  249.722051][T15946] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2947'.
[  249.738311][T15945] EXT4-fs (loop5): pa ffff888106aac9a0: logic 16, phys. 129, len 24
[  249.747461][T15945] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  249.965656][T15967] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2951'.
[  250.008730][T15969] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2953'.
[  250.098963][T15976] FAULT_INJECTION: forcing a failure.
[  250.098963][T15976] name failslab, interval 1, probability 0, space 0, times 0
[  250.112844][T15976] CPU: 1 UID: 0 PID: 15976 Comm: syz.1.2956 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  250.112942][T15976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.112953][T15976] Call Trace:
[  250.112958][T15976]  <TASK>
[  250.112964][T15976]  __dump_stack+0x1d/0x30
[  250.112983][T15976]  dump_stack_lvl+0xe8/0x140
[  250.113024][T15976]  dump_stack+0x15/0x1b
[  250.113039][T15976]  should_fail_ex+0x265/0x280
[  250.113066][T15976]  should_failslab+0x8c/0xb0
[  250.113138][T15976]  kmem_cache_alloc_noprof+0x50/0x310
[  250.113226][T15976]  ? audit_log_start+0x365/0x6c0
[  250.113254][T15976]  audit_log_start+0x365/0x6c0
[  250.113352][T15976]  audit_seccomp+0x48/0x100
[  250.113391][T15976]  ? __seccomp_filter+0x68c/0x10d0
[  250.113417][T15976]  __seccomp_filter+0x69d/0x10d0
[  250.113437][T15976]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  250.113467][T15976]  ? vfs_write+0x75e/0x8e0
[  250.113534][T15976]  ? __rcu_read_unlock+0x4f/0x70
[  250.113552][T15976]  ? __fget_files+0x184/0x1c0
[  250.113578][T15976]  __secure_computing+0x82/0x150
[  250.113600][T15976]  syscall_trace_enter+0xcf/0x1e0
[  250.113686][T15976]  do_syscall_64+0xac/0x200
[  250.113706][T15976]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  250.113735][T15976]  ? clear_bhb_loop+0x40/0x90
[  250.113753][T15976]  ? clear_bhb_loop+0x40/0x90
[  250.113778][T15976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.113798][T15976] RIP: 0033:0x7ff7d0dde929
[  250.113813][T15976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.113832][T15976] RSP: 002b:00007ff7cf447038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b9
[  250.113850][T15976] RAX: ffffffffffffffda RBX: 00007ff7d1005fa0 RCX: 00007ff7d0dde929
[  250.113860][T15976] RDX: 0000000000000001 RSI: 0000200000000640 RDI: 0000000000000003
[  250.113903][T15976] RBP: 00007ff7cf447090 R08: 0000000000000000 R09: 0000000000000000
[  250.113913][T15976] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  250.113923][T15976] R13: 0000000000000000 R14: 00007ff7d1005fa0 R15: 00007ffcf56c4108
[  250.113939][T15976]  </TASK>
[  250.349623][T15980] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2955'.
[  250.462053][T15984] hub 2-0:1.0: USB hub found
[  250.468839][T15984] hub 2-0:1.0: 8 ports detected
[  250.562634][T15992] SELinux:  policydb version 4376 does not match my version range 15-34
[  250.605136][T15992] SELinux: failed to load policy
[  250.630427][T15993] syzkaller0: entered promiscuous mode
[  250.636004][T15993] syzkaller0: entered allmulticast mode
[  250.933482][T16000] loop5: detected capacity change from 0 to 1024
[  250.976084][T16000] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.2963: Allocating blocks 385-513 which overlap fs metadata
[  251.026391][T16000] netlink: 'syz.5.2963': attribute type 4 has an invalid length.
[  251.035387][T16000] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.2963'.
[  251.058559][T16010] loop3: detected capacity change from 0 to 512
[  251.068605][T16010] EXT4-fs (loop3): orphan cleanup on readonly fs
[  251.075845][T15998] EXT4-fs (loop5): pa ffff888106aac9a0: logic 16, phys. 129, len 24
[  251.083910][T15998] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  251.096131][T16010] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2966: bg 0: block 248: padding at end of block bitmap is not set
[  251.112353][T16010] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2966: Failed to acquire dquot type 1
[  251.134388][T16010] EXT4-fs (loop3): 1 truncate cleaned up
[  251.242294][T16015] netlink: 'syz.1.2968': attribute type 1 has an invalid length.
[  251.257174][T16015] bond0: entered promiscuous mode
[  251.264192][T16015] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.280952][T16015] batadv0: entered promiscuous mode
[  251.286193][T16015] batadv0: entered allmulticast mode
[  251.295166][T16015] 8021q: adding VLAN 0 to HW filter on device batadv0
[  251.303835][T16015] bond0: (slave batadv0): making interface the new active one
[  251.312604][T16015] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  251.592720][ T7806] EXT4-fs unmount: 63 callbacks suppressed
[  251.592735][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.608749][T16010] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  251.638962][T16010] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  251.661096][T16010] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  251.690167][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.012108][T16043] loop0: detected capacity change from 0 to 512
[  252.052681][T16043] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2977: iget: bad extended attribute block 1
[  252.069974][T16043] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2977: couldn't read orphan inode 15 (err -117)
[  252.084045][T16043] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.091987][   T29] kauditd_printk_skb: 28 callbacks suppressed
[  252.092002][   T29] audit: type=1326 audit(1751022766.492:14101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16046 comm="syz.2.2978" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f242242e929 code=0x0
[  252.204533][T16051] loop3: detected capacity change from 0 to 512
[  252.266800][   T29] audit: type=1326 audit(1751022766.662:14102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.5.2981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  252.290525][   T29] audit: type=1326 audit(1751022766.662:14103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.5.2981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  252.323893][T16051] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.2979: iget: bad extended attribute block 1
[  252.336968][   T29] audit: type=1326 audit(1751022766.722:14104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.5.2981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  252.360612][T16051] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2979: couldn't read orphan inode 15 (err -117)
[  252.361619][T16051] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.385598][   T29] audit: type=1326 audit(1751022766.722:14105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.5.2981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  252.410237][T16060] __nla_validate_parse: 4 callbacks suppressed
[  252.410251][T16060] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2982'.
[  252.425525][   T29] audit: type=1326 audit(1751022766.722:14106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.5.2981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  252.450449][   T29] audit: type=1326 audit(1751022766.722:14107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.5.2981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  252.474625][   T29] audit: type=1326 audit(1751022766.722:14108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.5.2981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  252.498883][   T29] audit: type=1326 audit(1751022766.722:14109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.5.2981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  252.575247][T16063] loop5: detected capacity change from 0 to 128
[  252.582124][T16063] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  252.592601][T16063] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  252.604970][T16063] ext2 filesystem being mounted at /418/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.616110][   T29] audit: type=1400 audit(1751022767.012:14110): avc:  denied  { create } for  pid=16062 comm="syz.5.2983" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  252.627225][T16063] FAULT_INJECTION: forcing a failure.
[  252.627225][T16063] name failslab, interval 1, probability 0, space 0, times 0
[  252.671074][T16063] CPU: 0 UID: 0 PID: 16063 Comm: syz.5.2983 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  252.671099][T16063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  252.671109][T16063] Call Trace:
[  252.671115][T16063]  <TASK>
[  252.671123][T16063]  __dump_stack+0x1d/0x30
[  252.671183][T16063]  dump_stack_lvl+0xe8/0x140
[  252.671230][T16063]  dump_stack+0x15/0x1b
[  252.671246][T16063]  should_fail_ex+0x265/0x280
[  252.671281][T16063]  should_failslab+0x8c/0xb0
[  252.671310][T16063]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  252.671341][T16063]  ? __d_alloc+0x3d/0x350
[  252.671367][T16063]  __d_alloc+0x3d/0x350
[  252.671466][T16063]  d_alloc+0x2e/0x100
[  252.671510][T16063]  lookup_one_qstr_excl_raw+0x95/0x1b0
[  252.671536][T16063]  filename_create+0x14a/0x290
[  252.671572][T16063]  do_symlinkat+0x65/0x3c0
[  252.671696][T16063]  __x64_sys_symlink+0x50/0x60
[  252.671730][T16063]  x64_sys_call+0x2d8d/0x2fb0
[  252.671754][T16063]  do_syscall_64+0xd2/0x200
[  252.671769][T16063]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  252.671902][T16063]  ? clear_bhb_loop+0x40/0x90
[  252.671919][T16063]  ? clear_bhb_loop+0x40/0x90
[  252.671952][T16063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.671983][T16063] RIP: 0033:0x7facdf37e929
[  252.672008][T16063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.672028][T16063] RSP: 002b:00007facdd9e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  252.672048][T16063] RAX: ffffffffffffffda RBX: 00007facdf5a5fa0 RCX: 00007facdf37e929
[  252.672062][T16063] RDX: 0000000000000000 RSI: 00002000000009c0 RDI: 0000200000000980
[  252.672075][T16063] RBP: 00007facdd9e7090 R08: 0000000000000000 R09: 0000000000000000
[  252.672087][T16063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.672096][T16063] R13: 0000000000000000 R14: 00007facdf5a5fa0 R15: 00007fff231048c8
[  252.672112][T16063]  </TASK>
[  252.831871][T16006] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, 
[  252.842946][ T7806] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  252.847767][T16006] block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  252.918317][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.941013][T16070] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2986'.
[  253.044281][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.065993][T16079] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2984'.
[  253.101655][T16082] loop5: detected capacity change from 0 to 512
[  253.114910][T16082] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.2990: iget: bad extended attribute block 1
[  253.128355][T16082] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.2990: couldn't read orphan inode 15 (err -117)
[  253.142869][T16082] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.171853][T16089] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  253.188926][T16083] loop3: detected capacity change from 0 to 512
[  253.196527][T16090] loop3: detected capacity change from 0 to 512
[  253.376406][T16097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2993'.
[  253.386607][T16097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2993'.
[  253.409996][T16099] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2994'.
[  253.455351][T16101] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2995'.
[  253.835083][T16109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2998'.
[  253.962069][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.079190][T16121] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3000'.
[  254.189284][T16127] loop5: detected capacity change from 0 to 512
[  254.203216][T16127] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.215944][T16127] ext4 filesystem being mounted at /421/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  254.290236][T16131] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3004'.
[  254.461802][T16136] FAULT_INJECTION: forcing a failure.
[  254.461802][T16136] name failslab, interval 1, probability 0, space 0, times 0
[  254.474542][T16136] CPU: 1 UID: 0 PID: 16136 Comm: syz.1.3006 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  254.474566][T16136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.474577][T16136] Call Trace:
[  254.474582][T16136]  <TASK>
[  254.474588][T16136]  __dump_stack+0x1d/0x30
[  254.474611][T16136]  dump_stack_lvl+0xe8/0x140
[  254.474631][T16136]  dump_stack+0x15/0x1b
[  254.474701][T16136]  should_fail_ex+0x265/0x280
[  254.474735][T16136]  should_failslab+0x8c/0xb0
[  254.474755][T16136]  kmem_cache_alloc_noprof+0x50/0x310
[  254.474793][T16136]  ? skb_clone+0x151/0x1f0
[  254.474812][T16136]  skb_clone+0x151/0x1f0
[  254.474844][T16136]  __netlink_deliver_tap+0x2c9/0x500
[  254.474982][T16136]  netlink_unicast+0x64c/0x670
[  254.475009][T16136]  netlink_sendmsg+0x58b/0x6b0
[  254.475027][T16136]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.475085][T16136]  __sock_sendmsg+0x142/0x180
[  254.475109][T16136]  ____sys_sendmsg+0x31e/0x4e0
[  254.475211][T16136]  ___sys_sendmsg+0x17b/0x1d0
[  254.475256][T16136]  __x64_sys_sendmsg+0xd4/0x160
[  254.475295][T16136]  x64_sys_call+0x2999/0x2fb0
[  254.475313][T16136]  do_syscall_64+0xd2/0x200
[  254.475392][T16136]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  254.475416][T16136]  ? clear_bhb_loop+0x40/0x90
[  254.475440][T16136]  ? clear_bhb_loop+0x40/0x90
[  254.475540][T16136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.475559][T16136] RIP: 0033:0x7ff7d0dde929
[  254.475574][T16136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.475594][T16136] RSP: 002b:00007ff7cf447038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.475614][T16136] RAX: ffffffffffffffda RBX: 00007ff7d1005fa0 RCX: 00007ff7d0dde929
[  254.475672][T16136] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[  254.475725][T16136] RBP: 00007ff7cf447090 R08: 0000000000000000 R09: 0000000000000000
[  254.475792][T16136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.475806][T16136] R13: 0000000000000000 R14: 00007ff7d1005fa0 R15: 00007ffcf56c4108
[  254.475827][T16136]  </TASK>
[  254.708153][T16137] loop3: detected capacity change from 0 to 512
[  254.762776][T16137] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3007: iget: bad extended attribute block 1
[  254.787099][T16136] netem: change failed
[  254.862427][T16137] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3007: couldn't read orphan inode 15 (err -117)
[  254.905034][T16137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.935019][T16149] loop0: detected capacity change from 0 to 512
[  254.953873][T16149] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3011: iget: bad extended attribute block 1
[  254.996623][T16149] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3011: couldn't read orphan inode 15 (err -117)
[  255.036103][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.052546][T16149] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.245321][T16162] loop3: detected capacity change from 0 to 512
[  255.271890][T16162] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3016: casefold flag without casefold feature
[  255.312352][T16162] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3016: couldn't read orphan inode 15 (err -117)
[  255.361739][T14691] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.376920][T16162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.465015][T16158] lo speed is unknown, defaulting to 1000
[  255.475659][T14691] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.589264][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.607122][T14691] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.686107][T14691] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.736081][T16174] loop2: detected capacity change from 0 to 512
[  255.766235][T16174] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  255.803168][T16174] EXT4-fs (loop2): orphan cleanup on readonly fs
[  255.815313][T16158] chnl_net:caif_netlink_parms(): no params data found
[  255.839199][T16174] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3018: Failed to acquire dquot type 1
[  255.899191][T16174] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3018: bg 0: block 40: padding at end of block bitmap is not set
[  255.947588][T16174] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  255.980045][T16174] EXT4-fs (loop2): 1 truncate cleaned up
[  256.089861][T16174] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  256.103349][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.142568][T14691] bond1 (unregistering): Released all slaves
[  256.163621][T14691] bond0 (unregistering): (slave batadv0): Releasing active interface
[  256.181949][T14691] bond0 (unregistering): Released all slaves
[  256.224540][T16158] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.231680][T16158] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.266308][T16158] bridge_slave_0: entered allmulticast mode
[  256.281780][T16158] bridge_slave_0: entered promiscuous mode
[  256.316171][T16158] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.323529][T16158] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.341149][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.374502][T16158] bridge_slave_1: entered allmulticast mode
[  256.385485][T16158] bridge_slave_1: entered promiscuous mode
[  256.395261][T14691] hsr_slave_0: left promiscuous mode
[  256.406447][T14691] hsr_slave_1: left promiscuous mode
[  256.415969][T14691] veth1_macvtap: left promiscuous mode
[  256.421748][T14691] veth0_macvtap: left promiscuous mode
[  256.427606][T14691] veth1_vlan: left promiscuous mode
[  256.434189][T14691] veth0_vlan: left promiscuous mode
[  256.650224][T16158] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.705896][T16158] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  256.738420][T16206] loop2: detected capacity change from 0 to 512
[  256.757151][T16158] team0: Port device team_slave_0 added
[  256.766637][T16158] team0: Port device team_slave_1 added
[  256.773122][T16206] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.3028: iget: bad extended attribute block 1
[  256.799312][T16206] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3028: couldn't read orphan inode 15 (err -117)
[  256.813816][T16158] batman_adv: batadv0: Adding interface: batadv_slave_0
[  256.821392][T16158] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  256.847494][T16158] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  256.861458][T16206] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.875838][T16158] batman_adv: batadv0: Adding interface: batadv_slave_1
[  256.883530][T16158] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  256.909636][T16158] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  256.926669][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.946953][T16158] hsr_slave_0: entered promiscuous mode
[  256.953523][T16158] hsr_slave_1: entered promiscuous mode
[  257.016847][T16215] loop0: detected capacity change from 0 to 512
[  257.028371][T14691] IPVS: stop unused estimator thread 0...
[  257.039624][T16215] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  257.048176][T16215] EXT4-fs (loop0): orphan cleanup on readonly fs
[  257.055022][T16215] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3030: Failed to acquire dquot type 1
[  257.066928][T16215] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3030: bg 0: block 40: padding at end of block bitmap is not set
[  257.081706][T16215] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  257.091109][T16215] EXT4-fs (loop0): 1 truncate cleaned up
[  257.097286][T16215] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  257.196601][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.257295][T16221] lo speed is unknown, defaulting to 1000
[  257.271717][T16158] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  257.283889][T16158] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  257.306511][T16158] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  257.317217][T16158] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  257.380001][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  257.380013][   T29] audit: type=1326 audit(1751022771.772:14183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.410471][   T29] audit: type=1326 audit(1751022771.772:14184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.410772][T16223] loop5: detected capacity change from 0 to 2048
[  257.475761][T16158] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.487292][   T29] audit: type=1326 audit(1751022771.842:14185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.511038][   T29] audit: type=1326 audit(1751022771.842:14186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.514013][T16158] 8021q: adding VLAN 0 to HW filter on device team0
[  257.534725][   T29] audit: type=1326 audit(1751022771.842:14187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.534760][   T29] audit: type=1326 audit(1751022771.842:14188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.534797][   T29] audit: type=1326 audit(1751022771.842:14189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.534911][   T29] audit: type=1326 audit(1751022771.842:14190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.534947][   T29] audit: type=1326 audit(1751022771.842:14191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.534980][   T29] audit: type=1326 audit(1751022771.842:14192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16232 comm="syz.0.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  257.706261][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.727253][T16238]  loop5: p1 < > p4
[  257.735385][T16238] loop5: p4 size 8388608 extends beyond EOD, truncated
[  257.744358][ T1978] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.751490][ T1978] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.763133][T16240] loop0: detected capacity change from 0 to 128
[  257.782297][T16240] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  257.783696][ T1978] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.797584][ T1978] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.806689][T16223]  loop5: p1 < > p4
[  257.822896][T16223] loop5: p4 size 8388608 extends beyond EOD, truncated
[  257.823208][T16240] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  257.851591][T16158] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  257.862182][T16158] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  257.879559][T16240] ext2 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.970483][T16158] 8021q: adding VLAN 0 to HW filter on device batadv0
[  258.177505][T16260] loop2: detected capacity change from 0 to 512
[  258.247612][T16260] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.260269][T16260] ext4 filesystem being mounted at /592/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.534003][T14670] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  258.602493][T16158] veth0_vlan: entered promiscuous mode
[  258.705542][T16158] veth1_vlan: entered promiscuous mode
[  258.726733][T16158] veth0_macvtap: entered promiscuous mode
[  258.735377][T16158] veth1_macvtap: entered promiscuous mode
[  258.758911][T16158] batman_adv: batadv0: Interface activated: batadv_slave_0
[  258.859181][T16158] batman_adv: batadv0: Interface activated: batadv_slave_1
[  258.881655][T16158] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.891092][T16158] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  258.899846][T16158] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  258.908677][T16158] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.084668][T16270] loop3: detected capacity change from 0 to 1024
[  259.112848][T16270] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.136880][T16270] ext4 filesystem being mounted at /583/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.153725][T16276] loop0: detected capacity change from 0 to 1024
[  259.172002][T16276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.201661][T14691] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:16: bg 0: block 393: padding at end of block bitmap is not set
[  259.233611][T16276] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.3041: Allocating blocks 385-513 which overlap fs metadata
[  259.247742][T14691] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117
[  259.261077][T14691] EXT4-fs (loop3): This should not happen!! Data will be lost
[  259.261077][T14691] 
[  259.286050][T16276] netlink: 'syz.0.3041': attribute type 4 has an invalid length.
[  259.294553][T16276] __nla_validate_parse: 8 callbacks suppressed
[  259.294566][T16276] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3041'.
[  259.318847][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.331500][T16281] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3013'.
[  259.341715][T16276] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3041'.
[  259.381572][T16272] EXT4-fs (loop0): pa ffff888106aac930: logic 16, phys. 129, len 24
[  259.389598][T16272] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  259.485068][T16286] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3044'.
[  259.511210][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.994468][T16309] loop0: detected capacity change from 0 to 512
[  261.024846][T16315] IPVS: fo: SCTP 172.20.20.187:0 - no destination available
[  261.246808][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.311817][T16329] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3053'.
[  261.326899][T16309] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.340158][T16309] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  261.755559][T16336] loop5: detected capacity change from 0 to 1024
[  261.769892][T16332] xt_hashlimit: max too large, truncated to 1048576
[  261.789902][T16338] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3059'.
[  261.819154][T16340] loop3: detected capacity change from 0 to 512
[  261.826309][ T1046] IPVS: starting estimator thread 0...
[  261.863442][T16340] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3060: iget: bad extended attribute block 1
[  261.881620][T16336] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.902073][T16340] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3060: couldn't read orphan inode 15 (err -117)
[  261.921720][T16316] IPVS: using max 2736 ests per chain, 136800 per kthread
[  261.936829][T16336] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.3058: Allocating blocks 385-513 which overlap fs metadata
[  261.956039][T16340] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.992541][T16336] netlink: 'syz.5.3058': attribute type 4 has an invalid length.
[  262.000355][T16336] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.3058'.
[  262.012011][T16349] loop2: detected capacity change from 0 to 2048
[  262.052715][T16349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.079118][T16335] EXT4-fs (loop5): pa ffff888106aac930: logic 16, phys. 129, len 24
[  262.088025][T16335] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  262.115554][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.461487][T16372] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3066'.
[  262.518852][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.594616][T16379] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3070'.
[  262.661951][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.733915][T16388] loop3: detected capacity change from 0 to 1024
[  262.752580][T16388] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.781665][T16388] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3074: Allocating blocks 385-513 which overlap fs metadata
[  262.847995][T16388] netlink: 'syz.3.3074': attribute type 4 has an invalid length.
[  262.855951][T16388] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.3074'.
[  262.921690][T16387] EXT4-fs (loop3): pa ffff888106aac930: logic 16, phys. 129, len 24
[  262.929732][T16387] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  262.972395][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.382813][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.450770][ T3407] IPVS: starting estimator thread 0...
[  263.457349][T16413] IPVS: fo: SCTP 172.20.20.187:0 - no destination available
[  263.497316][T16413] loop0: detected capacity change from 0 to 512
[  263.562320][   T29] kauditd_printk_skb: 43 callbacks suppressed
[  263.562338][   T29] audit: type=1326 audit(1751022777.892:14236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.592912][   T29] audit: type=1326 audit(1751022777.892:14237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.616708][   T29] audit: type=1326 audit(1751022777.892:14238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.641011][   T29] audit: type=1326 audit(1751022777.892:14239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.651686][T16415] IPVS: using max 2640 ests per chain, 132000 per kthread
[  263.664600][   T29] audit: type=1326 audit(1751022777.892:14240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.680874][T16413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.695818][   T29] audit: type=1326 audit(1751022777.892:14241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.733356][   T29] audit: type=1326 audit(1751022777.892:14242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.757060][   T29] audit: type=1326 audit(1751022777.892:14243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.757073][T16429] loop5: detected capacity change from 0 to 512
[  263.757096][   T29] audit: type=1326 audit(1751022777.892:14244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.757133][   T29] audit: type=1326 audit(1751022777.892:14245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16412 comm="syz.0.3079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  263.835789][T16413] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  263.866747][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.867060][T16429] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.888601][T16429] ext4 filesystem being mounted at /430/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  263.968661][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.185491][ T3407] IPVS: starting estimator thread 0...
[  264.193312][T16481] IPVS: fo: SCTP 172.20.20.187:0 - no destination available
[  264.222122][T16481] loop2: detected capacity change from 0 to 512
[  264.240353][T16490] loop5: detected capacity change from 0 to 128
[  264.255977][T16490] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  264.272287][T16481] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.285073][T16481] ext4 filesystem being mounted at /602/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  264.289428][T16464] lo speed is unknown, defaulting to 1000
[  264.302393][T16482] IPVS: using max 2784 ests per chain, 139200 per kthread
[  264.313131][T16490] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  264.327070][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.329368][T16490] ext2 filesystem being mounted at /433/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.782961][ T1978] 
 (unregistering): Released all slaves
[  264.832335][T16464] chnl_net:caif_netlink_parms(): no params data found
[  264.852003][ T7806] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  264.885592][ T1978] tipc: Disabling bearer <udp:syz2>
[  264.891623][ T1978] tipc: Left network mode
[  265.082310][T16464] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.089397][T16464] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.178375][T16464] bridge_slave_0: entered allmulticast mode
[  265.226215][T16464] bridge_slave_0: entered promiscuous mode
[  265.300526][ T1978] hsr_slave_0: left promiscuous mode
[  265.306768][ T1978] hsr_slave_1: left promiscuous mode
[  265.355931][T16543] loop5: detected capacity change from 0 to 512
[  265.365478][T16543] EXT4-fs (loop5): orphan cleanup on readonly fs
[  265.378890][T16543] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3106: bg 0: block 248: padding at end of block bitmap is not set
[  265.417769][T16543] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3106: Failed to acquire dquot type 1
[  265.454140][T16543] EXT4-fs (loop5): 1 truncate cleaned up
[  265.483451][ T5653] smc: removing ib device syz!
[  265.566917][T16464] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.574123][T16464] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.586894][T16543] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  265.604915][T16464] bridge_slave_1: entered allmulticast mode
[  265.618115][T16464] bridge_slave_1: entered promiscuous mode
[  265.677567][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.739333][T16464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  265.787758][T16464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  265.886487][T16464] team0: Port device team_slave_0 added
[  265.912588][T16464] team0: Port device team_slave_1 added
[  265.933197][T16577] __nla_validate_parse: 3 callbacks suppressed
[  265.933215][T16577] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3109'.
[  265.993612][T16464] batman_adv: batadv0: Adding interface: batadv_slave_0
[  266.001297][T16464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.027572][T16464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  266.088972][T16464] batman_adv: batadv0: Adding interface: batadv_slave_1
[  266.096659][T16464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.123414][T16464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  266.214379][T16464] hsr_slave_0: entered promiscuous mode
[  266.221235][T16464] hsr_slave_1: entered promiscuous mode
[  266.227330][T16464] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  266.237753][T16464] Cannot create hsr debugfs directory
[  266.364223][T16592] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3111'.
[  266.465390][T16601] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3113'.
[  266.626044][T16616] loop5: detected capacity change from 0 to 512
[  266.645041][T16616] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3115: iget: bad extended attribute block 1
[  266.671510][T16616] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3115: couldn't read orphan inode 15 (err -117)
[  266.697011][T16616] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.731104][T16620] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[  266.763526][T16620] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  266.964525][T16464] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  266.979387][T16464] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  267.001551][T16464] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  267.018000][T16464] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  267.095053][T16656] loop0: detected capacity change from 0 to 512
[  267.121955][T16656] EXT4-fs (loop0): orphan cleanup on readonly fs
[  267.141610][T16656] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3116: bg 0: block 248: padding at end of block bitmap is not set
[  267.171489][T16464] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.182515][T16464] 8021q: adding VLAN 0 to HW filter on device team0
[  267.195185][T16656] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3116: Failed to acquire dquot type 1
[  267.195771][T14691] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.213591][T14691] bridge0: port 1(bridge_slave_0) entered forwarding state
[  267.215717][T16656] EXT4-fs (loop0): 1 truncate cleaned up
[  267.227475][T14691] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.234561][T14691] bridge0: port 2(bridge_slave_1) entered forwarding state
[  267.242560][T16669] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3119'.
[  267.251780][T16464] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  267.251803][T16464] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  267.276980][T16656] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  267.293107][T16671] FAULT_INJECTION: forcing a failure.
[  267.293107][T16671] name failslab, interval 1, probability 0, space 0, times 0
[  267.305865][T16671] CPU: 0 UID: 0 PID: 16671 Comm: syz.2.3118 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  267.305948][T16671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.305962][T16671] Call Trace:
[  267.305989][T16671]  <TASK>
[  267.305998][T16671]  __dump_stack+0x1d/0x30
[  267.306023][T16671]  dump_stack_lvl+0xe8/0x140
[  267.306093][T16671]  dump_stack+0x15/0x1b
[  267.306108][T16671]  should_fail_ex+0x265/0x280
[  267.306144][T16671]  should_failslab+0x8c/0xb0
[  267.306233][T16671]  kmem_cache_alloc_noprof+0x50/0x310
[  267.306261][T16671]  ? skb_clone+0x151/0x1f0
[  267.306283][T16671]  skb_clone+0x151/0x1f0
[  267.306304][T16671]  __netlink_deliver_tap+0x2c9/0x500
[  267.306383][T16671]  netlink_unicast+0x64c/0x670
[  267.306423][T16671]  netlink_sendmsg+0x58b/0x6b0
[  267.306449][T16671]  ? __pfx_netlink_sendmsg+0x10/0x10
[  267.306545][T16671]  __sock_sendmsg+0x142/0x180
[  267.306577][T16671]  ____sys_sendmsg+0x31e/0x4e0
[  267.306631][T16671]  ___sys_sendmsg+0x17b/0x1d0
[  267.306682][T16671]  __x64_sys_sendmsg+0xd4/0x160
[  267.306718][T16671]  x64_sys_call+0x2999/0x2fb0
[  267.306766][T16671]  do_syscall_64+0xd2/0x200
[  267.306792][T16671]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  267.306825][T16671]  ? clear_bhb_loop+0x40/0x90
[  267.306852][T16671]  ? clear_bhb_loop+0x40/0x90
[  267.306880][T16671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.306910][T16671] RIP: 0033:0x7f242242e929
[  267.306928][T16671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.306949][T16671] RSP: 002b:00007f2420a76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  267.306967][T16671] RAX: ffffffffffffffda RBX: 00007f2422656080 RCX: 00007f242242e929
[  267.306982][T16671] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  267.307079][T16671] RBP: 00007f2420a76090 R08: 0000000000000000 R09: 0000000000000000
[  267.307094][T16671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.307106][T16671] R13: 0000000000000000 R14: 00007f2422656080 R15: 00007ffefe912438
[  267.307128][T16671]  </TASK>
[  267.341390][T16671] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3118'.
[  267.380080][T16464] 8021q: adding VLAN 0 to HW filter on device batadv0
[  267.538074][T16656] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  267.573528][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.608382][T16464] veth0_vlan: entered promiscuous mode
[  267.616845][T16464] veth1_vlan: entered promiscuous mode
[  267.620534][T16656] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  267.640269][T16464] veth0_macvtap: entered promiscuous mode
[  267.650184][T16464] veth1_macvtap: entered promiscuous mode
[  267.662917][T16464] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.674309][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.675472][T16464] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.695444][T16464] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.704410][T16464] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.713544][T16464] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.722380][T16464] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.757434][T16694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3123'.
[  267.815518][T16705] loop3: detected capacity change from 0 to 512
[  267.835054][T16708] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3121'.
[  267.956081][T16712] lo speed is unknown, defaulting to 1000
[  267.999186][T16730] loop3: detected capacity change from 0 to 1024
[  268.015100][T16730] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.024301][T16734] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3128'.
[  268.036005][T16730] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3131: Allocating blocks 385-513 which overlap fs metadata
[  268.053185][T16730] netlink: 'syz.3.3131': attribute type 4 has an invalid length.
[  268.061694][T16730] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.3131'.
[  268.116729][T16729] EXT4-fs (loop3): pa ffff888106aac9a0: logic 16, phys. 129, len 24
[  268.125549][T16729] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  268.177281][T16712] chnl_net:caif_netlink_parms(): no params data found
[  268.190091][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.213593][T16739] infiniband syz2: set down
[  268.218166][T16739] infiniband syz2: added veth0_to_bond
[  268.232660][T16739] RDS/IB: syz2: added
[  268.236736][T16739] smc: adding ib device syz2 with port count 1
[  268.247913][T16739] smc:    ib device syz2 port 1 has pnetid 
[  268.274506][T16750] loop3: detected capacity change from 0 to 512
[  268.285157][T16750] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3135: iget: bad extended attribute block 1
[  268.300150][T16750] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3135: couldn't read orphan inode 15 (err -117)
[  268.321576][T16750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.401276][T16712] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.408427][T16712] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.416141][T16712] bridge_slave_0: entered allmulticast mode
[  268.457994][T16712] bridge_slave_0: entered promiscuous mode
[  268.472109][T16712] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.479203][T16712] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.503420][T16712] bridge_slave_1: entered allmulticast mode
[  268.516041][T16712] bridge_slave_1: entered promiscuous mode
[  268.551316][T16712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.565652][T16712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.592188][   T29] kauditd_printk_skb: 145 callbacks suppressed
[  268.592206][   T29] audit: type=1326 audit(1751022782.992:14387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  268.659831][   T29] audit: type=1326 audit(1751022782.992:14388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16738 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facdf37e929 code=0x7ffc0000
[  268.689866][T16760] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3136'.
[  268.862080][   T37] bond0 (unregistering): Released all slaves
[  268.876497][T16712] team0: Port device team_slave_0 added
[  268.883946][T16712] team0: Port device team_slave_1 added
[  268.913202][T16712] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.920171][T16712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.946245][T16712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.986908][T16768] bridge_slave_0: left allmulticast mode
[  268.992790][T16768] bridge_slave_0: left promiscuous mode
[  268.998488][T16768] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.999484][T16772] loop5: detected capacity change from 0 to 1024
[  269.007955][T16770] loop0: detected capacity change from 0 to 512
[  269.021328][T16768] bridge_slave_1: left allmulticast mode
[  269.021384][T16770] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3141: iget: bad extended attribute block 1
[  269.021904][T16770] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3141: couldn't read orphan inode 15 (err -117)
[  269.027169][T16768] bridge_slave_1: left promiscuous mode
[  269.041889][T16770] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.051489][T16768] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.079663][T16772] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.092815][T16768] bond0: (slave bond_slave_0): Releasing backup interface
[  269.095736][T16772] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.3142: Allocating blocks 385-513 which overlap fs metadata
[  269.118840][T16768] bond0: (slave bond_slave_1): Releasing backup interface
[  269.121002][T16772] netlink: 'syz.5.3142': attribute type 4 has an invalid length.
[  269.139247][T16768] team0: Port device team_slave_0 removed
[  269.153666][T16768] team0: Port device team_slave_1 removed
[  269.160559][T16768] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  269.168033][T16768] batman_adv: batadv0: Removing interface: batadv_slave_0
[  269.177733][T16768] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  269.185410][T16768] batman_adv: batadv0: Removing interface: batadv_slave_1
[  269.199283][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.218713][T16712] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.225710][T16712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.251754][T16712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.346897][T16771] EXT4-fs (loop5): pa ffff888106aac9a0: logic 16, phys. 129, len 24
[  269.355004][T16771] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  269.365087][   T37] hsr_slave_0: left promiscuous mode
[  269.383575][   T37] hsr_slave_1: left promiscuous mode
[  269.397369][T16785] netlink: 'syz.1.3144': attribute type 4 has an invalid length.
[  269.407102][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.421025][   T29] audit: type=1326 audit(1751022783.812:14389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16786 comm="syz.3.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  269.444823][   T29] audit: type=1326 audit(1751022783.812:14390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16786 comm="syz.3.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  269.470546][   T29] audit: type=1326 audit(1751022783.872:14391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16786 comm="syz.3.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  269.494136][   T29] audit: type=1326 audit(1751022783.872:14392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16786 comm="syz.3.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  269.517773][   T29] audit: type=1326 audit(1751022783.872:14393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16786 comm="syz.3.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  269.541469][   T29] audit: type=1326 audit(1751022783.872:14394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16786 comm="syz.3.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  269.565124][   T29] audit: type=1326 audit(1751022783.872:14395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16786 comm="syz.3.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  269.588702][   T29] audit: type=1326 audit(1751022783.872:14396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16786 comm="syz.3.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  269.692188][T16712] hsr_slave_0: entered promiscuous mode
[  269.708426][T16712] hsr_slave_1: entered promiscuous mode
[  269.717445][T16712] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.733274][T16712] Cannot create hsr debugfs directory
[  269.744113][T16792] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  269.789260][T16798] loop3: detected capacity change from 0 to 512
[  269.809966][T16798] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3148: iget: bad extended attribute block 1
[  269.862082][T16798] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3148: couldn't read orphan inode 15 (err -117)
[  269.957314][   T37] IPVS: stop unused estimator thread 0...
[  269.994821][T16809] loop0: detected capacity change from 0 to 512
[  270.006484][T16809] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3152: iget: bad extended attribute block 1
[  270.019671][T16809] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3152: couldn't read orphan inode 15 (err -117)
[  270.079463][T16712] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  270.094749][T16712] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  270.113268][T16712] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  270.123213][T16712] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  270.208290][T16712] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.234106][T16712] 8021q: adding VLAN 0 to HW filter on device team0
[  270.254115][ T1978] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.261281][ T1978] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.288108][ T1978] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.295256][ T1978] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.358130][T16712] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  270.430857][T16687] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  270.476533][T16832] xt_hashlimit: max too large, truncated to 1048576
[  270.626336][T16834] loop5: detected capacity change from 0 to 512
[  270.656400][T16712] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.665163][T16834] EXT4-fs (loop5): orphan cleanup on readonly fs
[  270.675103][T16834] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3160: bg 0: block 248: padding at end of block bitmap is not set
[  270.689834][T16834] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3160: Failed to acquire dquot type 1
[  270.710498][T16834] EXT4-fs (loop5): 1 truncate cleaned up
[  270.720174][T16834] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  270.743025][T16834] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  270.802717][T16712] veth0_vlan: entered promiscuous mode
[  270.811168][T16712] veth1_vlan: entered promiscuous mode
[  270.841302][T16712] veth0_macvtap: entered promiscuous mode
[  270.845060][T16877] loop5: detected capacity change from 0 to 1024
[  270.849098][T16712] veth1_macvtap: entered promiscuous mode
[  270.868022][T16712] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.883110][T16877] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.3167: Allocating blocks 385-513 which overlap fs metadata
[  270.900018][T16712] batman_adv: batadv0: Interface activated: batadv_slave_1
[  270.922633][T16712] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.931528][T16712] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.940443][T16712] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.949281][T16712] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.984814][T16877] __nla_validate_parse: 5 callbacks suppressed
[  270.984832][T16877] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3167'.
[  271.003204][T16876] EXT4-fs (loop5): pa ffff888106aaca10: logic 16, phys. 129, len 24
[  271.011404][T16876] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  271.135889][T16916] loop5: detected capacity change from 0 to 512
[  271.162119][T16916] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3171: iget: bad extended attribute block 1
[  271.192395][T16916] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3171: couldn't read orphan inode 15 (err -117)
[  271.214480][T16925] loop0: detected capacity change from 0 to 1024
[  271.238226][T16925] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.3172: Allocating blocks 385-513 which overlap fs metadata
[  271.275084][T16925] netlink: 'syz.0.3172': attribute type 4 has an invalid length.
[  271.282964][T16925] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3172'.
[  271.293590][T16924] EXT4-fs (loop0): pa ffff88810049b8c0: logic 16, phys. 129, len 24
[  271.301625][T16924] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  271.501659][T16971] loop0: detected capacity change from 0 to 512
[  271.528630][T16971] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3178: iget: bad extended attribute block 1
[  271.541373][T16979] loop3: detected capacity change from 0 to 1024
[  271.541944][T16971] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3178: couldn't read orphan inode 15 (err -117)
[  271.571307][T16979] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3180: Allocating blocks 385-513 which overlap fs metadata
[  271.590903][T16979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3180'.
[  272.217721][T17058] loop5: detected capacity change from 0 to 512
[  272.225928][T17058] EXT4-fs (loop5): orphan cleanup on readonly fs
[  272.233483][T17058] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3194: bg 0: block 248: padding at end of block bitmap is not set
[  272.247980][T17058] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3194: Failed to acquire dquot type 1
[  272.259706][T17058] EXT4-fs (loop5): 1 truncate cleaned up
[  272.268098][T17058] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  272.280933][T17058] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  272.339550][T17062] loop5: detected capacity change from 0 to 512
[  272.348440][T17062] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3195: iget: bad extended attribute block 1
[  272.362611][T17062] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3195: couldn't read orphan inode 15 (err -117)
[  272.377808][T16977] EXT4-fs (loop3): pa ffff88810049b850: logic 16, phys. 129, len 24
[  272.385975][T16977] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  272.407259][T17065] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3197'.
[  272.501803][T17080] xt_hashlimit: max too large, truncated to 1048576
[  272.920146][T17097] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3209'.
[  272.939307][T17099] loop2: detected capacity change from 0 to 2048
[  272.986464][T17108] loop3: detected capacity change from 0 to 1024
[  273.005122][T17108] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3212: Allocating blocks 385-513 which overlap fs metadata
[  273.023039][T17108] netlink: 'syz.3.3212': attribute type 4 has an invalid length.
[  273.030937][T17108] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.3212'.
[  273.042396][T17107] EXT4-fs (loop3): pa ffff888106aaca80: logic 16, phys. 129, len 24
[  273.050572][T17107] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  273.088085][T17112] loop3: detected capacity change from 0 to 1024
[  273.105207][T17112] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3214: Allocating blocks 385-513 which overlap fs metadata
[  273.123590][T17112] netlink: 'syz.3.3214': attribute type 4 has an invalid length.
[  273.131453][T17112] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.3214'.
[  273.141856][T17111] EXT4-fs (loop3): pa ffff888106aaca80: logic 16, phys. 129, len 24
[  273.149889][T17111] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  273.193828][T17118] loop3: detected capacity change from 0 to 1024
[  273.213123][T17120] loop5: detected capacity change from 0 to 2048
[  273.215387][T17118] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3215: Allocating blocks 385-513 which overlap fs metadata
[  273.253357][T17120] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.3217: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  273.274883][T17120] EXT4-fs (loop5): Remounting filesystem read-only
[  273.281774][T17118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3215'.
[  273.294903][T17116] EXT4-fs (loop3): pa ffff88810049b850: logic 16, phys. 129, len 24
[  273.302993][T17116] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  273.364449][T17136] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3222'.
[  273.417357][T17145] loop2: detected capacity change from 0 to 512
[  273.426725][T17145] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.3227: iget: bad extended attribute block 1
[  273.440920][T17148] loop5: detected capacity change from 0 to 512
[  273.447478][T17145] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3227: couldn't read orphan inode 15 (err -117)
[  273.455210][T17152] loop3: detected capacity change from 0 to 512
[  273.467854][T17148] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3226: iget: bad extended attribute block 1
[  273.469206][T17152] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3229: iget: bad extended attribute block 1
[  273.494189][T17148] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3226: couldn't read orphan inode 15 (err -117)
[  273.494961][T17152] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3229: couldn't read orphan inode 15 (err -117)
[  274.150067][   T29] kauditd_printk_skb: 154 callbacks suppressed
[  274.150139][   T29] audit: type=1326 audit(1751022788.542:14547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.241718][   T29] audit: type=1326 audit(1751022788.582:14548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.265486][   T29] audit: type=1326 audit(1751022788.582:14549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.289682][   T29] audit: type=1326 audit(1751022788.582:14550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.313600][   T29] audit: type=1326 audit(1751022788.582:14551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.337291][   T29] audit: type=1326 audit(1751022788.582:14552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.360935][   T29] audit: type=1326 audit(1751022788.582:14553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.384568][   T29] audit: type=1326 audit(1751022788.582:14554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.408500][   T29] audit: type=1326 audit(1751022788.582:14555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.432130][   T29] audit: type=1326 audit(1751022788.582:14556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17131 comm="syz.0.3220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7fc00000
[  274.829321][T17169] loop3: detected capacity change from 0 to 2048
[  274.855182][T17169] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.3235: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  274.872732][T17169] EXT4-fs (loop3): Remounting filesystem read-only
[  274.956269][T17185] loop5: detected capacity change from 0 to 512
[  275.013912][T17185] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3241: iget: bad extended attribute block 1
[  275.039634][T17185] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3241: couldn't read orphan inode 15 (err -117)
[  275.052855][T17192] loop0: detected capacity change from 0 to 1024
[  275.066707][T17192] netlink: 'syz.0.3253': attribute type 4 has an invalid length.
[  275.074578][T17192] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3253'.
[  275.696817][T17206] loop0: detected capacity change from 0 to 512
[  275.705804][T17206] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3246: iget: bad extended attribute block 1
[  275.719286][T17206] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3246: couldn't read orphan inode 15 (err -117)
[  275.810190][T17211] loop2: detected capacity change from 0 to 512
[  275.819124][T17211] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.3247: iget: bad extended attribute block 1
[  275.833750][T17211] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3247: couldn't read orphan inode 15 (err -117)
[  276.004573][T17215] loop3: detected capacity change from 0 to 512
[  276.024674][T17215] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  276.871830][T17232] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3258'.
[  277.044185][T17244] loop5: detected capacity change from 0 to 512
[  277.066007][T17247] loop0: detected capacity change from 0 to 512
[  277.083293][T17244] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3261: iget: bad extended attribute block 1
[  277.099330][T17247] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3263: iget: bad extended attribute block 1
[  277.116217][T17244] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3261: couldn't read orphan inode 15 (err -117)
[  277.129061][T17247] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3263: couldn't read orphan inode 15 (err -117)
[  277.347224][T17262] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3267'.
[  277.553638][T17264] syz2: rxe_newlink: already configured on veth0_to_bond
[  277.590204][T17272] loop5: detected capacity change from 0 to 2048
[  278.155097][T17272] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.3270: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  278.179375][T17272] EXT4-fs (loop5): Remounting filesystem read-only
[  278.190911][T17272] xt_hashlimit: max too large, truncated to 1048576
[  278.486435][T17291] loop2: detected capacity change from 0 to 512
[  278.511274][T17291] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.3277: iget: bad extended attribute block 1
[  278.524030][T17291] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3277: couldn't read orphan inode 15 (err -117)
[  278.556756][T17302] loop0: detected capacity change from 0 to 512
[  278.575516][T17302] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3281: iget: bad extended attribute block 1
[  278.592350][T17302] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3281: couldn't read orphan inode 15 (err -117)
[  278.625220][T17309] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3278'.
[  279.005936][T17325] loop2: detected capacity change from 0 to 512
[  279.113646][T17325] ext4 filesystem being mounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  279.962944][T17335] loop0: detected capacity change from 0 to 2048
[  280.010582][T17335] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.3290: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  280.039650][T17344] loop3: detected capacity change from 0 to 512
[  280.055009][T17346] loop5: detected capacity change from 0 to 512
[  280.072736][T17335] EXT4-fs (loop0): Remounting filesystem read-only
[  280.095823][T17344] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3294: iget: bad extended attribute block 1
[  280.108778][T17335] xt_hashlimit: max too large, truncated to 1048576
[  280.131898][T17346] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3295: iget: bad extended attribute block 1
[  280.152434][T17344] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3294: couldn't read orphan inode 15 (err -117)
[  280.169530][T17346] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3295: couldn't read orphan inode 15 (err -117)
[  280.914725][   T29] kauditd_printk_skb: 95 callbacks suppressed
[  280.914740][   T29] audit: type=1326 audit(1751022795.312:14652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  280.947448][   T29] audit: type=1326 audit(1751022795.342:14653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  280.971071][   T29] audit: type=1326 audit(1751022795.342:14654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  280.994815][   T29] audit: type=1326 audit(1751022795.342:14655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  281.018547][   T29] audit: type=1326 audit(1751022795.342:14656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  281.042126][   T29] audit: type=1326 audit(1751022795.342:14657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  281.065773][   T29] audit: type=1326 audit(1751022795.342:14658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  281.089371][   T29] audit: type=1326 audit(1751022795.342:14659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  281.113072][   T29] audit: type=1326 audit(1751022795.342:14660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  281.136690][   T29] audit: type=1326 audit(1751022795.342:14661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b9de929 code=0x7ffc0000
[  281.160461][T17295] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  281.528884][T17388] loop3: detected capacity change from 0 to 512
[  281.594955][T17388] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.625813][T17390] loop5: detected capacity change from 0 to 2048
[  281.655543][T17390] EXT4-fs mount: 68 callbacks suppressed
[  281.655560][T17390] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.645431][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.754665][T17427] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  282.790454][T17432] loop5: detected capacity change from 0 to 512
[  282.803884][T17432] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3319: iget: bad extended attribute block 1
[  282.890514][T17432] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3319: couldn't read orphan inode 15 (err -117)
[  282.910962][T17432] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.073545][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.345484][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.393816][T17450] loop3: detected capacity change from 0 to 2048
[  283.417698][T17450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.444579][T17456] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3328'.
[  283.650793][T17461] loop0: detected capacity change from 0 to 2048
[  283.689838][T17461] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.716272][T17461] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.3330: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  283.775363][T17461] EXT4-fs (loop0): Remounting filesystem read-only
[  283.815608][T17461] xt_hashlimit: max too large, truncated to 1048576
[  283.818135][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.882650][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.103736][T17487] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3339'.
[  284.654218][T17517] loop5: detected capacity change from 0 to 512
[  284.666229][T17517] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3346: iget: bad extended attribute block 1
[  284.678919][T17517] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3346: couldn't read orphan inode 15 (err -117)
[  284.692067][T17517] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.867203][T17526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3348'.
[  285.001662][T17531] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3350'.
[  285.031213][T17533] tipc: Started in network mode
[  285.036124][T17533] tipc: Node identity ac14140f, cluster identity 4711
[  285.043798][T17533] tipc: New replicast peer: 255.255.255.83
[  285.049720][T17533] tipc: Enabled bearer <udp:£>, priority 10
[  285.061473][T17533] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2576 sclass=netlink_route_socket pid=17533 comm=syz.2.3351
[  285.083150][T17533] loop2: detected capacity change from 0 to 1024
[  285.090194][T17533] EXT4-fs: Ignoring removed nomblk_io_submit option
[  285.102804][T17533] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.131690][T16712] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.502249][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.464917][    T9] tipc: Node number set to 2886997007
[  287.417333][   T29] kauditd_printk_skb: 192 callbacks suppressed
[  287.417347][   T29] audit: type=1107 audit(1751022801.622:14854): pid=17556 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  287.469653][   T29] audit: type=1326 audit(1751022801.862:14855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.493314][   T29] audit: type=1326 audit(1751022801.862:14856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.516894][   T29] audit: type=1326 audit(1751022801.862:14857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.540490][   T29] audit: type=1326 audit(1751022801.862:14858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.564151][   T29] audit: type=1326 audit(1751022801.862:14859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.587771][   T29] audit: type=1326 audit(1751022801.862:14860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.611342][   T29] audit: type=1326 audit(1751022801.862:14861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.634973][   T29] audit: type=1326 audit(1751022801.862:14862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.658555][   T29] audit: type=1326 audit(1751022801.862:14863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17564 comm="syz.0.3362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  287.992212][T17573] netlink: 'syz.3.3365': attribute type 4 has an invalid length.
[  288.000229][T17573] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.3365'.
[  288.079728][T17582] loop2: detected capacity change from 0 to 512
[  288.088945][T17582] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.3368: iget: bad extended attribute block 1
[  288.102517][T17582] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3368: couldn't read orphan inode 15 (err -117)
[  288.117531][T17580] netlink: 'syz.3.3367': attribute type 10 has an invalid length.
[  288.126712][T17580] macvlan1: entered promiscuous mode
[  288.132228][T17580] macvlan1: entered allmulticast mode
[  288.142872][T17580] veth1_vlan: entered allmulticast mode
[  288.149374][T17582] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.163573][T17580] bond0: (slave macvlan1): Enslaving as an active interface with an up link
[  288.271778][T17595] loop3: detected capacity change from 0 to 512
[  288.279990][T17595] EXT4-fs (loop3): orphan cleanup on readonly fs
[  288.287240][T17595] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3371: bg 0: block 248: padding at end of block bitmap is not set
[  288.303603][T17595] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3371: Failed to acquire dquot type 1
[  288.315728][T17595] EXT4-fs (loop3): 1 truncate cleaned up
[  288.322958][T17595] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  288.336587][T17595] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  288.353791][T17595] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  288.376732][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.414884][T17599] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  288.903568][T17619] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3378'.
[  289.057652][T16712] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.084367][T17626] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3377'.
[  289.644586][T17633] loop2: detected capacity change from 0 to 1024
[  289.677094][T17633] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.707757][T17633] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.3382: Allocating blocks 385-513 which overlap fs metadata
[  289.724284][T17640] loop5: detected capacity change from 0 to 512
[  289.738119][T17633] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3382'.
[  289.748310][T17640] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3384: iget: bad extended attribute block 1
[  289.751177][T17642] netlink: 176 bytes leftover after parsing attributes in process `syz.0.3383'.
[  289.761967][T17640] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3384: couldn't read orphan inode 15 (err -117)
[  289.786454][T17640] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.839189][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.856449][T17642] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3383'.
[  290.423783][T17632] EXT4-fs (loop2): pa ffff88810049b930: logic 16, phys. 129, len 24
[  290.431915][T17632] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  290.493015][T16712] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.541029][T17670] loop2: detected capacity change from 0 to 512
[  290.549172][T17670] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.3395: iget: bad extended attribute block 1
[  290.562929][T17670] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3395: couldn't read orphan inode 15 (err -117)
[  290.575336][T17670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.690065][T16712] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.103883][T17681] FAULT_INJECTION: forcing a failure.
[  291.103883][T17681] name failslab, interval 1, probability 0, space 0, times 0
[  291.116562][T17681] CPU: 0 UID: 0 PID: 17681 Comm: syz.5.3400 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  291.116630][T17681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.116646][T17681] Call Trace:
[  291.116653][T17681]  <TASK>
[  291.116661][T17681]  __dump_stack+0x1d/0x30
[  291.116683][T17681]  dump_stack_lvl+0xe8/0x140
[  291.116703][T17681]  dump_stack+0x15/0x1b
[  291.116775][T17681]  should_fail_ex+0x265/0x280
[  291.116804][T17681]  should_failslab+0x8c/0xb0
[  291.116830][T17681]  __kmalloc_node_noprof+0xa9/0x410
[  291.116862][T17681]  ? qdisc_alloc+0x65/0x440
[  291.116974][T17681]  qdisc_alloc+0x65/0x440
[  291.117007][T17681]  ? nla_strcmp+0xc3/0xe0
[  291.117047][T17681]  qdisc_create+0xf5/0x9e0
[  291.117078][T17681]  tc_modify_qdisc+0xe2c/0x1380
[  291.117170][T17681]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  291.117196][T17681]  rtnetlink_rcv_msg+0x65a/0x6d0
[  291.117229][T17681]  netlink_rcv_skb+0x120/0x220
[  291.117266][T17681]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  291.117427][T17681]  rtnetlink_rcv+0x1c/0x30
[  291.117450][T17681]  netlink_unicast+0x5a1/0x670
[  291.117501][T17681]  netlink_sendmsg+0x58b/0x6b0
[  291.117520][T17681]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.117540][T17681]  __sock_sendmsg+0x142/0x180
[  291.117568][T17681]  ____sys_sendmsg+0x31e/0x4e0
[  291.117620][T17681]  ___sys_sendmsg+0x17b/0x1d0
[  291.117673][T17681]  __x64_sys_sendmsg+0xd4/0x160
[  291.117787][T17681]  x64_sys_call+0x2999/0x2fb0
[  291.117841][T17681]  do_syscall_64+0xd2/0x200
[  291.117862][T17681]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  291.117894][T17681]  ? clear_bhb_loop+0x40/0x90
[  291.117938][T17681]  ? clear_bhb_loop+0x40/0x90
[  291.117979][T17681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.118044][T17681] RIP: 0033:0x7facdf37e929
[  291.118064][T17681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.118088][T17681] RSP: 002b:00007facdd9e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  291.118112][T17681] RAX: ffffffffffffffda RBX: 00007facdf5a5fa0 RCX: 00007facdf37e929
[  291.118173][T17681] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  291.118185][T17681] RBP: 00007facdd9e7090 R08: 0000000000000000 R09: 0000000000000000
[  291.118199][T17681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.118211][T17681] R13: 0000000000000000 R14: 00007facdf5a5fa0 R15: 00007fff231048c8
[  291.118250][T17681]  </TASK>
[  291.409424][T17685] loop5: detected capacity change from 0 to 512
[  291.420362][T17685] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3401: iget: bad extended attribute block 1
[  291.434437][T17683] loop2: detected capacity change from 0 to 2048
[  291.443343][T17685] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3401: couldn't read orphan inode 15 (err -117)
[  291.457532][T17683] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.469981][T17685] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.705809][T17696] loop0: detected capacity change from 0 to 512
[  291.816155][T17696] EXT4-fs (loop0): orphan cleanup on readonly fs
[  291.823374][T17696] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3403: bg 0: block 248: padding at end of block bitmap is not set
[  291.838144][T17696] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3403: Failed to acquire dquot type 1
[  291.850194][T17696] EXT4-fs (loop0): 1 truncate cleaned up
[  291.864220][T17696] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  291.976765][T17696] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  292.090791][T17696] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  292.256939][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.413238][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.415190][T17707] loop0: detected capacity change from 0 to 512
[  292.436290][T17707] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3407: iget: bad extended attribute block 1
[  292.449015][T17707] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3407: couldn't read orphan inode 15 (err -117)
[  292.475516][T17707] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.509398][T17710] loop5: detected capacity change from 0 to 512
[  292.523334][   T29] kauditd_printk_skb: 402 callbacks suppressed
[  292.523347][   T29] audit: type=1326 audit(1751022806.922:15262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17711 comm="syz.1.3409" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b9de929 code=0x0
[  292.614992][T17710] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3408: iget: bad extended attribute block 1
[  292.628552][T17710] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3408: couldn't read orphan inode 15 (err -117)
[  292.641915][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.659517][T17710] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.693152][T17718] netlink: 'syz.0.3410': attribute type 4 has an invalid length.
[  292.700974][T17718] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3410'.
[  292.735845][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.043910][T16712] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.632529][   T29] audit: type=1326 audit(1751022808.032:15263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.666718][   T29] audit: type=1326 audit(1751022808.052:15264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.690463][   T29] audit: type=1326 audit(1751022808.052:15265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.714099][   T29] audit: type=1326 audit(1751022808.052:15266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.737723][   T29] audit: type=1326 audit(1751022808.052:15267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.761359][   T29] audit: type=1326 audit(1751022808.052:15268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.785106][   T29] audit: type=1326 audit(1751022808.052:15269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.808769][   T29] audit: type=1326 audit(1751022808.052:15270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.832430][   T29] audit: type=1326 audit(1751022808.052:15271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17850 comm="syz.3.3419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc40de7e929 code=0x7ffc0000
[  293.911904][T17879] loop3: detected capacity change from 0 to 512
[  293.920448][T17879] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3423: iget: bad extended attribute block 1
[  293.934867][T17879] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3423: couldn't read orphan inode 15 (err -117)
[  293.948581][T17879] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.980059][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.004101][T17886] loop3: detected capacity change from 0 to 2048
[  294.031477][T17886] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.423745][T17896] loop5: detected capacity change from 0 to 512
[  294.432131][T17896] EXT4-fs (loop5): orphan cleanup on readonly fs
[  294.439013][T17896] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3429: bg 0: block 248: padding at end of block bitmap is not set
[  294.456291][T17896] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3429: Failed to acquire dquot type 1
[  294.468449][T17896] EXT4-fs (loop5): 1 truncate cleaned up
[  294.475592][T17896] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  294.492772][T17896] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  294.513393][T17896] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  294.535044][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.561912][T17901] loop5: detected capacity change from 0 to 2048
[  294.573469][T17901] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.593414][T17901] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.3430: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  294.610165][T17901] EXT4-fs (loop5): Remounting filesystem read-only
[  294.625425][T17901] xt_hashlimit: max too large, truncated to 1048576
[  294.659484][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.685029][T17906] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  294.696365][T17905] IPVS: stopping master sync thread 17906 ...
[  294.735531][T17910] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3433'.
[  294.884689][T17922] netlink: 176 bytes leftover after parsing attributes in process `syz.2.3438'.
[  294.933578][T17922] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3438'.
[  295.118551][T17926] loop5: detected capacity change from 0 to 512
[  295.127625][T17926] EXT4-fs (loop5): orphan cleanup on readonly fs
[  295.136841][T17926] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3440: bg 0: block 248: padding at end of block bitmap is not set
[  295.154760][T17926] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3440: Failed to acquire dquot type 1
[  295.167262][T17926] EXT4-fs (loop5): 1 truncate cleaned up
[  295.174687][T17926] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  295.201384][T17926] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  295.220752][T17926] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  295.242507][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.278393][T17932] netlink: 'syz.5.3441': attribute type 4 has an invalid length.
[  295.286380][T17932] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.3441'.
[  295.385142][T17942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3445'.
[  296.791760][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.189334][T18050] loop3: detected capacity change from 0 to 512
[  297.206686][T18050] EXT4-fs (loop3): orphan cleanup on readonly fs
[  297.223119][T18050] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3453: bg 0: block 248: padding at end of block bitmap is not set
[  297.254781][T18050] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3453: Failed to acquire dquot type 1
[  297.274802][T18050] EXT4-fs (loop3): 1 truncate cleaned up
[  297.288090][T18050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  297.315013][T18050] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  297.351447][T18050] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  297.406507][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.476445][T18070] netlink: 'syz.3.3455': attribute type 4 has an invalid length.
[  297.484360][T18070] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.3455'.
[  297.552502][T18071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3454'.
[  297.635769][T18084] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3457'.
[  298.349695][T18117] netlink: 176 bytes leftover after parsing attributes in process `syz.2.3462'.
[  298.674200][   T29] kauditd_printk_skb: 296 callbacks suppressed
[  298.674219][   T29] audit: type=1326 audit(1751022813.072:15562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18123 comm="syz.5.3465" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7facdf37e929 code=0x0
[  299.007706][   T29] audit: type=1326 audit(1751022813.402:15563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.031598][   T29] audit: type=1326 audit(1751022813.402:15564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.055412][   T29] audit: type=1326 audit(1751022813.402:15565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.079363][   T29] audit: type=1326 audit(1751022813.402:15566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.103157][   T29] audit: type=1326 audit(1751022813.402:15567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.126965][   T29] audit: type=1326 audit(1751022813.402:15568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.150679][   T29] audit: type=1326 audit(1751022813.402:15569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.174360][   T29] audit: type=1326 audit(1751022813.402:15570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.198075][   T29] audit: type=1326 audit(1751022813.402:15571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.0.3466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69d8e4e929 code=0x7ffc0000
[  299.391187][T18154] loop0: detected capacity change from 0 to 1024
[  299.413410][   T23] IPVS: starting estimator thread 0...
[  299.419493][T18156] IPVS: set_ctl: invalid protocol: 136 10.1.1.1:20001
[  299.447727][T18154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.491948][T18154] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.3475: Allocating blocks 385-513 which overlap fs metadata
[  299.519228][T18158] IPVS: using max 2064 ests per chain, 103200 per kthread
[  299.526779][T18164] netlink: 176 bytes leftover after parsing attributes in process `syz.3.3477'.
[  299.559982][T18153] EXT4-fs (loop0): pa ffff88810049b930: logic 16, phys. 129, len 24
[  299.568269][T18153] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  299.595023][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.757406][T18189] FAULT_INJECTION: forcing a failure.
[  299.757406][T18189] name failslab, interval 1, probability 0, space 0, times 0
[  299.770334][T18189] CPU: 0 UID: 0 PID: 18189 Comm: syz.5.3486 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  299.770368][T18189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.770385][T18189] Call Trace:
[  299.770393][T18189]  <TASK>
[  299.770403][T18189]  __dump_stack+0x1d/0x30
[  299.770427][T18189]  dump_stack_lvl+0xe8/0x140
[  299.770505][T18189]  dump_stack+0x15/0x1b
[  299.770531][T18189]  should_fail_ex+0x265/0x280
[  299.770596][T18189]  should_failslab+0x8c/0xb0
[  299.770705][T18189]  kmem_cache_alloc_noprof+0x50/0x310
[  299.770797][T18189]  ? getname_flags+0x80/0x3b0
[  299.770837][T18189]  getname_flags+0x80/0x3b0
[  299.770866][T18189]  do_sys_openat2+0x60/0x110
[  299.770902][T18189]  __x64_sys_openat+0xf2/0x120
[  299.770930][T18189]  x64_sys_call+0x1af/0x2fb0
[  299.770977][T18189]  do_syscall_64+0xd2/0x200
[  299.770999][T18189]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  299.771032][T18189]  ? clear_bhb_loop+0x40/0x90
[  299.771079][T18189]  ? clear_bhb_loop+0x40/0x90
[  299.771103][T18189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.771130][T18189] RIP: 0033:0x7facdf37e929
[  299.771148][T18189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.771206][T18189] RSP: 002b:00007facdd9e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  299.771225][T18189] RAX: ffffffffffffffda RBX: 00007facdf5a5fa0 RCX: 00007facdf37e929
[  299.771238][T18189] RDX: 0000000000004200 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  299.771254][T18189] RBP: 00007facdd9e7090 R08: 0000000000000000 R09: 0000000000000000
[  299.771266][T18189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.771278][T18189] R13: 0000000000000001 R14: 00007facdf5a5fa0 R15: 00007fff231048c8
[  299.771335][T18189]  </TASK>
[  299.977148][T18194] loop5: detected capacity change from 0 to 512
[  299.985950][T18194] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3488: iget: bad extended attribute block 1
[  299.999481][T18194] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3488: couldn't read orphan inode 15 (err -117)
[  300.013212][T18194] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.019650][T18197] loop0: detected capacity change from 0 to 1024
[  300.032345][T18197] EXT4-fs: Ignoring removed nobh option
[  300.038224][T18197] EXT4-fs: Ignoring removed bh option
[  300.052748][T18197] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.067303][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.069811][T18197] vlan2: entered allmulticast mode
[  300.196963][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.206309][T18214] loop5: detected capacity change from 0 to 512
[  300.215248][T18214] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  300.225676][T18214] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.3493: invalid block
[  300.239539][T18214] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3493: invalid indirect mapped block 4294967295 (level 1)
[  300.273226][T18214] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3493: invalid indirect mapped block 4294967295 (level 1)
[  300.320660][T18225] netlink: 'syz.3.3498': attribute type 4 has an invalid length.
[  300.328465][T18225] __nla_validate_parse: 1 callbacks suppressed
[  300.328479][T18225] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.3498'.
[  300.395199][T18214] EXT4-fs (loop5): 2 truncates cleaned up
[  300.398398][T18231] loop3: detected capacity change from 0 to 512
[  300.416628][T18231] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3500: iget: bad extended attribute block 1
[  300.419216][T18214] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.444673][T18231] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3500: couldn't read orphan inode 15 (err -117)
[  300.453634][T18214] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.3493: bg 0: block 5: invalid block bitmap
[  300.580912][T18231] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.795817][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.921156][T18252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3504'.
[  300.955126][T18252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3504'.
[  301.084874][T18266] netlink: 'syz.1.3511': attribute type 4 has an invalid length.
[  301.092724][T18266] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.3511'.
[  301.103129][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.112978][T18269] netlink: 176 bytes leftover after parsing attributes in process `syz.3.3510'.
[  301.151597][T18275] loop5: detected capacity change from 0 to 512
[  301.159508][T18275] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.3515: iget: bad extended attribute block 1
[  301.172185][T18275] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3515: couldn't read orphan inode 15 (err -117)
[  301.184600][T18275] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.217809][ T7806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.365865][T18292] lo speed is unknown, defaulting to 1000
[  301.381130][T18294] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3519'.
[  301.559036][T18309] netlink: 'syz.0.3525': attribute type 4 has an invalid length.
[  301.566970][T18309] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3525'.
[  301.767461][T18330] loop0: detected capacity change from 0 to 2048
[  301.781877][T18330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.798422][T18330] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.3529: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  301.817015][T18330] EXT4-fs (loop0): Remounting filesystem read-only
[  301.828067][T18330] xt_hashlimit: max too large, truncated to 1048576
[  301.859139][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.946495][T18342] loop2: detected capacity change from 0 to 128
[  301.986553][T18347] FAULT_INJECTION: forcing a failure.
[  301.986553][T18347] name failslab, interval 1, probability 0, space 0, times 0
[  301.999434][T18347] CPU: 0 UID: 0 PID: 18347 Comm: syz.3.3536 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  301.999467][T18347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.999481][T18347] Call Trace:
[  301.999488][T18347]  <TASK>
[  301.999526][T18347]  __dump_stack+0x1d/0x30
[  301.999609][T18347]  dump_stack_lvl+0xe8/0x140
[  301.999630][T18347]  dump_stack+0x15/0x1b
[  301.999648][T18347]  should_fail_ex+0x265/0x280
[  301.999690][T18347]  should_failslab+0x8c/0xb0
[  301.999714][T18347]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  301.999825][T18347]  ? sidtab_sid2str_get+0xa0/0x130
[  301.999853][T18347]  kmemdup_noprof+0x2b/0x70
[  301.999879][T18347]  sidtab_sid2str_get+0xa0/0x130
[  301.999941][T18347]  security_sid_to_context_core+0x1eb/0x2e0
[  301.999967][T18347]  security_sid_to_context+0x27/0x40
[  301.999990][T18347]  selinux_lsmprop_to_secctx+0x67/0xf0
[  302.000016][T18347]  security_lsmprop_to_secctx+0x43/0x80
[  302.000051][T18347]  audit_log_task_context+0x77/0x190
[  302.000089][T18347]  audit_log_task+0xf4/0x250
[  302.000122][T18347]  audit_seccomp+0x61/0x100
[  302.000283][T18347]  ? __seccomp_filter+0x68c/0x10d0
[  302.000389][T18347]  __seccomp_filter+0x69d/0x10d0
[  302.000420][T18347]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  302.000461][T18347]  ? vfs_write+0x75e/0x8e0
[  302.000494][T18347]  ? __rcu_read_unlock+0x4f/0x70
[  302.000560][T18347]  ? __fget_files+0x184/0x1c0
[  302.000593][T18347]  __secure_computing+0x82/0x150
[  302.000617][T18347]  syscall_trace_enter+0xcf/0x1e0
[  302.000668][T18347]  do_syscall_64+0xac/0x200
[  302.000693][T18347]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.000721][T18347]  ? clear_bhb_loop+0x40/0x90
[  302.000861][T18347]  ? clear_bhb_loop+0x40/0x90
[  302.000884][T18347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.000923][T18347] RIP: 0033:0x7fc40de7e929
[  302.000940][T18347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.000961][T18347] RSP: 002b:00007fc40c4e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  302.000982][T18347] RAX: ffffffffffffffda RBX: 00007fc40e0a5fa0 RCX: 00007fc40de7e929
[  302.000997][T18347] RDX: 00000000000000cc RSI: 0000000000000000 RDI: 0000000000000006
[  302.001010][T18347] RBP: 00007fc40c4e7090 R08: 000000000000003c R09: 0000000000000000
[  302.001023][T18347] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  302.001036][T18347] R13: 0000000000000000 R14: 00007fc40e0a5fa0 R15: 00007ffd1c672888
[  302.001119][T18347]  </TASK>
[  302.252710][T18348] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3536'.
[  302.657704][T18389] loop3: detected capacity change from 0 to 512
[  302.665670][T18389] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.3547: iget: bad extended attribute block 1
[  302.679005][T18389] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3547: couldn't read orphan inode 15 (err -117)
[  302.692432][T18389] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.728344][T16464] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.767133][T18398] loop0: detected capacity change from 0 to 512
[  302.784105][T18398] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.3549: iget: bad extended attribute block 1
[  302.798219][T18398] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3549: couldn't read orphan inode 15 (err -117)
[  302.812108][T18398] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.891759][T14670] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.916090][T18412] loop3: detected capacity change from 0 to 512
[  302.921890][T18414] loop0: detected capacity change from 0 to 2048
[  302.930862][T18412] EXT4-fs (loop3): invalid inodes per group: 65535
[  302.930862][T18412] 
[  302.943360][T18414] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.959934][T18414] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.3554: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  302.978685][T18414] EXT4-fs (loop0): Remounting filesystem read-only
[  302.991278][T18414] xt_hashlimit: max too large, truncated to 1048576
[  303.000557][    C0] ==================================================================
[  303.008684][    C0] BUG: KCSAN: data-race in pollwake / pollwake
[  303.014872][    C0] 
[  303.017216][    C0] write to 0xffffc9000310f9e0 of 4 bytes by interrupt on cpu 1:
[  303.024869][    C0]  pollwake+0xb6/0x100
[  303.028959][    C0]  __wake_up+0x63/0xb0
[  303.033063][    C0]  bpf_ringbuf_notify+0x22/0x30
[  303.038053][    C0]  irq_work_run+0xdf/0x2d0
[  303.042516][    C0]  __sysvec_irq_work+0x22/0x170
[  303.047381][    C0]  sysvec_irq_work+0x66/0x80
[  303.051989][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  303.056932][    C0]  finish_task_switch+0xb6/0x2b0
[  303.061869][    C0]  __schedule+0x6a8/0xb30
[  303.066554][    C0]  schedule+0x5f/0xd0
[  303.071148][    C0]  schedule_hrtimeout_range_clock+0xf7/0x180
[  303.077152][    C0]  schedule_hrtimeout_range+0x28/0x40
[  303.082618][    C0]  do_epoll_wait+0x840/0x940
[  303.087228][    C0]  __se_sys_epoll_pwait+0x157/0x270
[  303.092437][    C0]  __x64_sys_epoll_pwait+0x78/0x90
[  303.097555][    C0]  x64_sys_call+0x298e/0x2fb0
[  303.102238][    C0]  do_syscall_64+0xd2/0x200
[  303.106743][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.112727][    C0] 
[  303.115052][    C0] write to 0xffffc9000310f9e0 of 4 bytes by interrupt on cpu 0:
[  303.122681][    C0]  pollwake+0xb6/0x100
[  303.126867][    C0]  __wake_up+0x63/0xb0
[  303.130951][    C0]  bpf_ringbuf_notify+0x22/0x30
[  303.135820][    C0]  irq_work_run+0xdf/0x2d0
[  303.140246][    C0]  __sysvec_irq_work+0x22/0x170
[  303.145092][    C0]  sysvec_irq_work+0x2f/0x80
[  303.149686][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  303.154624][    C0]  native_apic_msr_write+0x3d/0x60
[  303.159746][    C0]  x2apic_send_IPI_self+0x10/0x20
[  303.164778][    C0]  arch_irq_work_raise+0x46/0x50
[  303.169729][    C0]  __irq_work_queue_local+0x10f/0x2c0
[  303.175131][    C0]  irq_work_queue+0x70/0x100
[  303.179729][    C0]  bpf_ringbuf_discard+0xd3/0xf0
[  303.184674][    C0]  bpf_prog_fe0ed97373b08409+0x4b/0x4f
[  303.190134][    C0]  bpf_trace_run3+0x199/0x1d0
[  303.194816][    C0]  __traceiter_kmem_cache_free+0x38/0x60
[  303.200549][    C0]  kmem_cache_free+0x257/0x300
[  303.205335][    C0]  inode_free_by_rcu+0x36/0x70
[  303.210116][    C0]  rcu_core+0x5a2/0xc00
[  303.214284][    C0]  rcu_core_si+0xd/0x20
[  303.218441][    C0]  handle_softirqs+0xba/0x290
[  303.223123][    C0]  __irq_exit_rcu+0x3a/0xc0
[  303.227625][    C0]  sysvec_irq_work+0x6b/0x80
[  303.232223][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  303.237180][    C0]  finish_task_switch+0xb6/0x2b0
[  303.242124][    C0]  __schedule+0x6a8/0xb30
[  303.246460][    C0]  schedule+0x5f/0xd0
[  303.250447][    C0]  smpboot_thread_fn+0x370/0x530
[  303.255393][    C0]  kthread+0x486/0x510
[  303.259463][    C0]  ret_from_fork+0xda/0x150
[  303.263966][    C0]  ret_from_fork_asm+0x1a/0x30
[  303.268733][    C0] 
[  303.271052][    C0] value changed: 0x00000000 -> 0x00000001
[  303.276768][    C0] 
[  303.279085][    C0] Reported by Kernel Concurrency Sanitizer on:
[  303.285234][    C0] CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  303.297568][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  303.307620][    C0] ==================================================================