last executing test programs:

7m57.379978533s ago: executing program 2 (id=3120):
syz_emit_ethernet(0x102, &(0x7f0000000cc0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @val={@val={0x88a8, 0x6}, {0x8100, 0x3, 0x1, 0x2}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '@\x00', 0xc4, 0x6, 0x1, @empty, @local, {[@dstopts={0xc, 0x13, '\x00', [@calipso={0x7, 0x10, {0x0, 0x2, 0xd, 0x6, [0xcb]}}, @generic={0xc, 0x7e, "c2081d97de99e395ccf5dfbb5e4ffbf31d23bc3323d59502083678d45533dece21e3798c0bdad7152860eb61da0ebafb08512b63f6b4361322d104551b7645e7942a8cd2204224e39e5196bf833f3e04212ded48fd32dd7c7a960a459e36dc921a2ffd56d318383d510ed16ac649b610eba1d537cf8498ab7ca11abd4708"}, @jumbo={0xc2, 0x4, 0x8}, @enc_lim={0x4, 0x1, 0x8}]}, @fragment={0x5e, 0x0, 0x5, 0x0, 0x0, 0x19, 0x65}], {{0x4e21, 0x4e1e, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0x13}}}}}}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000380), 0x101401, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000500)=0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000001280), 0x6)
socket$inet6(0xa, 0x3, 0xff)
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r5=>0x0, &(0x7f0000000580)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x100000004, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
rt_sigsuspend(0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYRESOCT=r0], &(0x7f00000001c0)='GPL\x00'}, 0x94)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
dup(r9)
truncate(&(0x7f0000000000)='./file1\x00', 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, r7}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

7m57.195877676s ago: executing program 2 (id=3123):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=ANY=[@ANYBLOB], 0x23c}}, 0x0)

7m57.113423308s ago: executing program 2 (id=3124):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r0, 0x4, 0x42400)

7m56.95877754s ago: executing program 2 (id=3127):
syz_emit_ethernet(0x102, &(0x7f0000000cc0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @val={@val={0x88a8, 0x6}, {0x8100, 0x3, 0x1, 0x2}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '@\x00', 0xc4, 0x6, 0x1, @empty, @local, {[@dstopts={0xc, 0x13, '\x00', [@calipso={0x7, 0x10, {0x0, 0x2, 0xd, 0x6, [0xcb]}}, @generic={0xc, 0x7e, "c2081d97de99e395ccf5dfbb5e4ffbf31d23bc3323d59502083678d45533dece21e3798c0bdad7152860eb61da0ebafb08512b63f6b4361322d104551b7645e7942a8cd2204224e39e5196bf833f3e04212ded48fd32dd7c7a960a459e36dc921a2ffd56d318383d510ed16ac649b610eba1d537cf8498ab7ca11abd4708"}, @jumbo={0xc2, 0x4, 0x8}, @enc_lim={0x4, 0x1, 0x8}]}, @fragment={0x5e, 0x0, 0x5, 0x0, 0x0, 0x19, 0x65}], {{0x4e21, 0x4e1e, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0x13}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000380), 0x101401, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000500)=0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000001280), 0x6)
socket$inet6(0xa, 0x3, 0xff)
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r4=>0x0, &(0x7f0000000580))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@noquota}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x2, 0x4f3, &(0x7f0000000700)="$eJzs3c9vG0sdAPDvOnGTtHk4Dzg8nsSjgofSCmonDW0jDiVICE6VKOXCKYTEiaI4cRQ7bRNVKBV/ABLil+DEiQsSZ4SE+icgpEpwRwiBKmjLgQNgtM6ahtRJnNc4buPPR5ru7M7ufmfqeOzZWXkD6FsXI2ImIgYi4nJEFLLtuSzFzm5K93v29MF8mpJoDN35WxJJtq11riRbXsgOG46Ir30l4lvJy3FrW9src5VKeSNbL9VX10u1re0ry6tzS+Wl8trM1OT16RvT16YnTqytN7/05x9+9+dfvvmbz9774+xfL307rdZoVra3HZ3Y6XC/3abnm/8XLYMRsXGcYK+xgaw9+V5XBACAjqTf8T8cEZ+MiOc/6XVtAAAAgG5ofGE0/pVENAAAAIAzK9e8BzbJFbN7AUYjlysWd+/h/Wicz1WqtfpnFqubawu798qORT63uFwpT2T3Co9FPknXJ5v5F+tX961PRcTbEfH9wkhzvThfrSz0+uIHAAAA9IkL+8b//yjsjv8BAACAM2as1xUAAAAAus74HwAAAM6+A8f/yeDpVgQAAADohq/eupWmRuv51wt3tzZXqnevLJRrK8XVzfnifHVjvbhUrS41f7Nv9ajzVarV9c/F2ub9Ur1cq5dqW9uzq9XNtfps87nes+VG4VSaBQAAAOzx9ice/SGJiJ3PjzRT6lxWlj/68Jnu1g7optzxdk+6VQ/g9A30ugJAz7jBF/pXB2N84Iw7YmD/g33rx7xsAAAAvA7GP/ZK8//mA+ENZiAP/cv8P/Qv8//Qv8z/Q58bOnqX4YMKfnvCdQEAALpmtJmSXDGbCxyNXK5YjHir+ViAfLK4XClPRMSHIuL3hfxQuj7Z60oDAAAAAAAAAAAAAAAAAAAAAAAAwBum0UiiAQAAAJxpEbm/JNmD/McL74/uvz5wLvlnobmMiHs/vfOj+3P1+sZkuv3v/9te/3G2/WprS+obp3wlAwAAAGhpjdNb43gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEnPnj6Yb6XTjPvkixEx1i7+YAw3l8O/KkTE+edJDO45LomIgROIv/MwIt5pFz9JqxVjWS32x89FxEiP4184gfjQzx6l/c9M+v7L73v/5eJic9n+/TeYpVf15OJB/V+u1f81+7l2/d9bh596uJV59/EvSy+VFrL4DyPeHWzf/7TiJ+3in+u8jd/8+vb2QWWNn0WMH/H5k8Yv1VfXS7Wt7SvLq3NL5aXy2tTU5PXpG9PXpidKi8uVcvZv2xjf+/iv/3NQ/LT959vG3+1/D2x/RLzfYfv//fj+048cEv/Sp9q//u8cEj/9m/h09jmQlo+38ju7+b3e+8Xv3jus/QsHtP/Q1z8iLnXY/su3v/OnDncFAE5BbWt7Za5SKW90JTPStTPLpJnq2lH7pN8TP3CI/Kn8kch0M3M7ew2PfXgPOyUAAKArXnzp319yjAkeAAAAAAAAAAAAAAAAAAAA4JV0/UfIhv7/lwWGe9dUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBD/TcAAP//V7HNuw==")
chmod(&(0x7f0000000340)='./file1\x00', 0x0)

7m56.587249216s ago: executing program 2 (id=3131):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000b0000000000011907800000000ac1414aaecff4d20009c907801000000000000007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1375461caaa2f1993650096c7096ffeeb03000000000000649a3bfbc1f39cb307b3472eb9cdb042d2643f930e9fc1608c33ccf4fd8a952309"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x2, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
lremovexattr(0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r4, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)
r5 = syz_open_procfs(0x0, &(0x7f0000000340)='net/fib_trie\x00')
lseek(r5, 0x1, 0x0)

7m56.447249458s ago: executing program 2 (id=3132):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
listen(r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) (async)
r2 = getpid()
madvise(&(0x7f000068d000/0x2000)=nil, 0x2000, 0x16) (async)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x9}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000feffffff0000000000006bcd850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000200)="1fce66fbd35b013d2b4017c2c490", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x2}, 0x50) (async, rerun: 32)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)) (async, rerun: 32)
close(r0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000240), r4)

7m41.406924027s ago: executing program 32 (id=3132):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
listen(r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) (async)
r2 = getpid()
madvise(&(0x7f000068d000/0x2000)=nil, 0x2000, 0x16) (async)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x9}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000feffffff0000000000006bcd850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000200)="1fce66fbd35b013d2b4017c2c490", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x2}, 0x50) (async, rerun: 32)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)) (async, rerun: 32)
close(r0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000240), r4)

4.506624172s ago: executing program 3 (id=9348):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000001080)='./file0\x00', 0x40)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)

4.464783612s ago: executing program 3 (id=9350):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80)
open_by_handle_at(r0, &(0x7f0000000240)=ANY=[@ANYBLOB='\x00\v\x00\x00\x00\a\x00\x00\x00'], 0x36f0516f)

4.420081653s ago: executing program 3 (id=9351):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@i_version}, {@auto_da_alloc}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={<r1=>0x0}, &(0x7f00000000c0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="000000dfff000000b7080000000000007b8af8ff00000000bfa20000004942324ba86292a8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES64=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000d00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x20000080)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x13f}}, 0x20)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0xfe, 0x0, 0x8b, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0xfffffffffffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r5], 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r7, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pivot_root(0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r8, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000700)={0x40, r9, 0x1, 0x70bd28, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x6, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x90}]}]}]}]}, 0x40}}, 0x40040)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)

4.086359728s ago: executing program 3 (id=9355):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x9}, 0x20)
setsockopt$inet6_int(r2, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r2, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e21, 0x80000, @dev={0xfe, 0x80, '\x00', 0x1d}}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@hoplimit={{0x14, 0x29, 0x34, 0x6ed2}}], 0x18}, 0x40c0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000240), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

4.055304549s ago: executing program 3 (id=9357):
r0 = socket$caif_stream(0x25, 0x1, 0x2)
r1 = socket$inet6(0xa, 0xc0003, 0x0)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x6, 0xc, 0x2, 0x889}, {0x6, 0xf8, 0x3, 0x800}, {0x0, 0x22, 0x1, 0x4}]})
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e22, @remote}, 0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/114, 0x72, 0x0, &(0x7f0000000140)=""/194, 0xc2}, &(0x7f0000000280)=0x40)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x626880, 0x1b41a015101b96b9)
renameat2(r3, &(0x7f0000000300)='./file0\x00', r0, &(0x7f0000000340)='./file0\x00', 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r4, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0xb0, 0x3, 0x1, 0x0, 0x0, 0x0, {0x5}, [@CTA_TUPLE_MASTER={0x6c, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x14}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_MASTER={0x30, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x8c0}, 0x1404c805)
umount2(&(0x7f0000000500)='./file0\x00', 0x7)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r5, 0x110, 0x4, &(0x7f0000000540)=0x1, 0x4)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000640)={'\x00', 0x1, 0x6, 0x4, 0x6, 0x10, <r6=>0xffffffffffffffff})
r7 = perf_event_open(&(0x7f00000005c0)={0x0, 0x80, 0x5, 0x0, 0xeb, 0x3, 0x0, 0x8000, 0x8010, 0x58d4e570ff5e7e85, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000580), 0x6}, 0x400, 0x8, 0x2, 0x0, 0x3122, 0x8, 0x8, 0x0, 0x1, 0x0, 0x2663}, r6, 0xb, 0xffffffffffffffff, 0x1)
sendmsg$kcm(r7, &(0x7f0000000bc0)={&(0x7f00000006c0)=@qipcrtr={0x2a, 0xffffffff, 0x7ffe}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)="d78031fe5e93cadfa50950e9ac3bd178e1a79c303a41ca1b2a7a596569ceed55ea9ddbd49be89dca6079ebf943cf5d2eb19a283cb4a2ab", 0x37}, {&(0x7f0000000780)="7e714c49e6976a33b48bee332518e0cbf7235ef8abd4e958408231941624e9df", 0x20}, {&(0x7f00000007c0)="af3b63b7e0612c01c28d7937cab0d0a45fbdca6e820d302fbc1039834e8093d00a9b67ae389c59a143c17c0908ab4f7383bb4e017495ad87e2a20e50f80c8e7a33d3f375e07f493f441773924a0836ac7c4e915110b07a06b5bb73b5dae1f1b1f1539a5844bb902233b5fa3b14", 0x6d}], 0x3, &(0x7f0000000880)=[{0x48, 0x6, 0x7d, "915cc7d4a10cae83d210ac2dbcee05879662964c9716f6bab3deea09c3440776e618e545c228eb796cbcf3e50e9f1ecbe842"}, {0x30, 0x102, 0xe4f800, "3c09c24e6b536f7273a5284a6f0d5a2047187a07490b882d66482510a3174667"}, {0xe0, 0x10a, 0x101, "dccf34cbcf9be74ae8a550c6f6ad7c3cce5e49f9321f476fdb37b241dd457be6578ed201b57fc4e3324f9e8716c37ed9fc73544b626146b9b6edfae6ba0d6e867d1eb0b89412f4d6ce1a394e674abfd7f2e0eec758443a0a7e4a509a30d028cb1d3598ae490b9cc15729ea35f1da1085c730e0a80f35b8ab6c6264563abb5b1265c8456d16660718a53d053e985fefed3adf00a60e25b912602d6cfbe695f1d85c60c0f95de43ee5891ac7381af3e4365478065e2e48ea4912b3e978e59242f1fc43e15bca0963982962e2"}, {0x48, 0x104, 0xffffffff, "163e38ae50e231f789edfbb9176c09493ab22348f5c4e7c5dbbcbd6339bc5fb02c33f64bfbc6436e6e5cbebb428c05378e53a5dea121045f"}, {0x38, 0x119, 0x6, "69d74f2489775be1d7af33a56ef1c05083d3e27b1e0f9710d1e8386b836c1acdcf"}, {0x28, 0x185, 0x1, "369a5cb9390a9e9d2105def98b4002cfc43c9b6fd8b8"}, {0xa0, 0x114, 0x7, "d3cbc5e64db4fd0ff81bf9470078388b1637b46789bd92e1b14c6ff2821aee6f9485f6cb9595b349d83d20026fc7ddda5ee0db206cf7428b501991e10814d4c21983c838ff29556c4f7490b8315a699911785e0a58c89f813d0aaa977c9a2363637f9a4eb6a7d724d30dbc5dfef16e1e73b137d0f1301d771651d6f11817df04518cea0841bb7f5881ec"}, {0x78, 0x108, 0x8, "521ff9855375a7e7e6d536058a8876e542d6a0884e2e2208c062d18630a37e9c2e4f5a826887b5bad87a89be72225bc46af8ec3d67bd5c13bff54788a4697ea56af22f50e58ab62556fd91bb4710035f80dcca5fcae7dc3d753c09c4452796093f696d"}], 0x318}, 0xc000)
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000c00)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xf1, 0xf0, 0x0, [{{0x9, 0x4, 0x0, 0x7, 0x1, 0x7, 0x1, 0x3, 0xbd, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x1, 0x1, 0x5}}, [{{0x9, 0x5, 0x82, 0x2, 0x1af, 0xfd, 0x7, 0xf2}}]}}}]}}]}}, &(0x7f0000000f00)={0xa, &(0x7f0000000c40)={0xa, 0x6, 0x310, 0x3, 0x6, 0x1, 0x40, 0x4}, 0xfa, &(0x7f0000000c80)={0x5, 0xf, 0xfa, 0x4, [@ssp_cap={0xc, 0x10, 0xa, 0xb, 0x0, 0x8, 0xf0f, 0x1}, @generic={0xc1, 0x10, 0x3, "5cbab6fc10577e8164f586a26f7f5cb4ba2e4d7f253c08a3ae8e0012bead7151c4d52ab66cc21bc368d097593b821b165e0e24156da33164b98a0e0a494c08e1ed4ee914b915e7355c79222e104e1a88948728debb10c3bf6a48e4faa9497a8ae2a13afec8d85b5e6c74d20892fa864b6f875b2d88e7516770bce5be38d359c568dc18786cd025f82f3485629037dc3939b8d0f9485344b91eafa110ca48e65bd63f5212a0646a5a9300654571f24e93ff95eb704267c8c5815b3c839bdf"}, @ss_container_id={0x14, 0x10, 0x4, 0xff, "171c12fd26079d5eb21f7decb90fcbed"}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "5f80c9c5a7bcf9d9ec37abbe34de5517"}]}, 0x6, [{0x26, &(0x7f0000000d80)=@string={0x26, 0x3, "5c07ead8c6a35e009dbc6e56c9f580b85fc4d296a5f1bab546c3f8b88fb0ff6e720a7e60"}}, {0x4, &(0x7f0000000dc0)=@lang_id={0x4, 0x3, 0x459}}, {0x4, &(0x7f0000000e00)=@lang_id={0x4, 0x3, 0x813}}, {0x4, &(0x7f0000000e40)=@lang_id={0x4, 0x3, 0x100c}}, {0x4, &(0x7f0000000e80)=@lang_id={0x4, 0x3, 0x443}}, {0x1f, &(0x7f0000000ec0)=@string={0x1f, 0x3, "fce4ec9d8fb2a3b29bf28ce62211c4c522c692a05f7045d9230dd372c4"}}]})
ioctl$int_in(r7, 0x5452, &(0x7f0000000f80)=0x9)
r8 = syz_open_dev$sg(&(0x7f0000000fc0), 0x80000001, 0x181080)
sendto$inet(r2, &(0x7f0000001000)="b456af6e87302a9df551a9364f445280630ed4cf520931fe8c1b60e10888358ccd", 0x21, 0xc004, &(0x7f0000001040)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$int_in(r8, 0x5421, &(0x7f0000001080)=0x101)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000010c0)={0x0, 0x6, 0x10}, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000001100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x139, 0x139, 0xa, [@union={0x0, 0x5, 0x0, 0x5, 0x0, 0x7, [{0xf, 0x1, 0x2d}, {0xc, 0x4}, {0xd, 0x1, 0x10}, {0xd, 0x3, 0x4}, {0x2, 0x1, 0xfffffbff}]}, @union={0x0, 0x3, 0x0, 0x5, 0x1, 0x4, [{0x1, 0x4}, {0xc, 0x5, 0x8595}, {0xe, 0x3, 0x4}]}, @union={0x0, 0x5, 0x0, 0x5, 0x0, 0x5, [{0x4, 0x2, 0xfff}, {0x10, 0x2, 0xc}, {0x4, 0x7fffffff}, {0xb, 0x2, 0x2dd6}, {0xf, 0x2, 0x6}]}, @datasec={0x8, 0x9, 0x0, 0xf, 0x1, [{0x5, 0x200, 0x9}, {0x2, 0x3, 0x9}, {0x4, 0x7ff, 0x100}, {0x5, 0x3, 0xe92}, {0x1, 0x7fff, 0x6}, {0x2, 0x3, 0x483}, {0x3, 0x8, 0x7b3}, {0x4, 0xcac}, {0x2, 0x5, 0x9}], '5'}]}, {0x0, [0x0, 0x30, 0x30, 0x30, 0x2e, 0x61, 0x2f, 0x30]}}, &(0x7f0000001280)=""/200, 0x15e, 0xc8, 0x1, 0x2, 0x10000}, 0x28)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000001440)={{0x1, 0x1, 0x18, <r9=>r3}, './file0\x00'})
getsockopt$inet6_tcp_int(r9, 0x6, 0x6, &(0x7f0000001540), &(0x7f0000001580)=0x4)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r7, &(0x7f0000001680)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [""]}, 0x1c}}, 0x40)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0xb51290305afe1412}, 0xc, &(0x7f00000017c0)={&(0x7f0000001740)={0x58, 0x0, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xe}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xa6}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x1d}}]}, 0x58}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)

2.318988905s ago: executing program 4 (id=9377):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@i_version}, {@auto_da_alloc}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={<r1=>0x0}, &(0x7f00000000c0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="000000dfff000000b7080000000000007b8af8ff00000000bfa20000004942324ba86292a8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES64=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000d00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x20000080)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x13f}}, 0x20)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0xfe, 0x0, 0x8b, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0xfffffffffffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r5], 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r7, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pivot_root(0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r8, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000700)={0x40, r9, 0x1, 0x70bd28, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x6, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x90}]}]}]}]}, 0x40}}, 0x40040)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)

2.007682289s ago: executing program 1 (id=9382):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)

1.97607568s ago: executing program 1 (id=9384):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x2000, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="6401000019000100fcffffff00000000e0000002000000000000000000000000fe8000000000000000000000000000aa0000000300000000020000005e000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000ac0007"], 0x164}}, 0x0)

1.9675685s ago: executing program 4 (id=9385):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000300240248ff050005001200", 0x2e}], 0x1}, 0x0)

1.860390571s ago: executing program 1 (id=9387):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001180)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
unshare(0x2c020400)
r1 = msgget$private(0x0, 0x0)
msgsnd(r1, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0)
msgrcv(r1, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000080000000900000805000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000008000000000040000700000000000000ff00000000000cf2f36899b856f6075efc61ea3e842560bbcf9d94874e229d7a835007a410842cbd0226c23f1bfee8c65d6d2e50a588ec0e4b36ab366249d3e821d9ea808a6dba7e71307511e719af1884523246f64f28e740fd7db8a216ea8f652549d7a347acd188154b56ccc2a8c93013452df91507595c8677c78ae034ab91bfd2c211284d9b6164d920d99f2ef57e7bc5e6fb711b23b80660f462a954d8579b4747d551c14cabcd060af68a1aa9c11be4aa3a233fd2e93ef668f053d6669bbd6edd0de92a5c41b1ebac3690c343ae7b349fb9958ea56541d0b3032dad57453e75968e12edb18ad18ebc5f115a1cbf2da8d6d2e3c27dc838953a00b3135bf2a5907097bdbe570529513d683cc80e54b2fd4ab4f1b5bce5b472f2199293a338c122814465cf00248e2ae42e9e2df9823d936f5077c38a386513df16554103f590577b738ed4a5a80ad1ea2a5910c2c608cd0d55f8f0cf6f0632503447d91531a03b421321097dc68a5f34363cf64879a00c5e5058138df7f7cc4e035088b66500bfeca6d937d4083af5b8d53efb7a35bfc62a581bb698e2dacc73f5e42f29e78519def2c552dd699b38caa30772fb0055127259b91f607d39de6a538be5831de4c0742ec7dcc189889ede117b536dd4db56d96e854e8c7d2770345da0a066e84ce517041bd6c12c8fe04de79359030c26fe384e64001a8b4d82d99634786c698bf4f243ce8e711aad292b24f1220c39c3596a5abbfde61630ead0297ea581c8c0bc513352d2ca24429aaa7e6cc3721fb93df5acb5ab8a1102d347ea42a4b4c7b271659b798ca6a5b2d53a5b0c8c58b2dfdd4d4618a046170f721dd925add295c9726b322f9f729ecf8ce89c"], 0x50)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000280)={0x1ff, 0x776, 0x5, 0x0, 0x0, [{{r2}, 0x7fff}, {{r2}, 0xeb1}, {{}, 0x3}, {{r2}, 0x6}, {{r2}, 0x3}]})
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000001480)}], 0x3)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r5, 0x5393, &(0x7f0000000000))
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x2c, r4, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0xa}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x18}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x60)
r6 = memfd_secret(0x80000)
fcntl$setlease(r3, 0x400, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0x2a, 0x0, 0x0)
r8 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000000)={0x10000000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r6, 0x80083314, &(0x7f0000000040))

1.859699262s ago: executing program 0 (id=9388):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
unshare(0x2c020400)
r0 = msgget$private(0x0, 0x0)
msgsnd(r0, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0)
msgrcv(r0, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000080000000900000805000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000008000000000040000700000000000000ff00000000000cf2f36899b856f6075efc61ea3e842560bbcf9d94874e229d7a835007a410842cbd0226c23f1bfee8c65d6d2e50a588ec0e4b36ab366249d3e821d9ea808a6dba7e71307511e719af1884523246f64f28e740fd7db8a216ea8f652549d7a347acd188154b56ccc2a8c93013452df91507595c8677c78ae034ab91bfd2c211284d9b6164d920d99f2ef57e7bc5e6fb711b23b80660f462a954d8579b4747d551c14cabcd060af68a1aa9c11be4aa3a233fd2e93ef668f053d6669bbd6edd0de92a5c41b1ebac3690c343ae7b349fb9958ea56541d0b3032dad57453e75968e12edb18ad18ebc5f115a1cbf2da8d6d2e3c27dc838953a00b3135bf2a5907097bdbe570529513d683cc80e54b2fd4ab4f1b5bce5b472f2199293a338c122814465cf00248e2ae42e9e2df9823d936f5077c38a386513df16554103f590577b738ed4a5a80ad1ea2a5910c2c608cd0d55f8f0cf6f0632503447d91531a03b421321097dc68a5f34363cf64879a00c5e5058138df7f7cc4e035088b66500bfeca6d937d4083af5b8d53efb7a35bfc62a581bb698e2dacc73f5e42f29e78519def2c552dd699b38caa30772fb0055127259b91f607d39de6a538be5831de4c0742ec7dcc189889ede117b536dd4db56d96e854e8c7d2770345da0a066e84ce517041bd6c12c8fe04de79359030c26fe384e64001a8b4d82d99634786c698bf4f243ce8e711aad292b24f1220c39c3596a5abbfde61630ead0297ea581c8c0bc513352d2ca24429aaa7e6cc3721fb93df5acb5ab8a1102d347ea42a4b4c7b271659b798ca6a5b2d53a5b0c8c58b2dfdd4d4618a046170f721dd925add295c9726b322f9f729ecf8ce89c"], 0x50)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000280)={0x1ff, 0x776, 0x5, 0x0, 0x0, [{{r1}, 0x7fff}, {{r1}, 0xeb1}, {{}, 0x3}, {{r1}, 0x6}, {{r1}, 0x3}]})
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000001480)}], 0x3)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5393, &(0x7f0000000000))
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x2c, r3, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0xa}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x18}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x60)
r5 = memfd_secret(0x80000)
fcntl$setlease(r2, 0x400, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0x2a, 0x0, 0x0)
r7 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x10000000})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r5, 0x80083314, &(0x7f0000000040))

1.835611472s ago: executing program 4 (id=9389):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0xc8101339d8526c63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x4)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000000)={0x4, 0x2004, 0x0, 0x0, 0x0, 0x7})
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad01409bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e26cff13274e729c516bc3933538afa8af9", 0x89}], 0x1}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000940)='sys_enter\x00', r4}, 0x18)
syncfs(r0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x8, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69, 0x1, @perf_config_ext={0xf60, 0x40ffffffff}, 0x3008, 0x5, 0x10, 0x5, 0x10000000, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0x1e, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000004000000000000000100000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000f20000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000085000000140000001800000001000000000000008000000018680000100000000000000007000000bf"], &(0x7f0000000400)='syzkaller\x00', 0x8880, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xda}, 0x94)
r5 = semget$private(0x0, 0x6, 0x3b1)
semtimedop(r5, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x0, &(0x7f0000000200)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@usrjquota}, {@errors_remount}, {@dioread_lock}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@nombcache}, {}]}, 0x45, 0x7b6, &(0x7f0000001140)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4EQeZ31JruwsF72sBQaCLSnHpoYWTGpZStYcoiNaRNKoZdCW3prLzn356X02h+HXtr/oySkrROa0kNxGf2wZVtyrMSWkubzgYne07zRe995ozcvmrEUwBNrPP0nE3EsIl5PIkbrzycR0V9NZSOma+Xura/l0yWJjY1nvkuqZe6ur+WjaZvUkXrmjxHx+SsRJzK76y2vrM7PFIuFpXp+orJweaK8snry0sLMXGGusHh6cmrq1Jl/nDn9UOENN2d++Hr16K03/v/XD6Z/evkPH772RRLTcbS+rjmOgzIe4/V90p/uwm3+d9CV9czHL+6jUNMRkD3MxtChtGP66r1yLEajb6/+Ge5mywCAw/JSRGy009d2DQDwWEtq5///9LodAEC3ND4HuLu+lm8svf1Eortu/zcihobqudr1zVo6W79mN1S9DjpyN9l2ZSSJiLEDqH88It755Pn30iUO6TokQCvXrkfEhbHx3eN/suuehU79rfXTc82Z8R0rjX/QPZ+m859/tpr/ZTbnP9Fi/jPY4r37IO7//s/cPIBq2krnf/9uurftXlP8dWN99dxvqnO+/uTipWIhHdt+GxHHo38wzU/uUcfxOz/fabeuef73/ZsvvJvWnz5ulcjczA5u32Z2pjLzMDE3u3094k/ZVvGn4/9gtf+TNvPfc/X0wH3qeOpfr77dbl0afxpvY9kd/+HauBHxl5b9n2yWSfa8P3GiejhMNA6KFj6ajpF29Y9nt/o/XdL6G/8X6Ia0/0f2jn8sab5fs7zvl968W+yrG6OftSvUfPy3jr/18T+QPFtNN469qzOVytJkxEDy9O7nT21t28g3yqfxH/9z6/d/Y/xrcfw/l77+hX3uiOytb99/8PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IPuNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYb3r+PkUyxVK6cuFhaXpyN6m9lj0V/pvFVl6NN34c6Wf8+/Eb+1I783yPidxHx1uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn9/9Q3gzsK9/WihQDAoRhyYgeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ+d/AODXwPkfAJ489zn/7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjx/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFti90rfZQLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv7LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8EgAA//99gB7t")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
semop(r5, &(0x7f0000000180)=[{}], 0x1)
semop(r5, &(0x7f0000000080)=[{0x4, 0x40, 0x800}, {0x3, 0x0, 0x1400}], 0x2)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r9, 0x0)
connect$unix(r8, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r10 = socket$netlink(0x10, 0x3, 0x4)
write(r10, &(0x7f00000000c0)="29000000140005b7ff000000040860eb0101b6ff02159f02c26ed638eeb738256e06a40e07fff0797e", 0x140)

1.780920933s ago: executing program 5 (id=9390):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000380)=0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x14, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="14000000000a20000000040a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000000000000089630000000000900030073797a31000000002c000000030a01040000000000000000010000010c00024000000000000000010900010073797a3000000000140000001100010000004c941893abd62895000a6be2bc987aae390cc1170ebfe46ce8faa687a0f60f3e83789582d7b4521b83ae8775d1e156ce5099bdc0984a418af18a8ff0f0ab0c0a26db5fcdc2e9961585648dbf857473d3feca461639a89945950f9f5deb22f0ae686d400b4819f640200551bc717926dd2706c457e60849b1cac168bac14fb4bc1e03cf375f94f74830101b97a7f58b117a67c181160fdc5254bd1d0a1b7d3b89c3aeb7d283c23da355cadba075dbbfb8d2fb98dfe69a84bfb169"], 0xa0}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r2}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x5, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x2}, 0x94)
dup2(r3, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
select(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0xffffffffffffffff)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
capset(&(0x7f0000000080)={0x20071026}, 0x0)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r5, 0x40187014, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
fdatasync(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
fdatasync(r4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

1.039943474s ago: executing program 1 (id=9391):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB='\x00\v\x00\x00\x00\a\x00\x00\x00'], 0x36f0516f)

1.009004905s ago: executing program 1 (id=9392):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001180)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
unshare(0x2c020400)
r1 = msgget$private(0x0, 0x0)
msgsnd(r1, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0)
msgrcv(r1, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000080000000900000805000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000008000000000040000700000000000000ff00000000000cf2f36899b856f6075efc61ea3e842560bbcf9d94874e229d7a835007a410842cbd0226c23f1bfee8c65d6d2e50a588ec0e4b36ab366249d3e821d9ea808a6dba7e71307511e719af1884523246f64f28e740fd7db8a216ea8f652549d7a347acd188154b56ccc2a8c93013452df91507595c8677c78ae034ab91bfd2c211284d9b6164d920d99f2ef57e7bc5e6fb711b23b80660f462a954d8579b4747d551c14cabcd060af68a1aa9c11be4aa3a233fd2e93ef668f053d6669bbd6edd0de92a5c41b1ebac3690c343ae7b349fb9958ea56541d0b3032dad57453e75968e12edb18ad18ebc5f115a1cbf2da8d6d2e3c27dc838953a00b3135bf2a5907097bdbe570529513d683cc80e54b2fd4ab4f1b5bce5b472f2199293a338c122814465cf00248e2ae42e9e2df9823d936f5077c38a386513df16554103f590577b738ed4a5a80ad1ea2a5910c2c608cd0d55f8f0cf6f0632503447d91531a03b421321097dc68a5f34363cf64879a00c5e5058138df7f7cc4e035088b66500bfeca6d937d4083af5b8d53efb7a35bfc62a581bb698e2dacc73f5e42f29e78519def2c552dd699b38caa30772fb0055127259b91f607d39de6a538be5831de4c0742ec7dcc189889ede117b536dd4db56d96e854e8c7d2770345da0a066e84ce517041bd6c12c8fe04de79359030c26fe384e64001a8b4d82d99634786c698bf4f243ce8e711aad292b24f1220c39c3596a5abbfde61630ead0297ea581c8c0bc513352d2ca24429aaa7e6cc3721fb93df5acb5ab8a1102d347ea42a4b4c7b271659b798ca6a5b2d53a5b0c8c58b2dfdd4d4618a046170f721dd925add295c9726b322f9f729ecf8ce89c"], 0x50)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000280)={0x1ff, 0x776, 0x5, 0x0, 0x0, [{{r2}, 0x7fff}, {{r2}, 0xeb1}, {{}, 0x3}, {{r2}, 0x6}, {{r2}, 0x3}]})
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000001480)}], 0x3)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r5, 0x5393, &(0x7f0000000000))
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x2c, r4, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0xa}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x18}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x60)
r6 = memfd_secret(0x80000)
fcntl$setlease(r3, 0x400, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0x2a, 0x0, 0x0)
r8 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000000)={0x10000000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r6, 0x80083314, &(0x7f0000000040))

1.008540754s ago: executing program 3 (id=9393):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
timer_settime(0x0, 0x0, 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0xfffff)
io_uring_setup(0x6c0, &(0x7f0000000080)={0x0, 0xf740, 0x0, 0x2, 0x3})

985.741235ms ago: executing program 0 (id=9394):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x0)
setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), &(0x7f0000000200)=@v3={0x3000000, [{0x46, 0x55}, {0x5, 0x2004}], r1}, 0x18, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
setsockopt$sock_attach_bpf(r2, 0x1, 0x49, &(0x7f0000009000), 0x4)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext2\x00', &(0x7f0000000240)='./file1\x00', 0x4002, &(0x7f00000002c0)={[{@noquota}, {@errors_remount}, {@resuid={'resuid', 0x3d, r1}}]}, 0x3, 0xbc9, &(0x7f0000002380)="$eJzs3M1rG2caAPBnxrLiJN6VsyzLZi/rZVkSWFaxszhswsImS5a99FBor4UYRw7Gyge2S2rHB7n9B0rbc6GXQtvQ0kNzzqWlvfbSJteWHgqhuHELpbQuow/biSXbqaWMcX4/eDXvO6+k53k0SDMvSArgiTWc3aQRRyPiQhJRau5PI6JY7w1E1Br3W1lenPh+eXEiidXVZ75JIomI+8uLE63nSprbw83BQER8+t8kfvfS5riz8wvT49VqZaY5PjF3+dqJ2fmFf0xdHr9UuVS5MnrqX2Mnx06NnB7rWq0/fHH21nd/+f9XtR/f/unmt6++mcTZGGzObayjW4ZjeO012agQEePdDpaTvmY9G+tMCts8KO1xUgAAdJRuuIb7Q5SiL9Yv3krx4We5JgcAAAB0xWpfxCoAAACwzyXW/wAAALDPtb4HcH95caLV8v1GwuN171xEDDXqX2m2xkwhavXtQPRHxKH7SWz8WWvSeNiuDUfEl3dPv5e16NHvkLdSW4qIP7Y7/km9/qH6r7g3159GxEgX4g8/NN6m/r4uhHzAbuo/24X4j1g/AHTF7XONE9nm81+6dv0Tbc5/hTbnrl+jzfmv6+f4rbSu/1Y2Xf+t19/X4frv6R3GuPHW69c7zWX1//vW/95ttSx+tt1VUY/g3lLEnwrt6k/W6k861H9hhzFKP1+vdJrLu/7VNyKORfv6W5Kt/5/oxORUtTLSuG0bY+mTsXc6xc+7/uz4H+pQf+v/nzod/2s7jPHc+fPvb9p5d727df3p18Xk2Xqv2Nzzwvjc3MxoRDF5avP+k1vn0rpP6zmy+o//dev3f7v6s8+EWvN1yNYCS81tNn7xoZj/uXnjg075tNZ/eR7/ix2O/8b6Py5sPv4v7zDG3z565XinuY3r36xl8VtrYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSSNiMJK0vNZP03I54nBE/D4OpdWrs3N/n7z6/JWL2VzEUPSnk1PVykhElBrjJBuP1vvr45MPjf8ZEUci4rXSwfq4PHG1ejHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhzOCIGI0nLEZFGxEopTcvlvLMCAAAAum4o7wQAAACAnrP+BwAAgP3P+h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAeO/Ln23eSiKidOVhvmWJzrj/XzIBeS/NOAMhNX94JALkp5J0AkJtHXOO7XIB9KNlmfqDjzIGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3nXs6O07SUTUzhyst0yxOdefa2ZAr6V5JwDkpm+rycLjywN4/LzF4clljQ8k28wPrN+n9uDMgZ7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeM1hvSVqOiGJzX7kc8ZuIGIr+ZHKqWhmJiN9GxOel/gPZeDTnnAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi+2fmF6fFqtTKTddJodtb26Kx3ksYrVtsr+ejsslOMPZHGHu3k/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAeZucXpser1crMbN6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmbnV+YHq9WKzM97ORdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+fklAAD//+K3Chc=")
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x8004)
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x14, 0x7800, 0x0, 0x3)
r5 = syz_io_uring_setup(0x1637, &(0x7f0000000000)={0x0, 0x9f65, 0x20000, 0x2, 0x1bb}, &(0x7f0000000080), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_FILES_UPDATE(r5, 0x6, &(0x7f0000000280)={0x7fffffff, 0x0, &(0x7f0000000340)=[r0, r0, r0, r0, 0xffffffffffffffff]}, 0x5)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYBLOB="15c161a0", @ANYRES16, @ANYBLOB="00032abd70003fc4ffff02000000080002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x6040}, 0x20044880)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e1406ca000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000100)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x4e24, @rand_addr=0x64010100}}}, 0x108)

899.263956ms ago: executing program 4 (id=9395):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)

874.066176ms ago: executing program 5 (id=9396):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000001080)='./file0\x00', 0x40)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)

697.469209ms ago: executing program 5 (id=9397):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004"], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000240), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00'}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=@newlink={0x30, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xa49}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x4}}}]}, 0x30}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

697.122179ms ago: executing program 4 (id=9398):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = openat(0xffffffffffffff9c, 0x0, 0x4040, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000f80)={'syztnl0\x00', &(0x7f0000000140)={'ip6_vti0\x00', <r3=>0x0, 0x4, 0xe, 0x7, 0x10001, 0x20, @ipv4={'\x00', '\xff\xff', @multicast1}, @private2={0xfc, 0x2, '\x00', 0x5}, 0x700, 0x700, 0xd509, 0xffffffff}})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001c000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback=0x27, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0xc}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000001140)={[{@errors_continue}, {@data_err_abort}, {@init_itable}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f00000004c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000c62)

590.723631ms ago: executing program 5 (id=9399):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000f40)=@mangle={'mangle\x00', 0x44, 0x6, 0x4e0, 0x130, 0x0, 0x200, 0x398, 0x98, 0x448, 0x448, 0x448, 0x448, 0x448, 0x6, 0x0, {[{{@ip={@local, @broadcast, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {0xff}, {}, 0x0, 0x0, 0x18}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x2000000}}, @inet=@DSCP={0x28}}, {{@ip={@multicast2, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @private=0xa010101, 0x0, 0x0, 'dvmrp0\x00', 'nr0\x00'}, 0x0, 0xa8, 0xd0, 0x0, {}, [@common=@unspec=@time={{0x38}, {0xffffffff, 0x8000, 0x8d84, 0xcafc, 0xffffff8e, 0x70, 0x1}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @local, 0x0, 0x0, 'geneve0\x00', 'veth1_to_team\x00', {}, {}, 0x0, 0x0, 0x3}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@uncond, 0x0, 0x70, 0xb0}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x3, 0x8, @ipv4=@multicast1, 0x5e20}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x540)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x800)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = openat$cgroup_type(r2, &(0x7f00000002c0), 0x2, 0x0)
write$cgroup_type(r3, 0x0, 0x0)
r4 = openat$cgroup_procs(r2, &(0x7f0000000340)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000c40), 0x12)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x80, &(0x7f0000000500)=@ieee802154={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000200)=0x1, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f0000000380), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x1000)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000a5fdb9b30f56512a2e8f77bff7efe8c3eb1244559c74c6a75b1aa9d70fc1e89e4ff86be0a1926d23", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)

428.611203ms ago: executing program 4 (id=9400):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xfffffffc, 0x0, 0x10000000, 0x1000000}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x6b}]}, {0x4}, {0xc}, {0x57, 0x4, {0x2}}}}]}]}, 0x70}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000280)={'syztnl2\x00', &(0x7f00000014c0)={'syztnl2\x00', 0x0, 0x7, 0x80, 0x8, 0x6, {{0x20, 0x4, 0x1, 0x1, 0x80, 0x68, 0x0, 0x9, 0x2f, 0x0, @local, @multicast2, {[@timestamp_prespec={0x44, 0xc, 0x92, 0x3, 0x2, [{@empty, 0x7}]}, @timestamp_addr={0x44, 0x1c, 0x99, 0x1, 0x5, [{@local, 0x200}, {@broadcast, 0x3}, {@broadcast, 0x6}]}, @noop, @cipso={0x86, 0x40, 0xffffffffffffffff, [{0x2, 0x9, "ebd36ec556ea8c"}, {0x7, 0xd, "7c3051c79dc695e23d9abd"}, {0x2, 0x7, "669ef80b9d"}, {0x7, 0x3, 'p'}, {0x7, 0xd, "7ee8fe3b7a384f2360d2d8"}, {0x5, 0x7, "4f499b7caa"}, {0x1, 0x3, '^'}, {0x5, 0x3, '_'}]}]}}}}})
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'ip6gretap0\x00'})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ff"], 0x52)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000340)={0x1d, r6, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000001640))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x1000000, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

338.404904ms ago: executing program 5 (id=9401):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@i_version}, {@auto_da_alloc}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={<r1=>0x0}, &(0x7f00000000c0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="000000dfff000000b7080000000000007b8af8ff00000000bfa20000004942324ba86292a8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES64=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000d00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000cc0)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x20000080)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x13f}}, 0x20)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0xfe, 0x0, 0x8b, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0xfffffffffffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r5], 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r7, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pivot_root(0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r8, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000700)={0x40, r9, 0x1, 0x70bd28, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x6, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x90}]}]}]}]}, 0x40}}, 0x40040)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)

222.953896ms ago: executing program 0 (id=9402):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

205.828646ms ago: executing program 0 (id=9403):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB='\x00\v\x00\x00\x00\a\x00\x00\x00'], 0x36f0516f)

163.710137ms ago: executing program 1 (id=9404):
r0 = socket$caif_stream(0x25, 0x1, 0x2)
r1 = socket$inet6(0xa, 0xc0003, 0x0)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x6, 0xc, 0x2, 0x889}, {0x6, 0xf8, 0x3, 0x800}, {0x0, 0x22, 0x1, 0x4}]})
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e22, @remote}, 0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/114, 0x72, 0x0, &(0x7f0000000140)=""/194, 0xc2}, &(0x7f0000000280)=0x40)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x626880, 0x1b41a015101b96b9)
renameat2(r3, &(0x7f0000000300)='./file0\x00', r0, &(0x7f0000000340)='./file0\x00', 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r4, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0xb0, 0x3, 0x1, 0x0, 0x0, 0x0, {0x5}, [@CTA_TUPLE_MASTER={0x6c, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x14}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_MASTER={0x30, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x8c0}, 0x1404c805)
umount2(&(0x7f0000000500)='./file0\x00', 0x7)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r5, 0x110, 0x4, &(0x7f0000000540)=0x1, 0x4)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000640)={'\x00', 0x1, 0x6, 0x4, 0x6, 0x10, <r6=>0xffffffffffffffff})
r7 = perf_event_open(&(0x7f00000005c0)={0x0, 0x80, 0x5, 0x0, 0xeb, 0x3, 0x0, 0x8000, 0x8010, 0x58d4e570ff5e7e85, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000580), 0x6}, 0x400, 0x8, 0x2, 0x0, 0x3122, 0x8, 0x8, 0x0, 0x1, 0x0, 0x2663}, r6, 0xb, 0xffffffffffffffff, 0x1)
sendmsg$kcm(r7, &(0x7f0000000bc0)={&(0x7f00000006c0)=@qipcrtr={0x2a, 0xffffffff, 0x7ffe}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)="d78031fe5e93cadfa50950e9ac3bd178e1a79c303a41ca1b2a7a596569ceed55ea9ddbd49be89dca6079ebf943cf5d2eb19a283cb4a2ab", 0x37}, {&(0x7f0000000780)="7e714c49e6976a33b48bee332518e0cbf7235ef8abd4e958408231941624e9df", 0x20}, {&(0x7f00000007c0)="af3b63b7e0612c01c28d7937cab0d0a45fbdca6e820d302fbc1039834e8093d00a9b67ae389c59a143c17c0908ab4f7383bb4e017495ad87e2a20e50f80c8e7a33d3f375e07f493f441773924a0836ac7c4e915110b07a06b5bb73b5dae1f1b1f1539a5844bb902233b5fa3b14", 0x6d}], 0x3, &(0x7f0000000880)=[{0x48, 0x6, 0x7d, "915cc7d4a10cae83d210ac2dbcee05879662964c9716f6bab3deea09c3440776e618e545c228eb796cbcf3e50e9f1ecbe842"}, {0x30, 0x102, 0xe4f800, "3c09c24e6b536f7273a5284a6f0d5a2047187a07490b882d66482510a3174667"}, {0xe0, 0x10a, 0x101, "dccf34cbcf9be74ae8a550c6f6ad7c3cce5e49f9321f476fdb37b241dd457be6578ed201b57fc4e3324f9e8716c37ed9fc73544b626146b9b6edfae6ba0d6e867d1eb0b89412f4d6ce1a394e674abfd7f2e0eec758443a0a7e4a509a30d028cb1d3598ae490b9cc15729ea35f1da1085c730e0a80f35b8ab6c6264563abb5b1265c8456d16660718a53d053e985fefed3adf00a60e25b912602d6cfbe695f1d85c60c0f95de43ee5891ac7381af3e4365478065e2e48ea4912b3e978e59242f1fc43e15bca0963982962e2"}, {0x48, 0x104, 0xffffffff, "163e38ae50e231f789edfbb9176c09493ab22348f5c4e7c5dbbcbd6339bc5fb02c33f64bfbc6436e6e5cbebb428c05378e53a5dea121045f"}, {0x38, 0x119, 0x6, "69d74f2489775be1d7af33a56ef1c05083d3e27b1e0f9710d1e8386b836c1acdcf"}, {0x28, 0x185, 0x1, "369a5cb9390a9e9d2105def98b4002cfc43c9b6fd8b8"}, {0xa0, 0x114, 0x7, "d3cbc5e64db4fd0ff81bf9470078388b1637b46789bd92e1b14c6ff2821aee6f9485f6cb9595b349d83d20026fc7ddda5ee0db206cf7428b501991e10814d4c21983c838ff29556c4f7490b8315a699911785e0a58c89f813d0aaa977c9a2363637f9a4eb6a7d724d30dbc5dfef16e1e73b137d0f1301d771651d6f11817df04518cea0841bb7f5881ec"}, {0x78, 0x108, 0x8, "521ff9855375a7e7e6d536058a8876e542d6a0884e2e2208c062d18630a37e9c2e4f5a826887b5bad87a89be72225bc46af8ec3d67bd5c13bff54788a4697ea56af22f50e58ab62556fd91bb4710035f80dcca5fcae7dc3d753c09c4452796093f696d"}], 0x318}, 0xc000)
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000c00)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xf1, 0xf0, 0x0, [{{0x9, 0x4, 0x0, 0x7, 0x1, 0x7, 0x1, 0x3, 0xbd, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x1, 0x1, 0x5}}, [{{0x9, 0x5, 0x82, 0x2, 0x1af, 0xfd, 0x7, 0xf2}}]}}}]}}]}}, &(0x7f0000000f00)={0xa, &(0x7f0000000c40)={0xa, 0x6, 0x310, 0x3, 0x6, 0x1, 0x40, 0x4}, 0xfa, &(0x7f0000000c80)={0x5, 0xf, 0xfa, 0x4, [@ssp_cap={0xc, 0x10, 0xa, 0xb, 0x0, 0x8, 0xf0f, 0x1}, @generic={0xc1, 0x10, 0x3, "5cbab6fc10577e8164f586a26f7f5cb4ba2e4d7f253c08a3ae8e0012bead7151c4d52ab66cc21bc368d097593b821b165e0e24156da33164b98a0e0a494c08e1ed4ee914b915e7355c79222e104e1a88948728debb10c3bf6a48e4faa9497a8ae2a13afec8d85b5e6c74d20892fa864b6f875b2d88e7516770bce5be38d359c568dc18786cd025f82f3485629037dc3939b8d0f9485344b91eafa110ca48e65bd63f5212a0646a5a9300654571f24e93ff95eb704267c8c5815b3c839bdf"}, @ss_container_id={0x14, 0x10, 0x4, 0xff, "171c12fd26079d5eb21f7decb90fcbed"}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "5f80c9c5a7bcf9d9ec37abbe34de5517"}]}, 0x6, [{0x26, &(0x7f0000000d80)=@string={0x26, 0x3, "5c07ead8c6a35e009dbc6e56c9f580b85fc4d296a5f1bab546c3f8b88fb0ff6e720a7e60"}}, {0x4, &(0x7f0000000dc0)=@lang_id={0x4, 0x3, 0x459}}, {0x4, &(0x7f0000000e00)=@lang_id={0x4, 0x3, 0x813}}, {0x4, &(0x7f0000000e40)=@lang_id={0x4, 0x3, 0x100c}}, {0x4, &(0x7f0000000e80)=@lang_id={0x4, 0x3, 0x443}}, {0x1f, &(0x7f0000000ec0)=@string={0x1f, 0x3, "fce4ec9d8fb2a3b29bf28ce62211c4c522c692a05f7045d9230dd372c4"}}]})
ioctl$int_in(r7, 0x5452, &(0x7f0000000f80)=0x9)
r8 = syz_open_dev$sg(&(0x7f0000000fc0), 0x80000001, 0x181080)
sendto$inet(r2, &(0x7f0000001000)="b456af6e87302a9df551a9364f445280630ed4cf520931fe8c1b60e10888358ccd", 0x21, 0xc004, &(0x7f0000001040)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$int_in(r8, 0x5421, &(0x7f0000001080)=0x101)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000010c0)={0x0, 0x6, 0x10}, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000001100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x139, 0x139, 0xa, [@union={0x0, 0x5, 0x0, 0x5, 0x0, 0x7, [{0xf, 0x1, 0x2d}, {0xc, 0x4}, {0xd, 0x1, 0x10}, {0xd, 0x3, 0x4}, {0x2, 0x1, 0xfffffbff}]}, @union={0x0, 0x3, 0x0, 0x5, 0x1, 0x4, [{0x1, 0x4}, {0xc, 0x5, 0x8595}, {0xe, 0x3, 0x4}]}, @union={0x0, 0x5, 0x0, 0x5, 0x0, 0x5, [{0x4, 0x2, 0xfff}, {0x10, 0x2, 0xc}, {0x4, 0x7fffffff}, {0xb, 0x2, 0x2dd6}, {0xf, 0x2, 0x6}]}, @datasec={0x8, 0x9, 0x0, 0xf, 0x1, [{0x5, 0x200, 0x9}, {0x2, 0x3, 0x9}, {0x4, 0x7ff, 0x100}, {0x5, 0x3, 0xe92}, {0x1, 0x7fff, 0x6}, {0x2, 0x3, 0x483}, {0x3, 0x8, 0x7b3}, {0x4, 0xcac}, {0x2, 0x5, 0x9}], '5'}]}, {0x0, [0x0, 0x30, 0x30, 0x30, 0x2e, 0x61, 0x2f, 0x30]}}, &(0x7f0000001280)=""/200, 0x15e, 0xc8, 0x1, 0x2, 0x10000}, 0x28)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000001440)={{0x1, 0x1, 0x18, <r9=>r3}, './file0\x00'})
getsockopt$inet6_tcp_int(r9, 0x6, 0x6, &(0x7f0000001540), &(0x7f0000001580)=0x4)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r7, &(0x7f0000001680)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [""]}, 0x1c}}, 0x40)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0xb51290305afe1412}, 0xc, &(0x7f00000017c0)={&(0x7f0000001740)={0x58, 0x0, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xe}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xa6}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x1d}}]}, 0x58}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)

137.153477ms ago: executing program 0 (id=9405):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x9}, 0x20)
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r1, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e21, 0x80000, @dev={0xfe, 0x80, '\x00', 0x1d}}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@hoplimit={{0x14, 0x29, 0x34, 0x6ed2}}], 0x18}, 0x40c0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180040008003950"], 0x15)
dup(r0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000240), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100fffe08000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f840000000c0a01030000000000000000010000000900020073797a32000000005800038054000080080003400000000248000b80200001800a00010071756f7461000000100002800c0001400000000000000000100001800c000100636f756e74657200140001800a00010072616e6765000000040002800900010073797a30"], 0x108}}, 0x0)

136.473908ms ago: executing program 0 (id=9406):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0xc8101339d8526c63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x4)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000000)={0x4, 0x2004, 0x0, 0x0, 0x0, 0x7})
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad01409bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e26cff13274e729c516bc3933538afa8af9", 0x89}], 0x1}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000940)='sys_enter\x00', r4}, 0x18)
syncfs(r0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x8, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69, 0x1, @perf_config_ext={0xf60, 0x40ffffffff}, 0x3008, 0x5, 0x10, 0x5, 0x10000000, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0x1e, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000004000000000000000100000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000f20000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000085000000140000001800000001000000000000008000000018680000100000000000000007000000bf"], &(0x7f0000000400)='syzkaller\x00', 0x8880, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xda}, 0x94)
r5 = semget$private(0x0, 0x6, 0x3b1)
semtimedop(r5, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x0, &(0x7f0000000200)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@usrjquota}, {@errors_remount}, {@dioread_lock}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@nombcache}, {}]}, 0x45, 0x7b6, &(0x7f0000001140)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4EQeZ31JruwsF72sBQaCLSnHpoYWTGpZStYcoiNaRNKoZdCW3prLzn356X02h+HXtr/oySkrROa0kNxGf2wZVtyrMSWkubzgYne07zRe995ozcvmrEUwBNrPP0nE3EsIl5PIkbrzycR0V9NZSOma+Xura/l0yWJjY1nvkuqZe6ur+WjaZvUkXrmjxHx+SsRJzK76y2vrM7PFIuFpXp+orJweaK8snry0sLMXGGusHh6cmrq1Jl/nDn9UOENN2d++Hr16K03/v/XD6Z/evkPH772RRLTcbS+rjmOgzIe4/V90p/uwm3+d9CV9czHL+6jUNMRkD3MxtChtGP66r1yLEajb6/+Ge5mywCAw/JSRGy009d2DQDwWEtq5///9LodAEC3ND4HuLu+lm8svf1Eortu/zcihobqudr1zVo6W79mN1S9DjpyN9l2ZSSJiLEDqH88It755Pn30iUO6TokQCvXrkfEhbHx3eN/suuehU79rfXTc82Z8R0rjX/QPZ+m859/tpr/ZTbnP9Fi/jPY4r37IO7//s/cPIBq2krnf/9uurftXlP8dWN99dxvqnO+/uTipWIhHdt+GxHHo38wzU/uUcfxOz/fabeuef73/ZsvvJvWnz5ulcjczA5u32Z2pjLzMDE3u3094k/ZVvGn4/9gtf+TNvPfc/X0wH3qeOpfr77dbl0afxpvY9kd/+HauBHxl5b9n2yWSfa8P3GiejhMNA6KFj6ajpF29Y9nt/o/XdL6G/8X6Ia0/0f2jn8sab5fs7zvl968W+yrG6OftSvUfPy3jr/18T+QPFtNN469qzOVytJkxEDy9O7nT21t28g3yqfxH/9z6/d/Y/xrcfw/l77+hX3uiOytb99/8PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IPuNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYb3r+PkUyxVK6cuFhaXpyN6m9lj0V/pvFVl6NN34c6Wf8+/Eb+1I783yPidxHx1uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn9/9Q3gzsK9/WihQDAoRhyYgeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ+d/AODXwPkfAJ489zn/7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjx/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFti90rfZQLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv7LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8EgAA//99gB7t")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
semop(r5, &(0x7f0000000180)=[{}], 0x1)
semop(r5, &(0x7f0000000080)=[{0x4, 0x40, 0x800}, {0x3, 0x0, 0x1400}], 0x2)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r9, 0x0)
connect$unix(r8, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r10 = socket$netlink(0x10, 0x3, 0x4)
write(r10, &(0x7f00000000c0)="29000000140005b7ff000000040860eb0101b6ff02159f02c26ed638eeb738256e06a40e07fff0797e", 0x140)

0s ago: executing program 5 (id=9408):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000001080)='./file0\x00', 0x40)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)

kernel console output (not intermixed with test programs):

alloc_pages_mpol+0xb3/0x250
[  685.975257][T29780]  alloc_pages_noprof+0x90/0x130
[  685.975290][T29780]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  685.975477][T29780]  __kvmalloc_node_noprof+0x30f/0x4e0
[  685.975545][T29780]  ? ip_set_alloc+0x1f/0x30
[  685.975608][T29780]  ? ip_set_alloc+0x1f/0x30
[  685.975659][T29780]  ip_set_alloc+0x1f/0x30
[  685.975690][T29780]  hash_netiface_create+0x282/0x740
[  685.975721][T29780]  ? __pfx_hash_netiface_create+0x10/0x10
[  685.975767][T29780]  ip_set_create+0x3cc/0x960
[  685.975809][T29780]  ? __nla_parse+0x40/0x60
[  685.975827][T29780]  nfnetlink_rcv_msg+0x4c6/0x590
[  685.975861][T29780]  ? selinux_capable+0x1f9/0x270
[  685.975965][T29780]  netlink_rcv_skb+0x123/0x220
[  685.976000][T29780]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  685.976046][T29780]  nfnetlink_rcv+0x16b/0x1690
[  685.976107][T29780]  ? __kfree_skb+0x109/0x150
[  685.976196][T29780]  ? nlmon_xmit+0x4f/0x60
[  685.976269][T29780]  ? consume_skb+0x49/0x150
[  685.976390][T29780]  ? nlmon_xmit+0x4f/0x60
[  685.976414][T29780]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  685.976450][T29780]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  685.976486][T29780]  ? __dev_queue_xmit+0x182/0x1fb0
[  685.976525][T29780]  ? ref_tracker_free+0x37d/0x3e0
[  685.976563][T29780]  ? __netlink_deliver_tap+0x4dc/0x500
[  685.976599][T29780]  netlink_unicast+0x5a1/0x670
[  685.976637][T29780]  netlink_sendmsg+0x58b/0x6b0
[  685.976661][T29780]  ? __pfx_netlink_sendmsg+0x10/0x10
[  685.976684][T29780]  __sock_sendmsg+0x145/0x180
[  685.976728][T29780]  ____sys_sendmsg+0x31e/0x4e0
[  685.976767][T29780]  ___sys_sendmsg+0x17b/0x1d0
[  685.976799][T29780]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  685.976854][T29780]  __x64_sys_sendmsg+0xd4/0x160
[  685.976874][T29780]  x64_sys_call+0x2999/0x2fb0
[  685.976958][T29780]  do_syscall_64+0xd2/0x200
[  685.976976][T29780]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  685.977109][T29780]  ? clear_bhb_loop+0x40/0x90
[  685.977130][T29780]  ? clear_bhb_loop+0x40/0x90
[  685.977155][T29780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  685.977175][T29780] RIP: 0033:0x7f62ea3de929
[  685.977256][T29780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  685.977343][T29780] RSP: 002b:00007f62e8a47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  685.977365][T29780] RAX: ffffffffffffffda RBX: 00007f62ea605fa0 RCX: 00007f62ea3de929
[  685.977376][T29780] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  685.977388][T29780] RBP: 00007f62ea460b39 R08: 0000000000000000 R09: 0000000000000000
[  685.977400][T29780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  685.977414][T29780] R13: 0000000000000000 R14: 00007f62ea605fa0 R15: 00007ffe20322598
[  685.977442][T29780]  </TASK>
[  685.977450][T29780] memory: usage 307200kB, limit 307200kB, failcnt 5104
[  685.982192][T29796] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  685.990008][T29780] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  685.990028][T29780] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  685.990099][T29780] Memory cgroup stats for /syz3:
[  686.017059][T29780] cache 0
[  686.029431][T29793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8928'.
[  686.030085][T29780] rss 0
[  686.377413][T29780] shmem 0
[  686.380390][T29780] mapped_file 0
[  686.383888][T29780] dirty 0
[  686.386938][T29780] writeback 0
[  686.390214][T29780] workingset_refault_anon 12192
[  686.395050][T29780] workingset_refault_file 3792
[  686.399819][T29780] swap 212992
[  686.403092][T29780] swapcached 0
[  686.406495][T29780] pgpgin 650492
[  686.410076][T29780] pgpgout 650491
[  686.413603][T29780] pgfault 746609
[  686.417128][T29780] pgmajfault 1804
[  686.420814][T29780] inactive_anon 0
[  686.424467][T29780] active_anon 0
[  686.427926][T29780] inactive_file 0
[  686.431727][T29780] active_file 4096
[  686.435485][T29780] unevictable 0
[  686.438969][T29780] hierarchical_memory_limit 314572800
[  686.444332][T29780] hierarchical_memsw_limit 9223372036854771712
[  686.450513][T29780] total_cache 0
[  686.453951][T29780] total_rss 0
[  686.457217][T29780] total_shmem 0
[  686.460695][T29780] total_mapped_file 0
[  686.464751][T29780] total_dirty 0
[  686.468207][T29780] total_writeback 0
[  686.472067][T29780] total_workingset_refault_anon 12220
[  686.477435][T29780] total_workingset_refault_file 3958
[  686.482756][T29780] total_swap 212992
[  686.486547][T29780] total_swapcached 0
[  686.490509][T29780] total_pgpgin 714048
[  686.494484][T29780] total_pgpgout 714047
[  686.498530][T29780] total_pgfault 810781
[  686.502658][T29780] total_pgmajfault 2248
[  686.506852][T29780] total_inactive_anon 0
[  686.511134][T29780] total_active_anon 0
[  686.515112][T29780] total_inactive_file 0
[  686.519249][T29780] total_active_file 4096
[  686.523551][T29780] total_unevictable 0
[  686.527640][T29780] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.8923,pid=29779,uid=0
[  686.542389][T29780] Memory cgroup out of memory: Killed process 29779 (syz.3.8923) total-vm:93756kB, anon-rss:936kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  686.601713][T29803] loop5: detected capacity change from 0 to 512
[  686.608383][T29803] EXT4-fs: Ignoring removed i_version option
[  686.615504][T29803] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  686.625670][T29803] EXT4-fs (loop5): orphan cleanup on readonly fs
[  686.634258][T29803] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.8931: bg 0: block 248: padding at end of block bitmap is not set
[  686.665021][T29803] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.8931: Failed to acquire dquot type 1
[  686.684807][T29803] EXT4-fs (loop5): 1 truncate cleaned up
[  686.701842][T29803] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  686.774278][T29803] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  686.799397][T29803] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  686.808222][T29803] ext4 filesystem being remounted at /562/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  686.821507][T29803] netlink: 204 bytes leftover after parsing attributes in process `syz.5.8931'.
[  686.973236][T29821] loop3: detected capacity change from 0 to 2048
[  686.981215][T29821] EXT4-fs: Ignoring removed mblk_io_submit option
[  687.009430][T29821] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  687.089920][T21476] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  687.726965][T21915] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  688.390263][T29850] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  688.955179][T29856] loop0: detected capacity change from 0 to 4096
[  688.973423][T29856] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  689.020724][T29860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8951'.
[  689.073213][T29856] netlink: 'syz.0.8949': attribute type 10 has an invalid length.
[  689.340768][T29850] syz.4.8946 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  689.354990][T29850] CPU: 1 UID: 0 PID: 29850 Comm: syz.4.8946 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(voluntary) 
[  689.355019][T29850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  689.355034][T29850] Call Trace:
[  689.355040][T29850]  <TASK>
[  689.355048][T29850]  __dump_stack+0x1d/0x30
[  689.355120][T29850]  dump_stack_lvl+0xe8/0x140
[  689.355142][T29850]  dump_stack+0x15/0x1b
[  689.355160][T29850]  dump_header+0x81/0x220
[  689.355245][T29850]  oom_kill_process+0x334/0x3f0
[  689.355277][T29850]  out_of_memory+0x979/0xb80
[  689.355322][T29850]  try_charge_memcg+0x5e6/0x9e0
[  689.355351][T29850]  obj_cgroup_charge_pages+0xa6/0x150
[  689.355417][T29850]  __memcg_kmem_charge_page+0x9f/0x170
[  689.355449][T29850]  __alloc_frozen_pages_noprof+0x188/0x360
[  689.355489][T29850]  alloc_pages_mpol+0xb3/0x250
[  689.355594][T29850]  alloc_pages_noprof+0x90/0x130
[  689.355624][T29850]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  689.355698][T29850]  __kvmalloc_node_noprof+0x30f/0x4e0
[  689.355729][T29850]  ? ip_set_alloc+0x1f/0x30
[  689.355760][T29850]  ? ip_set_alloc+0x1f/0x30
[  689.355788][T29850]  ? __kmalloc_cache_noprof+0x189/0x320
[  689.355961][T29850]  ip_set_alloc+0x1f/0x30
[  689.355991][T29850]  hash_netiface_create+0x282/0x740
[  689.356094][T29850]  ? __pfx_hash_netiface_create+0x10/0x10
[  689.356210][T29850]  ip_set_create+0x3cc/0x960
[  689.356318][T29850]  ? __nla_parse+0x40/0x60
[  689.356340][T29850]  nfnetlink_rcv_msg+0x4c6/0x590
[  689.356452][T29850]  ? selinux_capable+0x1f9/0x270
[  689.356485][T29850]  netlink_rcv_skb+0x123/0x220
[  689.356532][T29850]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  689.356568][T29850]  nfnetlink_rcv+0x16b/0x1690
[  689.356594][T29850]  ? __kfree_skb+0x109/0x150
[  689.356627][T29850]  ? nlmon_xmit+0x4f/0x60
[  689.356650][T29850]  ? consume_skb+0x49/0x150
[  689.356722][T29850]  ? nlmon_xmit+0x4f/0x60
[  689.356741][T29850]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  689.356777][T29850]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  689.356841][T29850]  ? __dev_queue_xmit+0x182/0x1fb0
[  689.356877][T29850]  ? ref_tracker_free+0x37d/0x3e0
[  689.356914][T29850]  ? __netlink_deliver_tap+0x4dc/0x500
[  689.357004][T29850]  netlink_unicast+0x5a1/0x670
[  689.357081][T29850]  netlink_sendmsg+0x58b/0x6b0
[  689.357109][T29850]  ? __pfx_netlink_sendmsg+0x10/0x10
[  689.357180][T29850]  __sock_sendmsg+0x145/0x180
[  689.357213][T29850]  ____sys_sendmsg+0x31e/0x4e0
[  689.357252][T29850]  ___sys_sendmsg+0x17b/0x1d0
[  689.357329][T29850]  __x64_sys_sendmsg+0xd4/0x160
[  689.357387][T29850]  x64_sys_call+0x2999/0x2fb0
[  689.357467][T29850]  do_syscall_64+0xd2/0x200
[  689.357567][T29850]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  689.357674][T29850]  ? clear_bhb_loop+0x40/0x90
[  689.357697][T29850]  ? clear_bhb_loop+0x40/0x90
[  689.357721][T29850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.357744][T29850] RIP: 0033:0x7f8d1adce929
[  689.357763][T29850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  689.357782][T29850] RSP: 002b:00007f8d19437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  689.357799][T29850] RAX: ffffffffffffffda RBX: 00007f8d1aff5fa0 RCX: 00007f8d1adce929
[  689.357812][T29850] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  689.357823][T29850] RBP: 00007f8d1ae50b39 R08: 0000000000000000 R09: 0000000000000000
[  689.357837][T29850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  689.357874][T29850] R13: 0000000000000000 R14: 00007f8d1aff5fa0 R15: 00007ffe4450a948
[  689.357894][T29850]  </TASK>
[  689.702993][T29850] memory: usage 307200kB, limit 307200kB, failcnt 12857
[  689.705931][T29870] loop5: detected capacity change from 0 to 4096
[  689.710095][T29850] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  689.710116][T29850] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  689.710129][T29850] Memory cgroup stats for /syz4:
[  689.740012][T29874] loop0: detected capacity change from 0 to 2048
[  689.742972][T29850] cache 0
[  689.756435][T29850] rss 0
[  689.759251][T29850] shmem 0
[  689.762188][T29850] mapped_file 0
[  689.765744][T29850] dirty 0
[  689.768685][T29850] writeback 0
[  689.769447][T29870] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  689.771955][T29850] workingset_refault_anon 18940
[  689.771965][T29850] workingset_refault_file 4761
[  689.771972][T29850] swap 212992
[  689.771979][T29850] swapcached 0
[  689.771986][T29850] pgpgin 834354
[  689.771993][T29850] pgpgout 834354
[  689.772001][T29850] pgfault 979595
[  689.772008][T29850] pgmajfault 2666
[  689.772032][T29850] inactive_anon 0
[  689.772040][T29850] active_anon 0
[  689.772048][T29850] inactive_file 0
[  689.772055][T29850] active_file 0
[  689.772063][T29850] unevictable 0
[  689.772071][T29850] hierarchical_memory_limit 314572800
[  689.772081][T29850] hierarchical_memsw_limit 9223372036854771712
[  689.772120][T29850] total_cache 0
[  689.772128][T29850] total_rss 0
[  689.772135][T29850] total_shmem 0
[  689.772143][T29850] total_mapped_file 0
[  689.772151][T29850] total_dirty 0
[  689.772157][T29850] total_writeback 0
[  689.772164][T29850] total_workingset_refault_anon 19005
[  689.870565][T29850] total_workingset_refault_file 5159
[  689.875873][T29850] total_swap 212992
[  689.880097][T29850] total_swapcached 0
[  689.884003][T29850] total_pgpgin 927408
[  689.887982][T29850] total_pgpgout 927408
[  689.892073][T29850] total_pgfault 1073443
[  689.896230][T29850] total_pgmajfault 3517
[  689.900386][T29850] total_inactive_anon 0
[  689.904532][T29850] total_active_anon 0
[  689.908511][T29850] total_inactive_file 0
[  689.913287][T29850] total_active_file 0
[  689.917254][T29850] total_unevictable 0
[  689.921283][T29850] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.8946,pid=29847,uid=0
[  689.935995][T29850] Memory cgroup out of memory: Killed process 29847 (syz.4.8946) total-vm:93756kB, anon-rss:940kB, file-rss:22232kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  690.026440][T29884] loop0: detected capacity change from 0 to 512
[  690.034169][T29884] EXT4-fs: Ignoring removed i_version option
[  690.044757][T29884] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  690.064386][T29884] EXT4-fs (loop0): orphan cleanup on readonly fs
[  690.071274][T29884] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8959: bg 0: block 248: padding at end of block bitmap is not set
[  690.100657][T29880] loop3: detected capacity change from 0 to 8192
[  690.148083][T29884] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8959: Failed to acquire dquot type 1
[  690.179588][T29870] netlink: 'syz.5.8955': attribute type 10 has an invalid length.
[  690.196933][T29884] EXT4-fs (loop0): 1 truncate cleaned up
[  690.203199][T29884] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  690.291532][T29884] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  690.311371][T29884] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  690.327098][T29884] ext4 filesystem being remounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  690.342549][T29884] netlink: 464 bytes leftover after parsing attributes in process `syz.0.8959'.
[  690.432829][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  690.502886][T29892] loop5: detected capacity change from 0 to 2048
[  690.627675][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  690.627691][   T29] audit: type=1326 audit(1778021624.049:58024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.658227][   T29] audit: type=1326 audit(1778021624.049:58025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.681960][   T29] audit: type=1326 audit(1778021624.049:58026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.706330][   T29] audit: type=1326 audit(1778021624.049:58027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.730698][   T29] audit: type=1326 audit(1778021624.049:58028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.754863][   T29] audit: type=1326 audit(1778021624.117:58029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29911 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8d1ae011e5 code=0x7ffc0000
[  690.779293][   T29] audit: type=1326 audit(1778021624.117:58030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.802865][   T29] audit: type=1326 audit(1778021624.117:58031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.827119][   T29] audit: type=1326 audit(1778021624.137:58032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.851318][   T29] audit: type=1326 audit(1778021624.137:58033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29908 comm="syz.4.8967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1adce929 code=0x7ffc0000
[  690.886390][T29902] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8965'.
[  691.043606][T29922] loop3: detected capacity change from 0 to 2048
[  691.050462][T29922] EXT4-fs: Ignoring removed mblk_io_submit option
[  691.068367][T29922] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  691.081830][T29928] loop1: detected capacity change from 0 to 512
[  691.087020][T29932] loop4: detected capacity change from 0 to 512
[  691.089095][T29928] EXT4-fs: Ignoring removed i_version option
[  691.094858][T29932] EXT4-fs: Ignoring removed i_version option
[  691.112922][T29928] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  691.122165][T29932] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  691.123489][T29928] EXT4-fs (loop1): orphan cleanup on readonly fs
[  691.132857][T29932] EXT4-fs (loop4): orphan cleanup on readonly fs
[  691.138611][T29928] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.8973: bg 0: block 248: padding at end of block bitmap is not set
[  691.144349][T29932] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.8974: bg 0: block 248: padding at end of block bitmap is not set
[  691.160530][T29928] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.8973: Failed to acquire dquot type 1
[  691.172950][T29932] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.8974: Failed to acquire dquot type 1
[  691.196256][T29928] EXT4-fs (loop1): 1 truncate cleaned up
[  691.199716][T29932] EXT4-fs (loop4): 1 truncate cleaned up
[  691.208237][T29928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  691.208518][T29932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  691.267823][T29928] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  691.280799][T29932] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  691.312350][T29928] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  691.321949][T29928] ext4 filesystem being remounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  691.327954][T29932] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  691.341105][T29932] ext4 filesystem being remounted at /552/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  691.682303][T21614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.699493][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.812189][T21915] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.863859][T29950] loop0: detected capacity change from 0 to 8192
[  692.404340][T29961] netlink: 'syz.1.8976': attribute type 7 has an invalid length.
[  692.652548][T29972] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  692.661326][T29972] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  692.723623][T29974] vlan2: entered allmulticast mode
[  692.808937][T29972] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  692.831388][T29972] ref_ctr_offset mismatch. inode: 0x180 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  693.132074][T30005] netlink: 'syz.3.8995': attribute type 7 has an invalid length.
[  693.141018][T29994] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8991'.
[  693.431316][T30024] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  694.063916][T30036] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  694.072666][T30036] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  694.143073][T30042] netlink: 'syz.5.9006': attribute type 7 has an invalid length.
[  694.162724][T30043] vlan2: entered allmulticast mode
[  694.211183][T30036] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  694.400401][T30047] ref_ctr_offset mismatch. inode: 0x16b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  694.789732][T30064] loop5: detected capacity change from 0 to 512
[  694.813817][T30064] EXT4-fs: Ignoring removed i_version option
[  694.830176][T30064] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  694.846472][T30064] EXT4-fs (loop5): orphan cleanup on readonly fs
[  694.853592][T30064] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.9013: bg 0: block 248: padding at end of block bitmap is not set
[  694.869124][T30064] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.9013: Failed to acquire dquot type 1
[  694.886115][T30064] EXT4-fs (loop5): 1 truncate cleaned up
[  694.893345][T30064] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  694.912310][T30064] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  694.936876][T30064] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  694.945486][T30064] ext4 filesystem being remounted at /585/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  694.964559][T30064] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9013'.
[  695.140542][T21476] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  695.176378][T30085] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  695.235761][T30074] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9015'.
[  695.371058][T30081] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9018'.
[  695.627283][T30107] loop0: detected capacity change from 0 to 512
[  695.651324][T30107] EXT4-fs: Ignoring removed i_version option
[  695.765965][T30110] loop4: detected capacity change from 0 to 2048
[  695.773607][T30110] EXT4-fs: Ignoring removed mblk_io_submit option
[  695.800715][T30107] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  695.812332][T30107] EXT4-fs (loop0): orphan cleanup on readonly fs
[  695.823051][T30110] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  695.838793][T30107] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.9024: bg 0: block 248: padding at end of block bitmap is not set
[  695.905631][T30107] __quota_error: 621 callbacks suppressed
[  695.905648][T30107] Quota error (device loop0): write_blk: dquota write failed
[  695.918945][T30107] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  695.928947][T30107] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.9024: Failed to acquire dquot type 1
[  696.047132][T30107] EXT4-fs (loop0): 1 truncate cleaned up
[  696.163724][   T29] audit: type=1326 audit(1778545917.465:58649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30120 comm="syz.1.9028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  696.216960][   T29] audit: type=1326 audit(1778545917.494:58650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30120 comm="syz.1.9028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  696.240758][   T29] audit: type=1326 audit(1778545917.494:58651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30120 comm="syz.1.9028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  696.264434][   T29] audit: type=1326 audit(1778545917.504:58652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30120 comm="syz.1.9028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  696.288117][   T29] audit: type=1326 audit(1778545917.504:58653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30120 comm="syz.1.9028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  696.311927][   T29] audit: type=1326 audit(1778545917.504:58654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30120 comm="syz.1.9028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  696.335597][   T29] audit: type=1326 audit(1778545917.504:58655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30120 comm="syz.1.9028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  696.359422][   T29] audit: type=1326 audit(1778545917.504:58656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30120 comm="syz.1.9028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  696.435376][T30107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  696.501089][T30107] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  696.732959][T30107] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  696.741601][T30107] ext4 filesystem being remounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  696.742346][T21614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  696.753105][T30107] netlink: 464 bytes leftover after parsing attributes in process `syz.0.9024'.
[  696.862099][T30137] loop5: detected capacity change from 0 to 512
[  696.870933][T30138] 9pnet_fd: Insufficient options for proto=fd
[  696.871309][T30137] EXT4-fs: Ignoring removed i_version option
[  696.884713][T30137] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  696.908672][T30137] EXT4-fs (loop5): orphan cleanup on readonly fs
[  696.909088][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  696.936475][T30137] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.9035: bg 0: block 248: padding at end of block bitmap is not set
[  696.952250][T30137] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.9035: Failed to acquire dquot type 1
[  696.965282][T30137] EXT4-fs (loop5): 1 truncate cleaned up
[  696.971780][T30137] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  696.992764][T30137] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  697.106771][T30156] futex_wake_op: syz.0.9041 tries to shift op by -1; fix this program
[  697.214404][T30137] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  697.223553][T30137] ext4 filesystem being remounted at /589/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  697.247718][T30137] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9035'.
[  697.386450][T21476] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  697.740318][T30175] 9pnet_fd: Insufficient options for proto=fd
[  698.047342][T30183] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  698.084964][T30187] loop1: detected capacity change from 0 to 512
[  698.108830][T30187] EXT4-fs: Ignoring removed i_version option
[  698.131467][T30187] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  698.167807][T30187] EXT4-fs (loop1): orphan cleanup on readonly fs
[  698.192724][T30187] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.9049: bg 0: block 248: padding at end of block bitmap is not set
[  698.248673][T30187] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.9049: Failed to acquire dquot type 1
[  698.290872][T30187] EXT4-fs (loop1): 1 truncate cleaned up
[  698.401306][T30197] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  698.409965][T30197] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  698.531131][T30197] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  698.562957][T30197] ref_ctr_offset mismatch. inode: 0xb75 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  698.620949][T30187] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  698.643685][T30187] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  698.677628][T30187] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  698.693923][T30187] ext4 filesystem being remounted at /74/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  698.713407][T30187] netlink: 464 bytes leftover after parsing attributes in process `syz.1.9049'.
[  698.790359][T30215] futex_wake_op: syz.4.9060 tries to shift op by -1; fix this program
[  698.947438][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  698.985648][T30218] loop0: detected capacity change from 0 to 512
[  698.995242][T30220] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  699.003462][T30218] EXT4-fs: Ignoring removed i_version option
[  699.011658][T30218] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  699.030825][T30218] EXT4-fs (loop0): orphan cleanup on readonly fs
[  699.043271][T30218] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.9061: bg 0: block 248: padding at end of block bitmap is not set
[  699.058981][T30218] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.9061: Failed to acquire dquot type 1
[  699.075081][T30218] EXT4-fs (loop0): 1 truncate cleaned up
[  699.084974][T30220] wg2: entered promiscuous mode
[  699.089885][T30220] wg2: entered allmulticast mode
[  699.098533][T30218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  699.111479][T30224] ref_ctr_offset mismatch. inode: 0xcb2 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  699.128749][T30218] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  699.145798][T30218] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  699.154461][T30218] ext4 filesystem being remounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  699.479485][T30243] 9pnet_fd: Insufficient options for proto=fd
[  699.535159][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  699.575085][T30247] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  699.776291][T30255] loop5: detected capacity change from 0 to 512
[  699.831758][T30255] EXT4-fs: Ignoring removed i_version option
[  699.902858][T30255] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  699.963304][T30255] EXT4-fs (loop5): orphan cleanup on readonly fs
[  700.033392][T30254] loop0: detected capacity change from 0 to 2048
[  700.043864][T30255] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.9072: bg 0: block 248: padding at end of block bitmap is not set
[  700.105678][T30255] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.9072: Failed to acquire dquot type 1
[  700.118096][T30254] EXT4-fs: Ignoring removed mblk_io_submit option
[  700.181398][T30255] EXT4-fs (loop5): 1 truncate cleaned up
[  700.321749][T30254] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  700.598245][T30255] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  700.612577][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.630793][T30255] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  700.669904][T30255] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  700.692178][T30255] ext4 filesystem being remounted at /594/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  700.717306][T30255] __nla_validate_parse: 4 callbacks suppressed
[  700.717321][T30255] netlink: 464 bytes leftover after parsing attributes in process `syz.5.9072'.
[  700.827716][T30277] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  700.837131][T30277] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  700.846520][T21476] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.886202][T30279] vlan2: entered allmulticast mode
[  700.909811][T30278] loop3: detected capacity change from 0 to 2048
[  700.918700][T30278] EXT4-fs: Ignoring removed mblk_io_submit option
[  700.959464][T30289] 9pnet_fd: Insufficient options for proto=fd
[  700.976150][T30292] 9pnet_fd: p9_fd_create_tcp (30292): problem connecting socket to 127.0.0.1
[  700.987646][T30278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  700.989412][T30292] netlink: 96 bytes leftover after parsing attributes in process `syz.5.9084'.
[  701.001755][T30277] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  701.025731][T30292] bridge0: entered promiscuous mode
[  701.031233][T30292] macsec0: entered promiscuous mode
[  701.037590][T30292] bridge0: port 3(macsec0) entered blocking state
[  701.044543][T30292] bridge0: port 3(macsec0) entered disabled state
[  701.051174][T30292] macsec0: entered allmulticast mode
[  701.056487][T30292] bridge0: entered allmulticast mode
[  701.062154][T30279] ref_ctr_offset mismatch. inode: 0x1dd offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  701.073967][T30292] macsec0: left allmulticast mode
[  701.079017][T30292] bridge0: left allmulticast mode
[  701.085859][T30292] bridge0: left promiscuous mode
[  701.090914][   T29] kauditd_printk_skb: 655 callbacks suppressed
[  701.090927][   T29] audit: type=1326 audit(1779070210.271:59304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30293 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  701.120763][   T29] audit: type=1326 audit(1779070210.271:59305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30293 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  701.144396][   T29] audit: type=1326 audit(1779070210.281:59306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30293 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  701.167981][   T29] audit: type=1326 audit(1779070210.281:59307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30296 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8e51d111e5 code=0x7ffc0000
[  701.191690][   T29] audit: type=1326 audit(1779070210.281:59308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30293 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  701.191720][   T29] audit: type=1326 audit(1779070210.281:59309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30293 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  701.238766][   T29] audit: type=1326 audit(1779070210.291:59310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30293 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  701.262515][   T29] audit: type=1326 audit(1779070210.291:59311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30293 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  701.286146][   T29] audit: type=1326 audit(1779070210.291:59312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30297 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8e51d111e5 code=0x7ffc0000
[  701.309771][   T29] audit: type=1326 audit(1779070210.291:59313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30293 comm="syz.1.9085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  701.473017][T30313] loop5: detected capacity change from 0 to 512
[  701.482876][T30313] EXT4-fs: Ignoring removed i_version option
[  701.489916][T30313] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  701.499516][T30313] EXT4-fs (loop5): orphan cleanup on readonly fs
[  701.506645][T30313] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.9089: bg 0: block 248: padding at end of block bitmap is not set
[  701.521773][T30313] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.9089: Failed to acquire dquot type 1
[  701.543443][T30313] EXT4-fs (loop5): 1 truncate cleaned up
[  701.574269][T30311] loop1: detected capacity change from 0 to 8192
[  701.660322][T30323] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  702.406771][T30329] 9pnet_fd: Insufficient options for proto=fd
[  702.450566][T30331] futex_wake_op: syz.1.9096 tries to shift op by -1; fix this program
[  702.554994][T21915] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.567888][T30313] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  702.635738][T30305] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  702.740849][T30305] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  702.750208][T30305] ext4 filesystem being remounted at /598/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  702.827908][T30305] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9089'.
[  702.974338][T21476] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  703.006825][T30334] loop3: detected capacity change from 0 to 2048
[  703.112927][T30357] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  703.122157][T30357] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  703.137926][T30357] vlan2: entered allmulticast mode
[  703.206295][T30357] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  703.216840][T30357] ref_ctr_offset mismatch. inode: 0x1f4 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  703.263676][T30346] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9101'.
[  703.296766][T30353] chnl_net:caif_netlink_parms(): no params data found
[  703.343952][T30353] bridge0: port 1(bridge_slave_0) entered blocking state
[  703.351152][T30353] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.358615][T30353] bridge_slave_0: entered allmulticast mode
[  703.366008][T30353] bridge_slave_0: entered promiscuous mode
[  703.372942][T30353] bridge0: port 2(bridge_slave_1) entered blocking state
[  703.380105][T30353] bridge0: port 2(bridge_slave_1) entered disabled state
[  703.388452][T30353] bridge_slave_1: entered allmulticast mode
[  703.395584][T30353] bridge_slave_1: entered promiscuous mode
[  703.429266][T30353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  703.439844][T30353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  703.471183][T30353] team0: Port device team_slave_0 added
[  703.478676][T30353] team0: Port device team_slave_1 added
[  703.507342][T30353] batman_adv: batadv0: Adding interface: batadv_slave_0
[  703.514345][T30353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  703.540474][T30353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  703.560907][T30353] batman_adv: batadv0: Adding interface: batadv_slave_1
[  703.568048][T30353] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  703.594733][T30353] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  703.650146][T18035] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  703.673884][T30353] hsr_slave_0: entered promiscuous mode
[  703.680171][T30353] hsr_slave_1: entered promiscuous mode
[  703.688117][T30353] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  703.697131][T30353] Cannot create hsr debugfs directory
[  703.791235][T18035] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  704.001516][T18035] bond0: (slave netdevsim1): Releasing backup interface
[  704.045002][T18035] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  704.191112][T18035] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  704.294317][T30405] vlan2: entered allmulticast mode
[  704.436046][T30405] ref_ctr_offset mismatch. inode: 0xc31 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  704.479654][T18035] bridge_slave_1: left allmulticast mode
[  704.485382][T18035] bridge_slave_1: left promiscuous mode
[  704.491170][T18035] bridge0: port 2(bridge_slave_1) entered disabled state
[  704.603036][T18035] bridge_slave_0: left promiscuous mode
[  704.608887][T18035] bridge0: port 1(bridge_slave_0) entered disabled state
[  704.847149][T18035] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  704.868726][T18035] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  704.886746][T18035] bond0 (unregistering): Released all slaves
[  704.921022][T30396] loop3: detected capacity change from 0 to 4096
[  704.933969][T30396] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  704.948693][T18035] tipc: Disabling bearer <udp:£>
[  704.953769][T18035] tipc: Left network mode
[  705.061008][T30396] netlink: 'syz.3.9113': attribute type 10 has an invalid length.
[  705.074697][T18035] hsr_slave_0: left promiscuous mode
[  705.087081][T18035] hsr_slave_1: left promiscuous mode
[  705.094929][T18035] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  705.102555][T18035] batman_adv: batadv0: Removing interface: batadv_slave_0
[  705.113109][T18035] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  705.120598][T18035] batman_adv: batadv0: Removing interface: batadv_slave_1
[  705.150470][T18035] veth1_vlan: left promiscuous mode
[  705.162440][T18035] veth0_vlan: left promiscuous mode
[  705.271212][T18035] team0 (unregistering): Port device team_slave_1 removed
[  705.283380][T18035] team0 (unregistering): Port device team_slave_0 removed
[  705.325364][T30437] loop4: detected capacity change from 0 to 512
[  705.333923][T30437] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  705.343578][T30437] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  705.355531][T30437] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  705.365234][T30437] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  705.375622][T30437] System zones: 0-2, 18-18, 34-34
[  705.381125][T30437] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.9126: iget: bad i_size value: 360287970189639680
[  705.395686][T30437] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.9126: couldn't read orphan inode 15 (err -117)
[  705.410651][T30437] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  705.447977][T30437] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  705.476326][T30353] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  705.485179][T30353] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  705.495060][T30353] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  705.504703][T30353] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  705.540327][T30353] 8021q: adding VLAN 0 to HW filter on device bond0
[  705.552859][T30353] 8021q: adding VLAN 0 to HW filter on device team0
[  705.562027][ T1086] bridge0: port 1(bridge_slave_0) entered blocking state
[  705.569232][ T1086] bridge0: port 1(bridge_slave_0) entered forwarding state
[  705.590137][T30353] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  705.600735][T30353] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  705.660733][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  705.667875][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  705.686095][T21614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  705.690897][T30353] 8021q: adding VLAN 0 to HW filter on device batadv0
[  705.959836][T30353] veth0_vlan: entered promiscuous mode
[  705.990210][T30353] veth1_vlan: entered promiscuous mode
[  706.051132][T30353] veth0_macvtap: entered promiscuous mode
[  706.082553][T30353] veth1_macvtap: entered promiscuous mode
[  706.137225][T30353] batman_adv: batadv0: Interface activated: batadv_slave_0
[  706.197001][T30353] batman_adv: batadv0: Interface activated: batadv_slave_1
[  706.257385][T30353] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  706.266232][T30353] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  706.275032][T30353] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  706.283783][T30353] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  706.353856][   T29] kauditd_printk_skb: 513 callbacks suppressed
[  706.353883][   T29] audit: type=1326 audit(1779070215.382:59825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.383904][   T29] audit: type=1326 audit(1779070215.382:59826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.408213][   T29] audit: type=1326 audit(1779070215.382:59827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.431830][   T29] audit: type=1326 audit(1779070215.382:59828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.455445][   T29] audit: type=1326 audit(1779070215.382:59829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.479130][   T29] audit: type=1326 audit(1779070215.382:59830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.503245][   T29] audit: type=1326 audit(1779070215.382:59831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.526838][   T29] audit: type=1326 audit(1779070215.382:59832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.550480][   T29] audit: type=1326 audit(1779070215.382:59833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.574550][   T29] audit: type=1326 audit(1779070215.391:59834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30490 comm="syz.1.9138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  706.806744][T30487] loop0: detected capacity change from 0 to 4096
[  706.821073][T30487] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  706.833891][T30497] loop5: detected capacity change from 0 to 512
[  706.856711][T30497] EXT4-fs: Ignoring removed i_version option
[  706.863229][T30497] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  706.880895][T30497] EXT4-fs (loop5): orphan cleanup on readonly fs
[  706.889117][T30497] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.9102: bg 0: block 248: padding at end of block bitmap is not set
[  706.904239][T30497] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.9102: Failed to acquire dquot type 1
[  706.920481][T30497] EXT4-fs (loop5): 1 truncate cleaned up
[  707.002667][T30504] loop1: detected capacity change from 0 to 8192
[  707.096961][T30497] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  707.126104][T30497] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  707.154037][T30497] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  707.172428][T30497] ext4 filesystem being remounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  707.198041][T30497] __nla_validate_parse: 4 callbacks suppressed
[  707.198056][T30497] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9102'.
[  707.222966][T30517] loop4: detected capacity change from 0 to 2048
[  707.229900][T30517] EXT4-fs: Ignoring removed mblk_io_submit option
[  707.258408][T30517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  707.273644][T30487] netlink: 'syz.0.9136': attribute type 10 has an invalid length.
[  707.328889][T30353] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.349226][T30526] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  707.370545][T30528] loop3: detected capacity change from 0 to 512
[  707.387118][T30528] EXT4-fs: Ignoring removed i_version option
[  707.397462][T30528] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  707.407727][T30528] EXT4-fs (loop3): orphan cleanup on readonly fs
[  707.416868][T30528] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9147: bg 0: block 248: padding at end of block bitmap is not set
[  707.432935][T30528] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.9147: Failed to acquire dquot type 1
[  707.458661][T30528] EXT4-fs (loop3): 1 truncate cleaned up
[  707.468295][T30528] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  707.483290][T30528] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  707.518747][T30528] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  707.530578][T30528] ext4 filesystem being remounted at /555/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  707.543696][T30523] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9145'.
[  707.556472][T30528] netlink: 464 bytes leftover after parsing attributes in process `syz.3.9147'.
[  707.714209][T21915] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  708.138924][T30526] syz.5.9146 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  708.153247][T30526] CPU: 1 UID: 0 PID: 30526 Comm: syz.5.9146 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(voluntary) 
[  708.153343][T30526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  708.153353][T30526] Call Trace:
[  708.153358][T30526]  <TASK>
[  708.153365][T30526]  __dump_stack+0x1d/0x30
[  708.153385][T30526]  dump_stack_lvl+0xe8/0x140
[  708.153486][T30526]  dump_stack+0x15/0x1b
[  708.153503][T30526]  dump_header+0x81/0x220
[  708.153548][T30526]  oom_kill_process+0x334/0x3f0
[  708.153624][T30526]  out_of_memory+0x979/0xb80
[  708.153658][T30526]  try_charge_memcg+0x5e6/0x9e0
[  708.153687][T30526]  obj_cgroup_charge_pages+0xa6/0x150
[  708.153744][T30526]  __memcg_kmem_charge_page+0x9f/0x170
[  708.153776][T30526]  __alloc_frozen_pages_noprof+0x188/0x360
[  708.153821][T30526]  alloc_pages_mpol+0xb3/0x250
[  708.153846][T30526]  alloc_pages_noprof+0x90/0x130
[  708.153901][T30526]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  708.153977][T30526]  __kvmalloc_node_noprof+0x30f/0x4e0
[  708.154001][T30526]  ? ip_set_alloc+0x1f/0x30
[  708.154061][T30526]  ? ip_set_alloc+0x1f/0x30
[  708.154084][T30526]  ? __kmalloc_cache_noprof+0x189/0x320
[  708.154110][T30526]  ip_set_alloc+0x1f/0x30
[  708.154140][T30526]  hash_netiface_create+0x282/0x740
[  708.154250][T30526]  ? __pfx_hash_netiface_create+0x10/0x10
[  708.154276][T30526]  ip_set_create+0x3cc/0x960
[  708.154308][T30526]  ? __nla_parse+0x40/0x60
[  708.154327][T30526]  nfnetlink_rcv_msg+0x4c6/0x590
[  708.154376][T30526]  ? selinux_capable+0x1f9/0x270
[  708.154405][T30526]  netlink_rcv_skb+0x123/0x220
[  708.154480][T30526]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  708.154583][T30526]  nfnetlink_rcv+0x16b/0x1690
[  708.154716][T30526]  ? __kfree_skb+0x109/0x150
[  708.154745][T30526]  ? nlmon_xmit+0x4f/0x60
[  708.154768][T30526]  ? consume_skb+0x49/0x150
[  708.154798][T30526]  ? nlmon_xmit+0x4f/0x60
[  708.154817][T30526]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  708.154919][T30526]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  708.154949][T30526]  ? __dev_queue_xmit+0x182/0x1fb0
[  708.155000][T30526]  ? ref_tracker_free+0x37d/0x3e0
[  708.155098][T30526]  ? __netlink_deliver_tap+0x4dc/0x500
[  708.155162][T30526]  netlink_unicast+0x5a1/0x670
[  708.155193][T30526]  netlink_sendmsg+0x58b/0x6b0
[  708.155265][T30526]  ? __pfx_netlink_sendmsg+0x10/0x10
[  708.155287][T30526]  __sock_sendmsg+0x145/0x180
[  708.155313][T30526]  ____sys_sendmsg+0x31e/0x4e0
[  708.155397][T30526]  ___sys_sendmsg+0x17b/0x1d0
[  708.155487][T30526]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  708.155520][T30526]  __x64_sys_sendmsg+0xd4/0x160
[  708.155543][T30526]  x64_sys_call+0x2999/0x2fb0
[  708.155568][T30526]  do_syscall_64+0xd2/0x200
[  708.155589][T30526]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  708.155623][T30526]  ? clear_bhb_loop+0x40/0x90
[  708.155645][T30526]  ? clear_bhb_loop+0x40/0x90
[  708.155718][T30526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.155738][T30526] RIP: 0033:0x7f6e7a1ee929
[  708.155756][T30526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  708.155773][T30526] RSP: 002b:00007f6e78857038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  708.155809][T30526] RAX: ffffffffffffffda RBX: 00007f6e7a415fa0 RCX: 00007f6e7a1ee929
[  708.155823][T30526] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  708.155835][T30526] RBP: 00007f6e7a270b39 R08: 0000000000000000 R09: 0000000000000000
[  708.155911][T30526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  708.155925][T30526] R13: 0000000000000000 R14: 00007f6e7a415fa0 R15: 00007ffe78b593c8
[  708.156005][T30526]  </TASK>
[  708.508393][T30526] memory: usage 307200kB, limit 307200kB, failcnt 9265
[  708.515317][T30526] memory+swap: usage 307368kB, limit 9007199254740988kB, failcnt 0
[  708.523273][T30526] kmem: usage 307164kB, limit 9007199254740988kB, failcnt 0
[  708.530679][T30526] Memory cgroup stats for /syz5:
[  708.531587][T21614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  708.557532][T30526] cache 0
[  708.560553][T30526] rss 4096
[  708.563648][T30526] shmem 0
[  708.566671][T30526] mapped_file 0
[  708.570322][T30526] dirty 0
[  708.573296][T30526] writeback 0
[  708.576602][T30526] workingset_refault_anon 13499
[  708.581456][T30526] workingset_refault_file 332
[  708.586206][T30526] swap 167936
[  708.589545][T30526] swapcached 20480
[  708.593341][T30526] pgpgin 469094
[  708.596884][T30526] pgpgout 469088
[  708.600430][T30526] pgfault 577184
[  708.604119][T30526] pgmajfault 1875
[  708.607926][T30526] inactive_anon 16384
[  708.612053][T30526] active_anon 4096
[  708.615801][T30526] inactive_file 0
[  708.616128][T30556] loop4: detected capacity change from 0 to 512
[  708.619459][T30526] active_file 4096
[  708.619467][T30526] unevictable 0
[  708.619474][T30526] hierarchical_memory_limit 314572800
[  708.619482][T30526] hierarchical_memsw_limit 9223372036854771712
[  708.619491][T30526] total_cache 0
[  708.627617][T30556] EXT4-fs: Ignoring removed i_version option
[  708.629552][T30526] total_rss 4096
[  708.629562][T30526] total_shmem 0
[  708.629613][T30526] total_mapped_file 0
[  708.629619][T30526] total_dirty 0
[  708.629626][T30526] total_writeback 0
[  708.629632][T30526] total_workingset_refault_anon 13547
[  708.629640][T30526] total_workingset_refault_file 332
[  708.633654][T30556] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  708.638478][T30526] total_swap 172032
[  708.638488][T30526] total_swapcached 32768
[  708.638496][T30526] total_pgpgin 535219
[  708.638503][T30526] total_pgpgout 535210
[  708.638510][T30526] total_pgfault 644089
[  708.638518][T30526] total_pgmajfault 2275
[  708.650042][T30556] EXT4-fs (loop4): orphan cleanup on readonly fs
[  708.654645][T30526] total_inactive_anon 28672
[  708.654657][T30526] total_active_anon 4096
[  708.731906][T30526] total_inactive_file 0
[  708.736086][T30526] total_active_file 4096
[  708.740425][T30526] total_unevictable 0
[  708.744419][T30526] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5/syz1,task=syz.5.9146,pid=30525,uid=0
[  708.759676][T30526] Memory cgroup out of memory: Killed process 30525 (syz.5.9146) total-vm:93888kB, anon-rss:1052kB, file-rss:22200kB, shmem-rss:128kB, UID:0 pgtables:148kB oom_score_adj:1000
[  708.779671][T30556] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9156: bg 0: block 248: padding at end of block bitmap is not set
[  708.795992][T30556] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.9156: Failed to acquire dquot type 1
[  708.809823][T30554] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9154'.
[  708.818820][T30554] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9154'.
[  708.837373][T30556] EXT4-fs (loop4): 1 truncate cleaned up
[  708.851336][T30556] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  708.910986][T30550] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  708.930359][T30550] ref_ctr_offset mismatch. inode: 0x234 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  708.947208][T30556] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  708.982242][T30556] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  708.993729][T30556] ext4 filesystem being remounted at /586/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  709.027476][T30556] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9156'.
[  709.042541][T30552] loop0: detected capacity change from 0 to 4096
[  709.067169][T30552] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  709.121990][T30552] netlink: 'syz.0.9155': attribute type 10 has an invalid length.
[  709.204881][T30575] loop0: detected capacity change from 0 to 8192
[  709.213955][T21614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.284866][T30581] loop1: detected capacity change from 0 to 2048
[  709.291699][T30581] EXT4-fs: Ignoring removed mblk_io_submit option
[  709.301385][T30581] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  709.332565][T30590] 9pnet_fd: Insufficient options for proto=fd
[  709.397450][T30601] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  709.496364][T30603] loop5: detected capacity change from 0 to 512
[  709.519116][T30603] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  709.549573][T30603] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  709.572275][T30603] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  709.718184][T30353] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.798905][T30610] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  709.807717][T30610] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  709.829318][T30610] vlan2: entered allmulticast mode
[  709.873075][T30615] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9170'.
[  709.898475][T30616] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  709.907034][T30616] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  709.927682][T30610] ref_ctr_offset mismatch. inode: 0x34 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  710.055569][T30619] loop0: detected capacity change from 0 to 512
[  710.062194][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  710.062236][T30619] EXT4-fs: Ignoring removed i_version option
[  710.078018][T30619] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  710.092104][T30619] EXT4-fs (loop0): orphan cleanup on readonly fs
[  710.104108][T30619] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.9173: bg 0: block 248: padding at end of block bitmap is not set
[  710.122700][T30619] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.9173: Failed to acquire dquot type 1
[  710.134811][T30619] EXT4-fs (loop0): 1 truncate cleaned up
[  710.142658][T30619] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  710.162757][T30619] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  710.165966][T30601] syz.4.9168 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  710.186527][T30601] CPU: 1 UID: 0 PID: 30601 Comm: syz.4.9168 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(voluntary) 
[  710.186557][T30601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  710.186571][T30601] Call Trace:
[  710.186579][T30601]  <TASK>
[  710.186586][T30601]  __dump_stack+0x1d/0x30
[  710.186605][T30601]  dump_stack_lvl+0xe8/0x140
[  710.186680][T30601]  dump_stack+0x15/0x1b
[  710.186700][T30601]  dump_header+0x81/0x220
[  710.186727][T30601]  oom_kill_process+0x334/0x3f0
[  710.186850][T30601]  out_of_memory+0x979/0xb80
[  710.186884][T30601]  try_charge_memcg+0x5e6/0x9e0
[  710.186914][T30601]  obj_cgroup_charge_pages+0xa6/0x150
[  710.186956][T30601]  __memcg_kmem_charge_page+0x9f/0x170
[  710.187035][T30601]  __alloc_frozen_pages_noprof+0x188/0x360
[  710.187069][T30601]  alloc_pages_mpol+0xb3/0x250
[  710.187108][T30601]  alloc_pages_noprof+0x90/0x130
[  710.187142][T30601]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  710.187205][T30601]  __kvmalloc_node_noprof+0x30f/0x4e0
[  710.187230][T30601]  ? ip_set_alloc+0x1f/0x30
[  710.187261][T30601]  ? ip_set_alloc+0x1f/0x30
[  710.187293][T30601]  ? __kmalloc_cache_noprof+0x189/0x320
[  710.187399][T30601]  ip_set_alloc+0x1f/0x30
[  710.187441][T30601]  hash_netiface_create+0x282/0x740
[  710.187473][T30601]  ? __pfx_hash_netiface_create+0x10/0x10
[  710.187505][T30601]  ip_set_create+0x3cc/0x960
[  710.187624][T30601]  ? __nla_parse+0x40/0x60
[  710.187652][T30601]  nfnetlink_rcv_msg+0x4c6/0x590
[  710.187693][T30601]  ? selinux_capable+0x1f9/0x270
[  710.187734][T30601]  netlink_rcv_skb+0x123/0x220
[  710.187762][T30601]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  710.187845][T30601]  nfnetlink_rcv+0x16b/0x1690
[  710.187867][T30601]  ? __kfree_skb+0x109/0x150
[  710.187970][T30601]  ? nlmon_xmit+0x4f/0x60
[  710.187992][T30601]  ? consume_skb+0x49/0x150
[  710.188031][T30601]  ? nlmon_xmit+0x4f/0x60
[  710.188049][T30601]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  710.188077][T30601]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  710.188147][T30601]  ? __dev_queue_xmit+0x182/0x1fb0
[  710.188175][T30601]  ? ref_tracker_free+0x37d/0x3e0
[  710.188207][T30601]  ? __netlink_deliver_tap+0x4dc/0x500
[  710.188263][T30601]  netlink_unicast+0x5a1/0x670
[  710.188291][T30601]  netlink_sendmsg+0x58b/0x6b0
[  710.188310][T30601]  ? __pfx_netlink_sendmsg+0x10/0x10
[  710.188364][T30601]  __sock_sendmsg+0x145/0x180
[  710.188387][T30601]  ____sys_sendmsg+0x31e/0x4e0
[  710.188418][T30601]  ___sys_sendmsg+0x17b/0x1d0
[  710.188477][T30601]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  710.188576][T30601]  __x64_sys_sendmsg+0xd4/0x160
[  710.188598][T30601]  x64_sys_call+0x2999/0x2fb0
[  710.188621][T30601]  do_syscall_64+0xd2/0x200
[  710.188646][T30601]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  710.188674][T30601]  ? clear_bhb_loop+0x40/0x90
[  710.188756][T30601]  ? clear_bhb_loop+0x40/0x90
[  710.188775][T30601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.188794][T30601] RIP: 0033:0x7f8d1adce929
[  710.188808][T30601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  710.188834][T30601] RSP: 002b:00007f8d19437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  710.188853][T30601] RAX: ffffffffffffffda RBX: 00007f8d1aff5fa0 RCX: 00007f8d1adce929
[  710.188867][T30601] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  710.188879][T30601] RBP: 00007f8d1ae50b39 R08: 0000000000000000 R09: 0000000000000000
[  710.188891][T30601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  710.188905][T30601] R13: 0000000000000000 R14: 00007f8d1aff5fa0 R15: 00007ffe4450a948
[  710.188925][T30601]  </TASK>
[  710.192984][T30619] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  710.201500][T30601] memory: usage 307200kB, limit 307200kB, failcnt 14042
[  710.201518][T30601] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  710.213424][T30619] ext4 filesystem being remounted at /99/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  710.214853][T30601] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  710.214868][T30601] Memory cgroup stats for /syz4:
[  710.581526][T30601] cache 0
[  710.589469][T30601] rss 0
[  710.592270][T30601] shmem 0
[  710.595209][T30601] mapped_file 0
[  710.598863][T30601] dirty 0
[  710.601806][T30601] writeback 0
[  710.605200][T30601] workingset_refault_anon 20585
[  710.610553][T30601] workingset_refault_file 4910
[  710.615336][T30601] swap 196608
[  710.618649][T30601] swapcached 0
[  710.622120][T30601] pgpgin 858694
[  710.625609][T30601] pgpgout 858694
[  710.629277][T30601] pgfault 1009323
[  710.633019][T30601] pgmajfault 2877
[  710.636682][T30601] inactive_anon 0
[  710.640311][T30601] active_anon 0
[  710.643878][T30601] inactive_file 0
[  710.647521][T30601] active_file 0
[  710.651000][T30601] unevictable 0
[  710.654452][T30601] hierarchical_memory_limit 314572800
[  710.659838][T30601] hierarchical_memsw_limit 9223372036854771712
[  710.666163][T30601] total_cache 0
[  710.669811][T30601] total_rss 0
[  710.673156][T30601] total_shmem 0
[  710.676613][T30601] total_mapped_file 0
[  710.680630][T30601] total_dirty 0
[  710.684080][T30601] total_writeback 0
[  710.687918][T30601] total_workingset_refault_anon 20653
[  710.693371][T30601] total_workingset_refault_file 5308
[  710.698674][T30601] total_swap 212992
[  710.702499][T30601] total_swapcached 0
[  710.706394][T30601] total_pgpgin 957529
[  710.710425][T30601] total_pgpgout 957529
[  710.714492][T30601] total_pgfault 1108994
[  710.718660][T30601] total_pgmajfault 3781
[  710.722801][T30601] total_inactive_anon 0
[  710.727021][T30601] total_active_anon 0
[  710.731027][T30601] total_inactive_file 0
[  710.735188][T30601] total_active_file 0
[  710.739557][T30601] total_unevictable 0
[  710.743533][T30601] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4/syz1,task=syz.4.9168,pid=30600,uid=0
[  710.758990][T30601] Memory cgroup out of memory: Killed process 30600 (syz.4.9168) total-vm:93888kB, anon-rss:1068kB, file-rss:22236kB, shmem-rss:128kB, UID:0 pgtables:144kB oom_score_adj:1000
[  710.926106][T30629] loop4: detected capacity change from 0 to 164
[  710.933301][T30629] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  710.975862][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  711.807620][T30639] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  711.997196][   T29] kauditd_printk_skb: 518 callbacks suppressed
[  711.997210][   T29] audit: type=1326 audit(1779070220.933:60345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30640 comm="syz.0.9179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  712.030688][T30642] loop5: detected capacity change from 0 to 1024
[  712.053048][T30642] EXT4-fs: Ignoring removed nobh option
[  712.119942][   T29] audit: type=1326 audit(1779070220.962:60346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30640 comm="syz.0.9179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  712.144356][   T29] audit: type=1326 audit(1779070221.021:60347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30640 comm="syz.0.9179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  712.168079][   T29] audit: type=1326 audit(1779070221.021:60348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30640 comm="syz.0.9179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  712.247285][T30642] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  712.270366][T30642] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.9180: Allocating blocks 385-513 which overlap fs metadata
[  712.313553][   T29] audit: type=1326 audit(1779070221.159:60349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30651 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  712.337364][   T29] audit: type=1326 audit(1779070221.159:60350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30651 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  712.360943][   T29] audit: type=1326 audit(1779070221.159:60351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30651 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  712.384531][   T29] audit: type=1326 audit(1779070221.159:60352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30651 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  712.408142][   T29] audit: type=1326 audit(1779070221.159:60353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30651 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  712.431760][   T29] audit: type=1326 audit(1779070221.159:60354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30651 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f8e51cde929 code=0x7ffc0000
[  712.474044][T30656] loop0: detected capacity change from 0 to 8192
[  712.494362][T30642] EXT4-fs (loop5): pa ffff888105b33b60: logic 16, phys. 129, len 24
[  712.502507][T30642] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  712.529826][T30353] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  712.716701][T30666] __nla_validate_parse: 3 callbacks suppressed
[  712.716715][T30666] netlink: 1276 bytes leftover after parsing attributes in process `syz.5.9184'.
[  712.797353][T30668] loop4: detected capacity change from 0 to 8192
[  713.097535][T30680] loop1: detected capacity change from 0 to 512
[  713.104833][T30680] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  713.113941][T30680] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  713.123482][T30680] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  713.138460][T30680] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  713.154171][T30680] System zones: 0-2, 18-18, 34-34
[  713.166498][T30680] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.9190: iget: bad i_size value: 360287970189639680
[  713.179960][T30675] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9188'.
[  713.192025][T30680] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.9190: couldn't read orphan inode 15 (err -117)
[  713.215427][T30687] loop0: detected capacity change from 0 to 2048
[  713.223612][T30687] EXT4-fs: Ignoring removed mblk_io_submit option
[  713.226479][T30680] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  713.254244][T30687] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  713.382241][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  713.448957][T30694] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9192'.
[  713.458265][T30693] FAULT_INJECTION: forcing a failure.
[  713.458265][T30693] name failslab, interval 1, probability 0, space 0, times 0
[  713.471124][T30693] CPU: 1 UID: 0 PID: 30693 Comm: syz.1.9192 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(voluntary) 
[  713.471249][T30693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  713.471259][T30693] Call Trace:
[  713.471267][T30693]  <TASK>
[  713.471274][T30693]  __dump_stack+0x1d/0x30
[  713.471350][T30693]  dump_stack_lvl+0xe8/0x140
[  713.471368][T30693]  dump_stack+0x15/0x1b
[  713.471386][T30693]  should_fail_ex+0x265/0x280
[  713.471413][T30693]  should_failslab+0x8c/0xb0
[  713.471495][T30693]  kmem_cache_alloc_node_noprof+0x57/0x320
[  713.471519][T30693]  ? __alloc_skb+0x101/0x320
[  713.471607][T30693]  __alloc_skb+0x101/0x320
[  713.471646][T30693]  netlink_dump+0x148/0x7f0
[  713.471783][T30693]  netlink_recvmsg+0x420/0x550
[  713.471795][T30693]  ? __pfx_netlink_recvmsg+0x10/0x10
[  713.471854][T30693]  sock_recvmsg+0x136/0x170
[  713.471868][T30693]  ____sys_recvmsg+0xf5/0x280
[  713.471883][T30693]  ___sys_recvmsg+0x11f/0x370
[  713.471898][T30693]  __x64_sys_recvmsg+0xd1/0x160
[  713.471968][T30693]  x64_sys_call+0xf19/0x2fb0
[  713.471989][T30693]  do_syscall_64+0xd2/0x200
[  713.472003][T30693]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  713.472077][T30693]  ? clear_bhb_loop+0x40/0x90
[  713.472089][T30693]  ? clear_bhb_loop+0x40/0x90
[  713.472103][T30693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.472124][T30693] RIP: 0033:0x7f8e51cde929
[  713.472197][T30693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  713.472247][T30693] RSP: 002b:00007f8e50347038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  713.472259][T30693] RAX: ffffffffffffffda RBX: 00007f8e51f05fa0 RCX: 00007f8e51cde929
[  713.472328][T30693] RDX: 0000000040000100 RSI: 0000200000000040 RDI: 0000000000000003
[  713.472335][T30693] RBP: 00007f8e50347090 R08: 0000000000000000 R09: 0000000000000000
[  713.472342][T30693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  713.472384][T30693] R13: 0000000000000000 R14: 00007f8e51f05fa0 R15: 00007ffd84db2118
[  713.472397][T30693]  </TASK>
[  713.692918][T30696] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  713.731792][T30700] FAULT_INJECTION: forcing a failure.
[  713.731792][T30700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  713.744938][T30700] CPU: 1 UID: 0 PID: 30700 Comm: syz.5.9196 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(voluntary) 
[  713.744965][T30700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  713.744978][T30700] Call Trace:
[  713.744986][T30700]  <TASK>
[  713.744994][T30700]  __dump_stack+0x1d/0x30
[  713.745070][T30700]  dump_stack_lvl+0xe8/0x140
[  713.745090][T30700]  dump_stack+0x15/0x1b
[  713.745108][T30700]  should_fail_ex+0x265/0x280
[  713.745140][T30700]  should_fail+0xb/0x20
[  713.745240][T30700]  should_fail_usercopy+0x1a/0x20
[  713.745299][T30700]  _copy_from_iter+0xcf/0xe40
[  713.745345][T30700]  ? __build_skb_around+0x1a0/0x200
[  713.745434][T30700]  ? __alloc_skb+0x223/0x320
[  713.745460][T30700]  netlink_sendmsg+0x471/0x6b0
[  713.745494][T30700]  ? __pfx_netlink_sendmsg+0x10/0x10
[  713.745516][T30700]  __sock_sendmsg+0x145/0x180
[  713.745564][T30700]  ____sys_sendmsg+0x31e/0x4e0
[  713.745599][T30700]  ___sys_sendmsg+0x17b/0x1d0
[  713.745642][T30700]  __x64_sys_sendmsg+0xd4/0x160
[  713.745661][T30700]  x64_sys_call+0x2999/0x2fb0
[  713.745750][T30700]  do_syscall_64+0xd2/0x200
[  713.745765][T30700]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  713.745790][T30700]  ? clear_bhb_loop+0x40/0x90
[  713.745812][T30700]  ? clear_bhb_loop+0x40/0x90
[  713.745834][T30700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.745873][T30700] RIP: 0033:0x7f6e7a1ee929
[  713.745887][T30700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  713.745904][T30700] RSP: 002b:00007f6e78857038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  713.745925][T30700] RAX: ffffffffffffffda RBX: 00007f6e7a415fa0 RCX: 00007f6e7a1ee929
[  713.745939][T30700] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000006
[  713.746016][T30700] RBP: 00007f6e78857090 R08: 0000000000000000 R09: 0000000000000000
[  713.746027][T30700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  713.746040][T30700] R13: 0000000000000000 R14: 00007f6e7a415fa0 R15: 00007ffe78b593c8
[  713.746059][T30700]  </TASK>
[  713.957936][T30686] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  713.962247][T30705] netlink: 'syz.1.9197': attribute type 1 has an invalid length.
[  713.972575][T30686] EXT4-fs (loop0): Remounting filesystem read-only
[  714.032936][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  714.047030][T30711] 9pnet_fd: Insufficient options for proto=fd
[  714.322900][T30733] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  714.330415][T30733] batman_adv: batadv0: Removing interface: batadv_slave_0
[  714.362882][T30733] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  714.370557][T30733] batman_adv: batadv0: Removing interface: batadv_slave_1
[  714.388422][T30758] loop1: detected capacity change from 0 to 2048
[  714.395185][T30758] EXT4-fs: Ignoring removed mblk_io_submit option
[  714.416681][T30758] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  714.447826][T30741] chnl_net:caif_netlink_parms(): no params data found
[  714.483087][T30741] bridge0: port 1(bridge_slave_0) entered blocking state
[  714.490214][T30741] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.497484][T30741] bridge_slave_0: entered allmulticast mode
[  714.504027][T30741] bridge_slave_0: entered promiscuous mode
[  714.510762][T30741] bridge0: port 2(bridge_slave_1) entered blocking state
[  714.517887][T30741] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.525753][T30741] bridge_slave_1: entered allmulticast mode
[  714.532153][T30741] bridge_slave_1: entered promiscuous mode
[  714.549373][T30741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  714.559762][T30741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  714.578716][T30741] team0: Port device team_slave_0 added
[  714.587925][T30741] team0: Port device team_slave_1 added
[  714.595565][   T50] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.615191][T30741] batman_adv: batadv0: Adding interface: batadv_slave_0
[  714.622264][T30741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  714.648398][T30741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  714.659753][T30741] batman_adv: batadv0: Adding interface: batadv_slave_1
[  714.666832][T30741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  714.692892][T30741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  714.716119][T30770] 9pnet_fd: Insufficient options for proto=fd
[  714.725355][T30741] hsr_slave_0: entered promiscuous mode
[  714.731536][T30741] hsr_slave_1: entered promiscuous mode
[  714.737937][T30741] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  714.745721][T30741] Cannot create hsr debugfs directory
[  714.753073][   T50] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.787897][   T50] bond0: (slave netdevsim1): Releasing backup interface
[  714.796427][   T50] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.849233][   T50] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.911641][   T50] bridge_slave_1: left allmulticast mode
[  714.917318][   T50] bridge_slave_1: left promiscuous mode
[  714.923192][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.931170][   T50] bridge_slave_0: left promiscuous mode
[  714.936899][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.959842][T30772] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9217'.
[  715.052204][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  715.062356][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  715.072261][   T50] bond0 (unregistering): Released all slaves
[  715.098644][T30792] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.9223'.
[  715.119045][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  715.129616][   T50] tipc: Disabling bearer <udp:£>
[  715.134899][   T50] tipc: Left network mode
[  715.160348][T30798] 9pnet_fd: Insufficient options for proto=fd
[  715.187757][   T50] hsr_slave_0: left promiscuous mode
[  715.194031][   T50] hsr_slave_1: left promiscuous mode
[  715.199742][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  715.207352][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[  715.218013][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  715.225590][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[  715.236105][   T50] veth1_vlan: left promiscuous mode
[  715.241520][T30785] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9221'.
[  715.251204][   T50] veth0_vlan: left promiscuous mode
[  715.302230][   T50] team0 (unregistering): Port device team_slave_1 removed
[  715.317185][   T50] team0 (unregistering): Port device team_slave_0 removed
[  715.550142][T30741] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  715.558859][T30741] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  715.567295][T30741] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  715.575693][T30741] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  715.609477][T30741] 8021q: adding VLAN 0 to HW filter on device bond0
[  715.621751][T30741] 8021q: adding VLAN 0 to HW filter on device team0
[  715.631115][T18035] bridge0: port 1(bridge_slave_0) entered blocking state
[  715.638279][T18035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  715.650815][ T1086] bridge0: port 2(bridge_slave_1) entered blocking state
[  715.657911][ T1086] bridge0: port 2(bridge_slave_1) entered forwarding state
[  715.708925][T30826] loop5: detected capacity change from 0 to 512
[  715.716609][T30826] EXT4-fs: Ignoring removed i_version option
[  715.722216][T30741] 8021q: adding VLAN 0 to HW filter on device batadv0
[  715.730406][T30826] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  715.739643][T30826] EXT4-fs (loop5): orphan cleanup on readonly fs
[  715.747568][T30826] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.9233: bg 0: block 248: padding at end of block bitmap is not set
[  715.763245][T30826] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.9233: Failed to acquire dquot type 1
[  715.776672][T30826] EXT4-fs (loop5): 1 truncate cleaned up
[  715.784316][T30826] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  715.799014][T30826] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  715.812066][T30826] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  715.820594][T30826] ext4 filesystem being remounted at /17/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  715.832594][T30826] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9233'.
[  715.840992][T30741] veth0_vlan: entered promiscuous mode
[  715.852275][T30741] veth1_vlan: entered promiscuous mode
[  715.869311][T30741] veth0_macvtap: entered promiscuous mode
[  715.877229][T30741] veth1_macvtap: entered promiscuous mode
[  715.888269][T30741] batman_adv: batadv0: Interface activated: batadv_slave_0
[  715.900231][T30741] batman_adv: batadv0: Interface activated: batadv_slave_1
[  715.911562][T30741] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  715.920469][T30741] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  715.929278][T30741] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  715.938111][T30741] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  715.959216][T30353] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  716.012810][T30858] FAULT_INJECTION: forcing a failure.
[  716.012810][T30858] name failslab, interval 1, probability 0, space 0, times 0
[  716.025756][T30858] CPU: 1 UID: 0 PID: 30858 Comm: syz.5.9240 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(voluntary) 
[  716.025823][T30858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  716.025836][T30858] Call Trace:
[  716.025842][T30858]  <TASK>
[  716.025850][T30858]  __dump_stack+0x1d/0x30
[  716.025872][T30858]  dump_stack_lvl+0xe8/0x140
[  716.025943][T30858]  dump_stack+0x15/0x1b
[  716.025960][T30858]  should_fail_ex+0x265/0x280
[  716.025988][T30858]  should_failslab+0x8c/0xb0
[  716.026111][T30858]  __kmalloc_cache_node_noprof+0x54/0x320
[  716.026135][T30858]  ? __get_vm_area_node+0x106/0x1d0
[  716.026161][T30858]  __get_vm_area_node+0x106/0x1d0
[  716.026203][T30858]  get_vm_area+0x65/0xa0
[  716.026227][T30858]  ? arena_map_alloc+0x1e6/0x370
[  716.026248][T30858]  arena_map_alloc+0x1e6/0x370
[  716.026270][T30858]  map_create+0x840/0xb90
[  716.026310][T30858]  ? security_bpf+0x2b/0x90
[  716.026329][T30858]  __sys_bpf+0x5ab/0x790
[  716.026357][T30858]  __x64_sys_bpf+0x41/0x50
[  716.026424][T30858]  x64_sys_call+0x2478/0x2fb0
[  716.026442][T30858]  do_syscall_64+0xd2/0x200
[  716.026459][T30858]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  716.026484][T30858]  ? clear_bhb_loop+0x40/0x90
[  716.026584][T30858]  ? clear_bhb_loop+0x40/0x90
[  716.026672][T30858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.026742][T30858] RIP: 0033:0x7f6e7a1ee929
[  716.026756][T30858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  716.026772][T30858] RSP: 002b:00007f6e78857038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  716.026792][T30858] RAX: ffffffffffffffda RBX: 00007f6e7a415fa0 RCX: 00007f6e7a1ee929
[  716.026823][T30858] RDX: 0000000000000050 RSI: 0000200000000480 RDI: 0000000000000000
[  716.026836][T30858] RBP: 00007f6e78857090 R08: 0000000000000000 R09: 0000000000000000
[  716.026848][T30858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  716.026874][T30858] R13: 0000000000000000 R14: 00007f6e7a415fa0 R15: 00007ffe78b593c8
[  716.026890][T30858]  </TASK>
[  716.039458][T30860] loop4: detected capacity change from 0 to 1024
[  716.248642][T30860] EXT4-fs: dax option not supported
[  716.268120][T30865] FAULT_INJECTION: forcing a failure.
[  716.268120][T30865] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  716.281328][T30865] CPU: 1 UID: 0 PID: 30865 Comm: syz.0.9242 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(voluntary) 
[  716.281383][T30865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  716.281394][T30865] Call Trace:
[  716.281402][T30865]  <TASK>
[  716.281408][T30865]  __dump_stack+0x1d/0x30
[  716.281519][T30865]  dump_stack_lvl+0xe8/0x140
[  716.281566][T30865]  dump_stack+0x15/0x1b
[  716.281632][T30865]  should_fail_ex+0x265/0x280
[  716.281657][T30865]  should_fail+0xb/0x20
[  716.281688][T30865]  should_fail_usercopy+0x1a/0x20
[  716.281713][T30865]  fpu__restore_sig+0x12d/0xaa0
[  716.281737][T30865]  ? should_fail_ex+0xdb/0x280
[  716.281787][T30865]  __ia32_sys_rt_sigreturn+0x29f/0x350
[  716.281892][T30865]  x64_sys_call+0x2e8a/0x2fb0
[  716.281935][T30865]  do_syscall_64+0xd2/0x200
[  716.282029][T30865]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  716.282049][T30865]  ? clear_bhb_loop+0x40/0x90
[  716.282141][T30865]  ? clear_bhb_loop+0x40/0x90
[  716.282158][T30865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.282174][T30865] RIP: 0033:0x7f7dc438e929
[  716.282187][T30865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  716.282201][T30865] RSP: 002b:00007f7dc29f7038 EFLAGS: 00000246
[  716.282214][T30865] RAX: fffffffffffffffc RBX: 00007f7dc45b5fa0 RCX: 00007f7dc438e929
[  716.282224][T30865] RDX: 0000200000000180 RSI: 00000000c0109207 RDI: 0000000000000005
[  716.282310][T30865] RBP: 00007f7dc29f7090 R08: 0000000000000000 R09: 0000000000000000
[  716.282320][T30865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  716.282330][T30865] R13: 0000000000000000 R14: 00007f7dc45b5fa0 R15: 00007ffccf4dbda8
[  716.282378][T30865]  </TASK>
[  716.503053][T30863] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9243'.
[  716.531734][T30881] loop0: detected capacity change from 0 to 512
[  716.539928][T30881] EXT4-fs: Ignoring removed i_version option
[  716.548427][T30881] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  716.558318][T30881] EXT4-fs (loop0): orphan cleanup on readonly fs
[  716.566538][T30881] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.9248: bg 0: block 248: padding at end of block bitmap is not set
[  716.587947][T30881] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.9248: Failed to acquire dquot type 1
[  716.599792][T30881] EXT4-fs (loop0): 1 truncate cleaned up
[  716.606016][T30881] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  716.619785][T30881] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  716.632365][T30881] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  716.640841][T30881] ext4 filesystem being remounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  716.652616][T30881] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9248'.
[  716.742483][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  716.806813][T30891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9253'.
[  717.040300][T30904] loop5: detected capacity change from 0 to 512
[  717.058480][T30904] EXT4-fs (loop5): too many log groups per flexible block group
[  717.066309][T30904] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  717.073339][T30904] EXT4-fs (loop5): mount failed
[  717.086780][T30904] loop5: detected capacity change from 0 to 2048
[  717.093473][T30904] EXT4-fs: Ignoring removed mblk_io_submit option
[  717.100175][T30904] ext4: Bad value for 'mb_optimize_scan'
[  717.191490][T30909] loop5: detected capacity change from 0 to 2048
[  717.198471][T30909] EXT4-fs: Ignoring removed mblk_io_submit option
[  717.210980][T30909] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  717.360332][   T29] kauditd_printk_skb: 709 callbacks suppressed
[  717.360347][   T29] audit: type=1400 audit(1779070226.213:61060): avc:  denied  { read write } for  pid=30914 comm="syz.1.9259" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  717.360893][T30915] $Hÿ: renamed from bond0 (while UP)
[  717.368439][   T29] audit: type=1400 audit(1779070226.213:61061): avc:  denied  { open } for  pid=30914 comm="syz.1.9259" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  717.428182][T30915] $Hÿ: entered promiscuous mode
[  717.433341][T30915] bond_slave_0: entered promiscuous mode
[  717.439314][T30915] bond_slave_1: entered promiscuous mode
[  717.451423][   T29] audit: type=1326 audit(1779070226.302:61062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30919 comm="syz.3.9261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62ea3de929 code=0x7ffc0000
[  717.475209][   T29] audit: type=1326 audit(1779070226.302:61063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30919 comm="syz.3.9261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62ea3de929 code=0x7ffc0000
[  717.519914][   T29] audit: type=1326 audit(1779070226.351:61064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30919 comm="syz.3.9261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62ea3de929 code=0x7ffc0000
[  717.543644][   T29] audit: type=1326 audit(1779070226.351:61065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30919 comm="syz.3.9261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62ea3de929 code=0x7ffc0000
[  717.567539][   T29] audit: type=1326 audit(1779070226.351:61066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30919 comm="syz.3.9261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62ea3de929 code=0x7ffc0000
[  717.591344][   T29] audit: type=1326 audit(1779070226.351:61067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30919 comm="syz.3.9261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62ea3de929 code=0x7ffc0000
[  717.614961][   T29] audit: type=1326 audit(1779070226.351:61068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30919 comm="syz.3.9261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62ea3de929 code=0x7ffc0000
[  717.639117][   T29] audit: type=1326 audit(1779070226.351:61069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30919 comm="syz.3.9261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62ea3de929 code=0x7ffc0000
[  717.684108][T30928] loop0: detected capacity change from 0 to 512
[  717.693189][T30931] loop3: detected capacity change from 0 to 512
[  717.693202][T30928] EXT4-fs: Ignoring removed i_version option
[  717.699886][T30928] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  717.714866][T30931] EXT4-fs: Ignoring removed i_version option
[  717.715477][T30932] loop4: detected capacity change from 0 to 1024
[  717.722072][T30928] EXT4-fs (loop0): orphan cleanup on readonly fs
[  717.734067][T30931] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  717.735483][T30928] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.9265: bg 0: block 248: padding at end of block bitmap is not set
[  717.759595][T30931] EXT4-fs (loop3): orphan cleanup on readonly fs
[  717.766597][T30931] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9267: bg 0: block 248: padding at end of block bitmap is not set
[  717.767083][T30928] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.9265: Failed to acquire dquot type 1
[  717.782436][T30931] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.9267: Failed to acquire dquot type 1
[  717.803281][T30932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  717.816561][T30928] EXT4-fs (loop0): 1 truncate cleaned up
[  717.822612][T30931] EXT4-fs (loop3): 1 truncate cleaned up
[  717.828978][T30928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  717.841927][T30931] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  717.857569][T30761] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  717.882319][T30761] EXT4-fs (loop5): Remounting filesystem read-only
[  717.889912][T30932] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 4 with error 28
[  717.892045][T30928] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  717.902222][T30932] EXT4-fs (loop4): This should not happen!! Data will be lost
[  717.902222][T30932] 
[  717.902241][T30932] EXT4-fs (loop4): Total free blocks count 0
[  717.927307][T30932] EXT4-fs (loop4): Free/Dirty block details
[  717.928613][T30928] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  717.933269][T30932] EXT4-fs (loop4): free_blocks=0
[  717.943044][T30928] ext4 filesystem being remounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  717.946528][T30932] EXT4-fs (loop4): dirty_blocks=0
[  717.946543][T30932] EXT4-fs (loop4): Block reservation details
[  717.962926][T30928] __nla_validate_parse: 1 callbacks suppressed
[  717.962939][T30928] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9265'.
[  717.967982][T30932] EXT4-fs (loop4): i_reserved_data_blocks=0
[  717.989657][T30931] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  718.009943][T30931] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  718.018522][T30931] ext4 filesystem being remounted at /578/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  718.019462][T30741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  718.039210][T30931] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9267'.
[  718.066096][T30353] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  718.097891][T30940] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9269'.
[  718.116006][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  718.191931][T21915] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  718.238200][T30964] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9275'.
[  718.432930][T30975] loop3: detected capacity change from 0 to 2048
[  718.452771][T30975] EXT4-fs: Ignoring removed mblk_io_submit option
[  718.470182][T30977] loop0: detected capacity change from 0 to 2048
[  718.478513][T30977] EXT4-fs: Ignoring removed mblk_io_submit option
[  718.528229][T30975] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  718.547279][T30977] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  718.696630][T30995] loop1: detected capacity change from 0 to 1024
[  718.709522][T30995] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  718.726100][T30995] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 4 with error 28
[  718.738529][T30995] EXT4-fs (loop1): This should not happen!! Data will be lost
[  718.738529][T30995] 
[  718.748421][T30995] EXT4-fs (loop1): Total free blocks count 0
[  718.754413][T30995] EXT4-fs (loop1): Free/Dirty block details
[  718.760431][T30995] EXT4-fs (loop1): free_blocks=0
[  718.765362][T30995] EXT4-fs (loop1): dirty_blocks=0
[  718.770443][T30995] EXT4-fs (loop1): Block reservation details
[  718.776493][T30995] EXT4-fs (loop1): i_reserved_data_blocks=0
[  718.810058][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  718.852927][T31003] loop1: detected capacity change from 0 to 1024
[  718.859950][T31003] EXT4-fs: Ignoring removed nobh option
[  718.870711][T31003] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  718.886217][T31003] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.9291: Allocating blocks 385-513 which overlap fs metadata
[  718.918887][T31003] EXT4-fs (loop1): pa ffff88810a4299a0: logic 16, phys. 129, len 24
[  718.927050][T31003] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  718.953080][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  719.200165][T21915] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  719.232212][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  719.247833][T31009] loop1: detected capacity change from 0 to 2048
[  719.324969][T31027] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  719.333798][T31027] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  719.350098][T31027] vlan2: entered allmulticast mode
[  719.411278][T31027] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  719.422353][T31027] ref_ctr_offset mismatch. inode: 0x2b7 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  719.576686][T31035] loop3: detected capacity change from 0 to 2048
[  719.592505][T31043] loop4: detected capacity change from 0 to 1024
[  719.599558][T31043] EXT4-fs: Ignoring removed nobh option
[  719.619767][T31043] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  719.633921][T31043] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.9307: Allocating blocks 385-513 which overlap fs metadata
[  719.648486][T31042] EXT4-fs (loop4): pa ffff888105b33b60: logic 16, phys. 129, len 24
[  719.656499][T31042] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  719.677701][T30741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  719.755224][T31063] loop4: detected capacity change from 0 to 1024
[  719.762032][T31063] EXT4-fs: dax option not supported
[  719.785021][T31067] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=31067 comm=syz.4.9318
[  719.800107][T31069] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  719.808787][T31069] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  719.823553][T31069] vlan2: entered allmulticast mode
[  719.865501][T31076] loop1: detected capacity change from 0 to 1024
[  719.872525][T31076] EXT4-fs: Ignoring removed nobh option
[  719.881676][T31069] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  719.883466][T31076] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  719.904562][T31069] ref_ctr_offset mismatch. inode: 0x2dc offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  719.908002][T31076] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.9322: Allocating blocks 385-513 which overlap fs metadata
[  719.932855][T31075] EXT4-fs (loop1): pa ffff88810a429930: logic 16, phys. 129, len 24
[  719.940873][T31075] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  719.961037][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.146542][T31104] loop4: detected capacity change from 0 to 512
[  720.155818][T31104] EXT4-fs: Ignoring removed i_version option
[  720.162808][T31104] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  720.194178][T31107] loop0: detected capacity change from 0 to 1024
[  720.203656][T31107] EXT4-fs: Ignoring removed nobh option
[  720.212657][T31104] EXT4-fs (loop4): orphan cleanup on readonly fs
[  720.221571][T31104] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9333: bg 0: block 248: padding at end of block bitmap is not set
[  720.237930][T31104] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.9333: Failed to acquire dquot type 1
[  720.250265][T31104] EXT4-fs (loop4): 1 truncate cleaned up
[  720.292088][T31112] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  720.327965][T31107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  720.398683][T31115] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  720.418331][T31107] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.9334: Allocating blocks 385-513 which overlap fs metadata
[  720.453920][T31104] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  720.487870][T31106] EXT4-fs (loop0): pa ffff888105b33b60: logic 16, phys. 129, len 24
[  720.495967][T31106] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  720.518114][T31104] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  720.549211][T31104] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  720.557706][T31104] ext4 filesystem being remounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  720.577012][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.724040][T30741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.948986][T31148] loop1: detected capacity change from 0 to 512
[  720.971139][T31148] EXT4-fs: Ignoring removed i_version option
[  720.989142][T31148] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  721.007763][T31152] loop3: detected capacity change from 0 to 512
[  721.014169][T31143] loop4: detected capacity change from 0 to 8192
[  721.015933][T31148] EXT4-fs (loop1): orphan cleanup on readonly fs
[  721.027622][T31152] EXT4-fs: Ignoring removed i_version option
[  721.033344][T31148] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.9349: bg 0: block 248: padding at end of block bitmap is not set
[  721.053665][T31152] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  721.075734][T31148] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.9349: Failed to acquire dquot type 1
[  721.093661][T31152] EXT4-fs (loop3): orphan cleanup on readonly fs
[  721.104841][T31152] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9351: bg 0: block 248: padding at end of block bitmap is not set
[  721.119437][T31152] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.9351: Failed to acquire dquot type 1
[  721.122094][T31148] EXT4-fs (loop1): 1 truncate cleaned up
[  721.146129][T31152] EXT4-fs (loop3): 1 truncate cleaned up
[  721.152389][T31152] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  721.167615][T31148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  721.188074][T31152] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  721.217229][T31148] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  721.227890][T31152] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  721.237930][T31152] ext4 filesystem being remounted at /596/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  721.255044][T31148] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  721.265700][T31148] ext4 filesystem being remounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  721.320113][T31161] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  721.347673][T21915] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.396415][T29107] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.449198][T31175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  721.461252][T31175] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.516118][T31177] loop5: detected capacity change from 0 to 1024
[  721.524495][T31177] EXT4-fs: Ignoring removed nobh option
[  721.539251][T31177] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  721.554549][T31177] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.9360: Allocating blocks 385-513 which overlap fs metadata
[  721.570675][T31177] EXT4-fs (loop5): pa ffff88810a429930: logic 16, phys. 129, len 24
[  721.575534][T31185] loop0: detected capacity change from 0 to 1024
[  721.578847][T31177] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  721.701781][T30353] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.753197][T31185] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  721.826729][T31190] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  721.858931][T31185] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 4 with error 28
[  721.871720][T31185] EXT4-fs (loop0): This should not happen!! Data will be lost
[  721.871720][T31185] 
[  721.881431][T31185] EXT4-fs (loop0): Total free blocks count 0
[  721.887451][T31185] EXT4-fs (loop0): Free/Dirty block details
[  721.893383][T31185] EXT4-fs (loop0): free_blocks=0
[  721.898317][T31185] EXT4-fs (loop0): dirty_blocks=0
[  721.903397][T31185] EXT4-fs (loop0): Block reservation details
[  721.909389][T31185] EXT4-fs (loop0): i_reserved_data_blocks=0
[  721.945338][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.976321][T31195] loop0: detected capacity change from 0 to 512
[  721.986302][T31195] EXT4-fs: Ignoring removed i_version option
[  721.994997][T31195] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  722.014773][T31195] EXT4-fs (loop0): orphan cleanup on readonly fs
[  722.026038][T31195] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.9365: bg 0: block 248: padding at end of block bitmap is not set
[  722.040730][T31195] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.9365: Failed to acquire dquot type 1
[  722.054082][T31195] EXT4-fs (loop0): 1 truncate cleaned up
[  722.063272][T31195] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  722.081245][T31195] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  722.103414][T31195] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  722.142184][T31195] ext4 filesystem being remounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  722.328645][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  722.391033][T31208] loop0: detected capacity change from 0 to 512
[  722.425794][T31208] EXT4-fs: Ignoring removed i_version option
[  722.446893][T31212] $Hÿ: renamed from bond0 (while UP)
[  722.454898][T31208] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  722.464154][T31212] $Hÿ: entered promiscuous mode
[  722.469259][T31212] bond_slave_0: entered promiscuous mode
[  722.475095][T31212] bond_slave_1: entered promiscuous mode
[  722.491793][T31208] EXT4-fs (loop0): orphan cleanup on readonly fs
[  722.619786][T31208] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.9369: bg 0: block 248: padding at end of block bitmap is not set
[  722.634851][T31208] __quota_error: 521 callbacks suppressed
[  722.634867][T31208] Quota error (device loop0): write_blk: dquota write failed
[  722.648158][T31208] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  722.658090][T31208] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.9369: Failed to acquire dquot type 1
[  722.675898][T31208] EXT4-fs (loop0): 1 truncate cleaned up
[  722.683480][T31208] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  722.763364][T31208] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  722.831163][T31208] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  722.859927][T31223] loop5: detected capacity change from 0 to 8192
[  722.873073][T31208] ext4 filesystem being remounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  722.957297][   T29] audit: type=1326 audit(1779070231.753:61579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31207 comm="syz.0.9369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  723.035354][   T29] audit: type=1326 audit(1779070231.783:61580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31207 comm="syz.0.9369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  723.058963][   T29] audit: type=1326 audit(1779070231.783:61581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31207 comm="syz.0.9369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  723.082560][   T29] audit: type=1326 audit(1779070231.783:61582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31207 comm="syz.0.9369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  723.106215][   T29] audit: type=1326 audit(1779070231.783:61583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31207 comm="syz.0.9369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dc438e929 code=0x7ffc0000
[  723.130050][   T29] audit: type=1326 audit(1779070231.783:61584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31207 comm="syz.0.9369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7dc4390847 code=0x7ffc0000
[  723.153583][   T29] audit: type=1326 audit(1779070231.783:61585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31207 comm="syz.0.9369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f7dc43907bc code=0x7ffc0000
[  723.164768][T31232] loop4: detected capacity change from 0 to 512
[  723.177042][   T29] audit: type=1326 audit(1779070231.783:61586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31207 comm="syz.0.9369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f7dc43906f4 code=0x7ffc0000
[  723.183931][T31232] EXT4-fs: Ignoring removed i_version option
[  723.213547][T31232] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  723.223149][T31232] EXT4-fs (loop4): orphan cleanup on readonly fs
[  723.223187][T28684] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  723.231646][T31232] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9377: bg 0: block 248: padding at end of block bitmap is not set
[  723.253176][T31232] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.9377: Failed to acquire dquot type 1
[  723.265096][T31232] EXT4-fs (loop4): 1 truncate cleaned up
[  723.271277][T31232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  723.291158][T31231] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  723.305547][T31231] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  723.314612][T31231] ext4 filesystem being remounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  723.326551][T31231] __nla_validate_parse: 5 callbacks suppressed
[  723.326567][T31231] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9377'.
[  723.343395][T31242] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  723.464616][T30741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  723.477733][T31247] netlink: 172 bytes leftover after parsing attributes in process `syz.1.9384'.
[  723.505403][T31251] loop5: detected capacity change from 0 to 1024
[  723.512586][T31251] EXT4-fs: Ignoring removed nobh option
[  723.529381][T31251] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  723.543765][T31254] $Hÿ: renamed from bond0 (while UP)
[  723.554313][T31254] $Hÿ: entered promiscuous mode
[  723.559457][T31254] bond_slave_0: entered promiscuous mode
[  723.565319][T31254] bond_slave_1: entered promiscuous mode
[  723.565490][T31251] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.9386: Allocating blocks 385-513 which overlap fs metadata
[  723.605856][T31251] EXT4-fs (loop5): pa ffff888105b33c40: logic 16, phys. 129, len 24
[  723.614007][T31251] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  723.641555][T30353] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  723.668690][T31264] loop4: detected capacity change from 0 to 2048
[  723.675875][T31264] EXT4-fs: Ignoring removed mblk_io_submit option
[  723.693991][T31264] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  723.853128][T31269] loop5: detected capacity change from 0 to 128
[  723.933742][T31269] bio_check_eod: 9833 callbacks suppressed
[  723.933755][T31269] syz.5.9390: attempt to access beyond end of device
[  723.933755][T31269] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  723.953243][T31269] syz.5.9390: attempt to access beyond end of device
[  723.953243][T31269] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  723.966889][T31269] syz.5.9390: attempt to access beyond end of device
[  723.966889][T31269] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[  723.980352][T31269] syz.5.9390: attempt to access beyond end of device
[  723.980352][T31269] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  723.993842][T31269] syz.5.9390: attempt to access beyond end of device
[  723.993842][T31269] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[  724.007290][T31269] syz.5.9390: attempt to access beyond end of device
[  724.007290][T31269] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  724.020740][T31269] syz.5.9390: attempt to access beyond end of device
[  724.020740][T31269] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[  724.034170][T31269] syz.5.9390: attempt to access beyond end of device
[  724.034170][T31269] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128
[  724.047769][T31269] syz.5.9390: attempt to access beyond end of device
[  724.047769][T31269] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128
[  724.061303][T31269] syz.5.9390: attempt to access beyond end of device
[  724.061303][T31269] loop5: rw=2049, sector=297, nr_sectors = 8 limit=128
[  724.532975][T30741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  724.765740][T31290] loop4: detected capacity change from 0 to 1024
[  724.815765][T31290] EXT4-fs: Ignoring removed nobh option
[  724.864308][T31290] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  724.890354][T31297] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  724.962785][T30741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  724.995547][T31278] loop0: detected capacity change from 0 to 4096
[  725.012731][T31299] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  725.021480][T31299] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  725.036194][T31278] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  725.054580][T31299] vlan2: entered allmulticast mode
[  725.104104][T31302] loop5: detected capacity change from 0 to 512
[  725.104648][T31299] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  725.111987][T31302] EXT4-fs: Ignoring removed i_version option
[  725.125988][T31302] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  725.133784][T31278] netlink: 'syz.0.9394': attribute type 10 has an invalid length.
[  725.135127][T31302] EXT4-fs (loop5): orphan cleanup on readonly fs
[  725.150303][T31302] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.9401: bg 0: block 248: padding at end of block bitmap is not set
[  725.165441][T31302] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.9401: Failed to acquire dquot type 1
[  725.165509][T31304] ref_ctr_offset mismatch. inode: 0xd4 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  725.177901][T31302] EXT4-fs (loop5): 1 truncate cleaned up
[  725.195928][T31302] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  725.214840][T31302] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  725.231749][T31302] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  725.240775][T31302] ext4 filesystem being remounted at /44/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  725.252841][T31302] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9401'.
[  725.343536][T31317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  725.352037][T31317] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  725.390224][T31318] loop0: detected capacity change from 0 to 2048
[  725.405471][T31318] EXT4-fs: Ignoring removed mblk_io_submit option
[  725.431701][T30353] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  725.444457][T30353] ==================================================================
[  725.445216][T31318] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  725.452575][T30353] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[  725.472279][T30353] 
[  725.474594][T30353] read-write to 0xffff888237c26f10 of 8 bytes by task 31318 on cpu 0:
[  725.482735][T30353]  find_get_block_common+0x4f0/0x960
[  725.488026][T30353]  bdev_getblk+0x59/0x3d0
[  725.492362][T30353]  ext4_sb_breadahead_unmovable+0x45/0x180
[  725.498172][T30353]  __ext4_get_inode_loc+0x709/0x930
[  725.503460][T30353]  __ext4_iget+0x2ea/0x21c0
[  725.507985][T30353]  ext4_fill_super+0x26ea/0x34e0
[  725.512923][T30353]  get_tree_bdev_flags+0x28e/0x300
[  725.518037][T30353]  get_tree_bdev+0x1f/0x30
[  725.522451][T30353]  ext4_get_tree+0x1c/0x30
[  725.526859][T30353]  vfs_get_tree+0x57/0x1d0
[  725.531278][T30353]  do_new_mount+0x207/0x680
[  725.535788][T30353]  path_mount+0x4a4/0xb20
[  725.540133][T30353]  __se_sys_mount+0x28f/0x2e0
[  725.544808][T30353]  __x64_sys_mount+0x67/0x80
[  725.549386][T30353]  x64_sys_call+0xd36/0x2fb0
[  725.553972][T30353]  do_syscall_64+0xd2/0x200
[  725.558473][T30353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.564364][T30353] 
[  725.566690][T30353] read to 0xffff888237c26f10 of 8 bytes by task 30353 on cpu 1:
[  725.574329][T30353]  has_bh_in_lru+0x35/0x1f0
[  725.578843][T30353]  smp_call_function_many_cond+0x389/0xbf0
[  725.584683][T30353]  on_each_cpu_cond_mask+0x3c/0x80
[  725.589972][T30353]  invalidate_bh_lrus+0x2a/0x30
[  725.594824][T30353]  invalidate_bdev+0x42/0x70
[  725.599407][T30353]  ext4_put_super+0x624/0x7d0
[  725.604082][T30353]  generic_shutdown_super+0xe6/0x210
[  725.609368][T30353]  kill_block_super+0x2a/0x70
[  725.614043][T30353]  ext4_kill_sb+0x42/0x80
[  725.618364][T30353]  deactivate_locked_super+0x72/0x1c0
[  725.623738][T30353]  deactivate_super+0x97/0xa0
[  725.628411][T30353]  cleanup_mnt+0x269/0x2e0
[  725.632824][T30353]  __cleanup_mnt+0x19/0x20
[  725.637237][T30353]  task_work_run+0x131/0x1a0
[  725.641823][T30353]  exit_to_user_mode_loop+0xe4/0x100
[  725.647100][T30353]  do_syscall_64+0x1d6/0x200
[  725.651680][T30353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.657569][T30353] 
[  725.659881][T30353] value changed: 0xffff88810a787888 -> 0xffff88810a787958
[  725.666974][T30353] 
[  725.669290][T30353] Reported by Kernel Concurrency Sanitizer on:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  725.675435][T30353] CPU: 1 UID: 0 PID: 30353 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(voluntary) 
[  725.688103][T30353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  725.698154][T30353] ==================================================================
[  725.801389][T31318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  725.837314][T18083] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.919074][T18083] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.987183][T18083] bond0: (slave netdevsim1): Releasing backup interface
[  725.995492][T18083] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.038513][T18083] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.089016][T18083] bridge_slave_1: left allmulticast mode
[  726.094677][T18083] bridge_slave_1: left promiscuous mode
[  726.100593][T18083] bridge0: port 2(bridge_slave_1) entered disabled state
[  726.108233][T18083] bridge_slave_0: left promiscuous mode
[  726.113977][T18083] bridge0: port 1(bridge_slave_0) entered disabled state
[  726.179508][T18083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  726.189088][T18083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  726.198443][T18083] bond0 (unregistering): Released all slaves
[  726.289070][T18083] tipc: Disabling bearer <udp:£>
[  726.294067][T18083] tipc: Left network mode
[  726.314808][T18083] hsr_slave_0: left promiscuous mode
[  726.320823][T18083] hsr_slave_1: left promiscuous mode
[  726.326463][T18083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  726.333884][T18083] batman_adv: batadv0: Removing interface: batadv_slave_0
[  726.341607][T18083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  726.349072][T18083] batman_adv: batadv0: Removing interface: batadv_slave_1
[  726.358944][T18083] veth1_vlan: left promiscuous mode
[  726.364269][T18083] veth0_vlan: left promiscuous mode
[  726.411294][T18083] team0 (unregistering): Port device team_slave_1 removed
[  726.420605][T18083] team0 (unregistering): Port device team_slave_0 removed
[  726.785241][T18083] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.844420][T18083] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.893446][T18083] bond0: (slave netdevsim1): Releasing backup interface
[  726.901684][T18083] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.945764][T18083] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.016016][T18083] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.046049][T18083] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.085772][T18083] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.176604][T18083] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.257802][T18083] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.327546][T18083] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.378405][T18083] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.428269][T18083] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.508544][T18083] bridge_slave_1: left allmulticast mode
[  727.514220][T18083] bridge_slave_1: left promiscuous mode
[  727.519981][T18083] bridge0: port 2(bridge_slave_1) entered disabled state
[  727.527606][T18083] bridge_slave_0: left promiscuous mode
[  727.533306][T18083] bridge0: port 1(bridge_slave_0) entered disabled state
[  727.541747][T18083] bridge_slave_1: left allmulticast mode
[  727.547464][T18083] bridge_slave_1: left promiscuous mode
[  727.553189][T18083] bridge0: port 2(bridge_slave_1) entered disabled state
[  727.560806][T18083] bridge_slave_0: left promiscuous mode
[  727.566618][T18083] bridge0: port 1(bridge_slave_0) entered disabled state
[  727.574853][T18083] bridge_slave_1: left allmulticast mode
[  727.580998][T18083] bridge_slave_1: left promiscuous mode
[  727.586815][T18083] bridge0: port 2(bridge_slave_1) entered disabled state
[  727.594694][T18083] bridge_slave_0: left promiscuous mode
[  727.600692][T18083] bridge0: port 1(bridge_slave_0) entered disabled state
[  727.699933][T18083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  727.709764][T18083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  727.719160][T18083] bond0 (unregistering): Released all slaves
[  727.800923][T18083] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  727.809702][T18083] bond_slave_0: left promiscuous mode
[  727.816030][T18083] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  727.824969][T18083] bond_slave_1: left promiscuous mode
[  727.831319][T18083] $Hÿ (unregistering): Released all slaves
[  727.921518][T18083] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  727.930313][T18083] bond_slave_0: left promiscuous mode
[  727.936648][T18083] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  727.945476][T18083] bond_slave_1: left promiscuous mode
[  727.951545][T18083] $Hÿ (unregistering): Released all slaves
[  728.030885][T18083] hsr_slave_0: left promiscuous mode
[  728.036543][T18083] hsr_slave_1: left promiscuous mode
[  728.042360][T18083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  728.049914][T18083] batman_adv: batadv0: Removing interface: batadv_slave_0
[  728.057393][T18083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  728.064821][T18083] batman_adv: batadv0: Removing interface: batadv_slave_1
[  728.073389][T18083] hsr_slave_0: left promiscuous mode
[  728.078976][T18083] hsr_slave_1: left promiscuous mode
[  728.085992][T18083] hsr_slave_0: left promiscuous mode
[  728.091716][T18083] hsr_slave_1: left promiscuous mode
[  728.097421][T18083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  728.104834][T18083] batman_adv: batadv0: Removing interface: batadv_slave_0
[  728.112374][T18083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  728.119851][T18083] batman_adv: batadv0: Removing interface: batadv_slave_1
[  728.133184][T18083] veth1_vlan: left promiscuous mode
[  728.138416][T18083] veth0_vlan: left promiscuous mode
[  728.144108][T18083] veth1_vlan: left promiscuous mode
[  728.149322][T18083] veth0_vlan: left promiscuous mode
[  728.154998][T18083] veth1_vlan: left promiscuous mode
[  728.160207][T18083] veth0_vlan: left promiscuous mode
[  728.250906][T18083] team0 (unregistering): Port device team_slave_1 removed
[  728.260790][T18083] team0 (unregistering): Port device team_slave_0 removed
[  728.304791][T18083] team0 (unregistering): Port device team_slave_1 removed
[  728.314281][T18083] team0 (unregistering): Port device team_slave_0 removed
[  728.356366][T18083] team0 (unregistering): Port device team_slave_1 removed
[  728.366114][T18083] team0 (unregistering): Port device team_slave_0 removed