last executing test programs:

2m51.480538s ago: executing program 3 (id=2689):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x8, &(0x7f0000000100)=0x147ae147ae147ad, 0x112) (fail_nth: 2)

2m51.442784093s ago: executing program 3 (id=2691):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
fcntl$getownex(r0, 0x10, 0x0)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000001140), 0xffffffffffffffff)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r2, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x18)
connect$vsock_stream(r5, 0x0, 0x0)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x1)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x5, 0x3510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffdffe, 0x4, @perf_bp={0x0, 0x7}, 0x800, 0x10000, 0x0, 0x2, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r1)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r8, 0x0)
bind$inet6(r8, &(0x7f0000000100)={0xa, 0x4e24, 0x7, @empty, 0x9}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

2m51.373026549s ago: executing program 3 (id=2694):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x202200, 0x0)
close(r3)
socket$kcm(0x10, 0x100000000002, 0x4)
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0x3, 0x2000000000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0)

2m51.280807316s ago: executing program 3 (id=2696):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_debug_messages', 0x42, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000008c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9feb}]})
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r3, 0x400, 0x1)
copy_file_range(r0, 0x0, r0, &(0x7f00000000c0)=0xc, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x6d, 0x20}, 0xc)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r4, 0x20, 0x0, 0x8000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_pidfd_open(r6, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r7, 0xff09, 0x0)
pwrite64(r5, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r8, &(0x7f0000000140)='2', 0x1, 0x8000c61)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x7f)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r10, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x18)
connect$unix(r10, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e20}, 0x18)
ioctl$EXT4_IOC_MOVE_EXT(r9, 0x4030582b, &(0x7f0000000200)={0x0, r9, 0x201, 0x4400002, 0x1000000000000034, 0x400})

2m51.163225086s ago: executing program 3 (id=2697):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0, 0x0, 0x2246}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x7}, 0x38)
futex(0x0, 0x80000000000b, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0xa00, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000030605000000000000000010000000060500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x20000810)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000fddbdf250900000034c0171fb627996c6395df179911a1de9dd3053ede6944a8337392b0d8cc61ae081069bee216d554ef9a2e1de97acb509daa88d098090704572c3df0457627529e126dbdd453b1b678a7eca0"], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
ioprio_set$pid(0x2, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff})
read(r6, 0x0, 0x0)

2m51.026339617s ago: executing program 3 (id=2701):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
readv(r0, &(0x7f0000000040)=[{&(0x7f0000001a80)=""/4112, 0x1010}], 0x1)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x7f)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x50000)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="8a180000000000000000000000000000a40ad8b80b9a12e10f5586e54c00180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000", @ANYRES8=r1, @ANYRESDEC=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = inotify_init1(0x800)
r4 = inotify_add_watch(r3, 0x0, 0x10000a0)
r5 = dup(r3)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000fff080"], 0x24}}, 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r7, 0x5412, 0x0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000140)=0x7f)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0}, 0x2000)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r6, {<r10=>r8, r9}}, './file0\x00'})
ioperm(0x3c, 0x1, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r10, @ANYRES32=0x1, @ANYRES32, @ANYRESOCT, @ANYRES64=r9, @ANYBLOB='\x00'/28], 0x50)
r11 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r11}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r12 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r13 = fcntl$dupfd(r12, 0x0, r12)
readv(r13, &(0x7f0000000000)=[{&(0x7f0000001140)=""/134, 0x86}], 0x1)
inotify_rm_watch(0xffffffffffffffff, r4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2m51.025868197s ago: executing program 32 (id=2701):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
readv(r0, &(0x7f0000000040)=[{&(0x7f0000001a80)=""/4112, 0x1010}], 0x1)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x7f)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x50000)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="8a180000000000000000000000000000a40ad8b80b9a12e10f5586e54c00180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000", @ANYRES8=r1, @ANYRESDEC=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = inotify_init1(0x800)
r4 = inotify_add_watch(r3, 0x0, 0x10000a0)
r5 = dup(r3)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000fff080"], 0x24}}, 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r7, 0x5412, 0x0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000140)=0x7f)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0}, 0x2000)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r6, {<r10=>r8, r9}}, './file0\x00'})
ioperm(0x3c, 0x1, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r10, @ANYRES32=0x1, @ANYRES32, @ANYRESOCT, @ANYRES64=r9, @ANYBLOB='\x00'/28], 0x50)
r11 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r11}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r12 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r13 = fcntl$dupfd(r12, 0x0, r12)
readv(r13, &(0x7f0000000000)=[{&(0x7f0000001140)=""/134, 0x86}], 0x1)
inotify_rm_watch(0xffffffffffffffff, r4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1m15.859611994s ago: executing program 0 (id=4335):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x2a)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
sendmsg$can_raw(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000094e2f9663a918fa1efd9b0b"}, 0x48}, 0x2}, 0x24000895)

1m15.807271958s ago: executing program 0 (id=4336):
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x3, 0xff, 0x5e, 0x54, 0x0, 0x3, 0x89008, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2, @perf_config_ext={0x10000, 0xfffffffffffffff9}, 0x1a, 0x81, 0x800, 0x6, 0x8, 0x4002}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
write$UHID_CREATE(r0, &(0x7f0000000780)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x800}}, 0x120)
write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4)

1m15.78624728s ago: executing program 0 (id=4338):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001540)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
symlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)=""/4073, 0x100e)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300), 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYRES64=r2], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r6, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x10010, 0x0, 0x0, 0x0, 0x3389, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r6, 0x4008f510, &(0x7f0000000340)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x78)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d000000140000001100"], 0xa8}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002180)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8923, &(0x7f0000000140)={'wg2\x00', @local})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r9}, 0x10)

1m15.575179717s ago: executing program 0 (id=4343):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xa, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="00be", @ANYRES32=<r1=>r0, @ANYRES32=<r2=>r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffe}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="160000000000000004000000fd"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000007c0)=ANY=[@ANYRESHEX=r2, @ANYRES32=r3, @ANYBLOB="0000000010000000b7080000000000007b82f8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7048204e7280085000000570000009500"/79], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x22}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18070000", @ANYRES64=r1, @ANYBLOB="0000000001000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x8}, 0x94)
faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x7)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xf, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x19, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000400000099000000"], 0x48)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r10, 0x0)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r11, 0x0)
preadv(r9, &(0x7f0000000340)=[{&(0x7f0000002140)=""/4096, 0x1000}], 0x1, 0x100013c, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="7961f1e77130000011007e5b000033000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x4000054)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000000), 0x4, 0x4f2, &(0x7f0000000a40)="$eJzs3c9vVF0ZAOD3Tjttv34DBWWhRgURRUOY/gAaggthozGExEhcuYDaDk3TGabptEgri7J0byKJK/0T3LkwYeXCnTvducGFCSrRUBMXY+6dSzu0HVqk7dDO8yR37j3nXuY9Z4ZzztzDDCeAnnUuItYiYiAi7kfESJ6f5FvcbG3pda9fPZlef/VkOolm8+4/kux8mhdtfyb1af6cQxHxg+9G/DjZHrexsjo/Va1WFvP06FJtYbSxsnp5rpDnTEyOT45dv3JtYt/qerb2m5ffmbv9w9/99ksv/rj2zZ+mxSr97ER2rr0e+6lV9WKU2vL6I+L2QQTrkv787w9HT9raPhMR57P2PxJ92bsJABxnzeZINEfa0wDAcZfe/5ciKZTzuYBSFArlcmsO70wMF6r1xtKlkfryw5nI5rBORbHwYK5aGcvnCk9FMUnT49nxZnpiS/pKRJyOiJ8PfpKly9P16kw3P/gAQA/7dMv4/+/B1vgPABxzQ+95va8IAMDR977jPwBw9Bn/AaD3vMf4b+ofAI4J9/8A0HuM/wDQe3Yd/58eTjkAgEPx/Tt30q25nv//1zOPVpa/VXp0eabSmC/XlqfL0/XFhfJsvT5brZSnm83dnq9ary+MX91INlZW79Xqyw+X7s3VpmYr9yrFA64PALC702ef/zmJiLUbn2RbtK3lYKyG463Q7QIAXdPX7QIAXeP3PNC79nCPbxoAjrkdluh9S8evCD2z+CscVRc/b/4fepX5f+hd/9/8/7f3vRzA4TP/D72r2Uys+Q8APcYcP/BB//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPaqUbUmhnK0FvpY+FsrliBMRcSqKyYO5amUsIk5GxJ8Gi4NperzbhQYAPlDhb0m+/tfFkQulrWcHkv8MZvuI+Mkv7/7i8dTS0uJ4mv/PjfylZ3n+xEA3KgAAtLu5Pas1Tuf7thv516+eTL/ZDrOIL2+1FhdN467nW+tMf/Rn+6EoRsTwv5I83ZJ+Xunbh/hrTyPic5v1f9wWoZTNgbRWPt0aP4194gDib77+W+MX3opfyM6l+2L2Wnx2H8oCveb5rVY/mbe9tInl7a8Q57L9zu1/KOuhPtyb/m99W/9X2Oj/+rbFT7I2f24j/e6SvLz6++9ty2yOtM49jfhC/07xk434SYf+98Ie6/iXL375fKdzzV9FXIyd47fUsm52dKm2MNpYWb08V5uarcxWHk5MTI5Pjl2/cm1iNJujbj3+YacYf79x6WSn+Gn9hzvEH9ql/l/bY/1//d/7P/rKO+J/46s7v/9n3hE/HRO/vsf4U8M3Oy7fncaf6VD/3d7/S3uM/+KvqzN7vBQAOASNldX5qWq1srjLQfpZc7drHBzNg1iL+AiKkR8MxEdRjJ4/6HbPBBy0zUbf7ZIAAAAAAAAAAAAAAACdNFZW5wfjYH9O1O06AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHz9LwAA//9Jt84K")
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='\x00')
quotactl$Q_GETQUOTA(0xffffffff80000701, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000001800))
pipe(&(0x7f0000000080))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

1m15.224540745s ago: executing program 0 (id=4352):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x20}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r1, 0x0, 0x5}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

1m14.726903845s ago: executing program 0 (id=4363):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001600)={r0, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, 0x0, &(0x7f00000001c0))

1m14.725737545s ago: executing program 33 (id=4363):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001600)={r0, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, 0x0, &(0x7f00000001c0))

51.533042059s ago: executing program 6 (id=4722):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r3 = syz_io_uring_setup(0x495, &(0x7f0000000a40)={0x0, 0x82f3, 0x80, 0x0, 0x20e}, &(0x7f0000000540)=<r4=>0x0, &(0x7f0000000680)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x40f9, 0x217, 0xa5, 0x0, 0x97ff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

51.423880168s ago: executing program 6 (id=4723):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="a18300000000000000000500"], 0x78}}, 0x0)

51.370400242s ago: executing program 6 (id=4725):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x4000, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2ab, &(0x7f0000000a80)="$eJzs3b1rLFUUAPAzyX6pxW5hJYIDWlg9Xl5rs0HyILiVsoVa6MP3Hkh2ERII+IFrKlsbS/8CQbDzn7CxsBdsBTtTBEZmZya7ibObTHATP36/Jjd3zrn3zOQmYYs9+/6L04PHaTw9+eyX6PWS2BrGME6TGMRWVL6IC4ZfBQDwb3aaZfF7VmiSl0REb3NlAQAb1Pj///cbLwkA2LC33n7njd3RaO/NNO3Fw+mXx+P8lX3+tbi++zQ+jEk8ifvRj7OI7Fwxfphl2ayV5gbxynR2PM4zp+/9WK6/+1vEPH8n+jGYT13M3x/t7aSFpfxZXsez5f7DPP9B9OP5mv33R3sPavJj3IlXX16q/17046cP4qOYxON5EYv8z3fS9PXs6z8+fTcvL89PZsfj7jxuIdu+5R8NAAAAAAAAAAAAAAAAAAAAAAD/YffK3jndmPfvyafK/jvbZ/k37Ugrg4v9eYr8pFroUn+gWRbfVP117qdpmpWBi/xWvNCK1t3cNQAAAAAAAAAAAAAAAAAAAPyzHH38ycGjyeTJ4d8yqLoBVG/rv+k6w6WZl6ImZhDnM93FllvltmtWju0qJolYW0a+YqPi21fvvmLwzKqsb79r+uh6V8e0b1Bhw0F1ug4eJfXPsBvVTK86JD8sx3Timnt1Vl3KGh2/Tu2lfuN77zw3H8zWxESyrrDXfi2eXDmTXL6Lzvyp1qa3y0Hxu1B3Nhqd57/+rUh06wAAAAAAAAAAAAAAAAAAgI1avOm35uLJiqSf94sP+Y/BhqsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNux+Pz/BoNZmXyN4E4cHt3xLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/8GcAAAD//wrtYeE=")
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)

51.264258651s ago: executing program 6 (id=4726):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
io_setup(0x7e, &(0x7f0000000040))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x802, 0x49)
lstat(&(0x7f0000000240)='./cgroup.net/devices.allow\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r4, &(0x7f0000000140)={@val={0x800e}, @void, @eth={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @empty}, {0x0, 0x0, 0x14, 0x0, @opaque='\x00'/12}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {<r6=>0xffffffffffffffff, 0xee00}}, './cgroup.net/devices.allow\x00'})
getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000005c0)={{{@in=@dev, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@private1}, 0x0, @in6=@private1}}, &(0x7f0000000380)=0xe8)
mount$9p_fd(0x0, &(0x7f0000000080)='./cgroup.net/devices.allow\x00', &(0x7f00000001c0), 0x40, &(0x7f0000000780)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{}], [{@obj_user={'obj_user', 0x3d, 'fdb_delete\x00'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise_type}, {@uid_eq={'uid', 0x3d, r3}}, {@fowner_gt={'fowner>', r6}}, {@euid_lt={'euid<', r7}}]}})
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
keyctl$unlink(0x9, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)

50.292620489s ago: executing program 6 (id=4742):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment={0x5c, 0x0, 0x1, 0x0, 0x0, 0xd, 0x65}, 0x8)
sendto$inet6(r0, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x2, @local, 0x9}, 0x1c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0009}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
mq_unlink(0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r4, &(0x7f0000000880)=[{&(0x7f0000000040)=@in={0x2, 0x4e20, @local}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000280)="03", 0x1}], 0x1}], 0x1, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0x8004587d, &(0x7f0000000780)={@id={0x2, 0x0, @a}})
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x21, 0x0)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r7}, 0x9)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r8)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000100)=[@in6={0xa, 0x4e23, 0x1574, @private1={0xfc, 0x1, '\x00', 0x1}, 0xc87}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r10=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r10}}], 0x20, 0x2400e044}, 0x0)
r11 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000340)={<r12=>0x0, 0x85, "d867a2e799e0b02e450852d92327d4f00c6f8fc275521c5f8140efed5c2bcbbf679216ab3747d675f39eb78c0acb66bfa19ad148234e141d0233d11dde09f9a6856945937d2df23bc93e400e609201ae1d727b9020ea59c7275c75cd06377759b98fb39bbe65a5756d882e847340759bd137d6cd0583c7fadd1edbc8174bbb2e25c37f7fc0"}, &(0x7f0000000140)=0x8d)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r11, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={r12, 0x8}, 0x8)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000001c0)=0x10)

50.198472116s ago: executing program 6 (id=4743):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x10, &(0x7f0000000040)={[{@noblock_validity}, {@stripe}, {@jqfmt_vfsv1}]}, 0x0, 0x45d, &(0x7f0000001480)="$eJzs3MtvG0UYAPBvnTjpg5JQyqMvCBRExSNp0gc9cCkCiQNISHAo4hTStCp1G9QEiVYVFA7hiCpxRxyR+Au4UC4IOCFxhTtCqlAvFE5Gu95NXcd27MaNof79pFVndiee+XZ36vGM1wEMrImI2B0R90TErxExFhFJY4GJ2j83rl+a+/v6pbkkqtU3/kyycn9dvzRXFC3+bmstUx1qU+/y2xGzlcr8+Tw/tXT2vanFCxefO3129tT8qflzM0ePHjq4d+TIzOGexLktbeuuDxf27HzlrSuvzR2/8s6PXyd53NEQR69MZGctM7bccOzJXlfWZ9vq0slwHxtCV8YjIr1c5az/j8VQbF45NhYvf9LXxgF3VLVaqo7euqtcl75cBe5i6WgeGETFG336+bfYNnD40XfXjsXKPMaNfKsdGY5SXqZ8B+ufiIjjl//5It3iDs1DAADUu3osIp5tNv4rxYN15e7N14bGI+K+iNgeEfdHxI6IeCAiK/tQRDzcZf0TDfnV45/q2G0F1qF0/PdCvrZ16/ivGP3F+FCe25bFX05Onq7MH8jPyf4oj6b56TZ1fPfSL5+1OlY//ku3tP5iLJi344/hhgm6E7Pl2fXEXO/ax7UFgNXxJ1Es46Tj450RsauL1y1nc4s1p5/+ak+rcmvH30YP1pmqX0Y8Vbv+l6Mh/kLScn1y+vkjM4enNkVl/sBUcVes9tPPy6+3qn9d8ffAtavV2NL0/l+JfzzZFLF44eKZbL12sfs6ln/7tOVnmtu7/5dmR5I3s/RIvu+D2aWl89MRI8mrq/fP3PzbIl+UT+///fua9//tcfNM7I6I9CbeGxGPRMSjedsfi4jHI2Jfm/h/ePGJd1ca1HH8o21esXfS+E+sdf2j/vp3nxg68/03rerv7PofylL78z3p9V8rrk4buJ5zBwAAAP8Xpew78ElpciVdKk1O1r7DvyO2lCoLi0vPnFx4/9yJ2nflx6NcKma6xurmQ6fzueEiP9OQP5jPG38+tDnLT84tVLqZTwR6b2uL/p/6vd0DPMDdwfNaMLj0fxhc+j8MLv0fBpf+D4OrWf//qA/tADbeGu//mzeqHcDGM/6HwaX/w+DS/2EgtXw2vrSuR/4l+pT4dmR9v9XQeSJK/5GQ75pEOZoeGu74xyxuI5FExGjTQ/3+nwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/g0AAP//wMnoQw==")
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/consoles\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x793, &(0x7f00000003c0)={0x0, 0x79ac, 0x0, 0x4, 0x32c, 0x0, r1}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
syz_io_uring_submit(r3, r4, &(0x7f0000000080)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r1, 0x7, &(0x7f00000000c0)=""/207, 0xcf, 0x10, 0x1})
io_uring_enter(r2, 0xfd0, 0x4c1, 0x43, 0x0, 0x0)

35.21883272s ago: executing program 34 (id=4743):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x10, &(0x7f0000000040)={[{@noblock_validity}, {@stripe}, {@jqfmt_vfsv1}]}, 0x0, 0x45d, &(0x7f0000001480)="$eJzs3MtvG0UYAPBvnTjpg5JQyqMvCBRExSNp0gc9cCkCiQNISHAo4hTStCp1G9QEiVYVFA7hiCpxRxyR+Au4UC4IOCFxhTtCqlAvFE5Gu95NXcd27MaNof79pFVndiee+XZ36vGM1wEMrImI2B0R90TErxExFhFJY4GJ2j83rl+a+/v6pbkkqtU3/kyycn9dvzRXFC3+bmstUx1qU+/y2xGzlcr8+Tw/tXT2vanFCxefO3129tT8qflzM0ePHjq4d+TIzOGexLktbeuuDxf27HzlrSuvzR2/8s6PXyd53NEQR69MZGctM7bccOzJXlfWZ9vq0slwHxtCV8YjIr1c5az/j8VQbF45NhYvf9LXxgF3VLVaqo7euqtcl75cBe5i6WgeGETFG336+bfYNnD40XfXjsXKPMaNfKsdGY5SXqZ8B+ufiIjjl//5It3iDs1DAADUu3osIp5tNv4rxYN15e7N14bGI+K+iNgeEfdHxI6IeCAiK/tQRDzcZf0TDfnV45/q2G0F1qF0/PdCvrZ16/ivGP3F+FCe25bFX05Onq7MH8jPyf4oj6b56TZ1fPfSL5+1OlY//ku3tP5iLJi344/hhgm6E7Pl2fXEXO/ax7UFgNXxJ1Es46Tj450RsauL1y1nc4s1p5/+ak+rcmvH30YP1pmqX0Y8Vbv+l6Mh/kLScn1y+vkjM4enNkVl/sBUcVes9tPPy6+3qn9d8ffAtavV2NL0/l+JfzzZFLF44eKZbL12sfs6ln/7tOVnmtu7/5dmR5I3s/RIvu+D2aWl89MRI8mrq/fP3PzbIl+UT+///fua9//tcfNM7I6I9CbeGxGPRMSjedsfi4jHI2Jfm/h/ePGJd1ca1HH8o21esXfS+E+sdf2j/vp3nxg68/03rerv7PofylL78z3p9V8rrk4buJ5zBwAAAP8Xpew78ElpciVdKk1O1r7DvyO2lCoLi0vPnFx4/9yJ2nflx6NcKma6xurmQ6fzueEiP9OQP5jPG38+tDnLT84tVLqZTwR6b2uL/p/6vd0DPMDdwfNaMLj0fxhc+j8MLv0fBpf+D4OrWf//qA/tADbeGu//mzeqHcDGM/6HwaX/w+DS/2EgtXw2vrSuR/4l+pT4dmR9v9XQeSJK/5GQ75pEOZoeGu74xyxuI5FExGjTQ/3+nwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/g0AAP//wMnoQw==")
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/consoles\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x793, &(0x7f00000003c0)={0x0, 0x79ac, 0x0, 0x4, 0x32c, 0x0, r1}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
syz_io_uring_submit(r3, r4, &(0x7f0000000080)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r1, 0x7, &(0x7f00000000c0)=""/207, 0xcf, 0x10, 0x1})
io_uring_enter(r2, 0xfd0, 0x4c1, 0x43, 0x0, 0x0)

3.226585111s ago: executing program 5 (id=5501):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_access(r1, &(0x7f0000000400)=ANY=[@ANYBLOB='system_u:object_r::ing_exec_t:s0 unconfined 0'], 0x41)

2.352376301s ago: executing program 5 (id=5505):
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380)={<r1=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, r1, 0x400}}, 0x48)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000d40)={0x16, 0x98, 0xfa00, {0x0, 0x2, r1, 0x30, 0x1, @ib={0x1b, 0x8000, 0xfff, {"3f8c0d6cf777eaa6ace6d3ec00ed4771"}, 0x500e, 0x0, 0x5}}}, 0xa0)

2.327919583s ago: executing program 5 (id=5506):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$RDS_GET_MR(0xffffffffffffffff, 0x114, 0x2, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4adf7", 0x8, 0x2c, 0x0, @dev, @mcast2, {[], @echo_reply={0x81, 0x0, 0x0, 0x0, 0x3}}}}}}, 0x0)

2.327159633s ago: executing program 1 (id=5507):
socket$inet6_udp(0xa, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1008002, &(0x7f0000001fc0)={[{@nodioread_nolock}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
chdir(&(0x7f0000000040)='./file0\x00')
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b80)=',-\x10*\xc8+\x14\xc6@\xcf\xb1;\xb5\xee;\x00\xee7\x9f\x9b\x17\x8dv\xed\x96M\xc1\x0ezw\xea\xccgl{\xa9I\xe6\xe6G\x8e2\xb6\xc2\"$0=\x89\xe6\tt\xaf\xea\xfc_<(]\xf6kFNE}\xd6\x13\xc8idz\xff\xff\x00\x00\x89y\xc1b\x9d\x818\xaa0D\xaf\xa1\x82\xa5.\xa3\"\xe5\x19{!\xc6\xa5\xb4\xddw3\t\x00\x00\xd0\x9b\x81`{R9A$z\x90\x90\x80\x8euj\xb4P\x96\x9b\x1f\xc5^\xc0\xf3\xa5\xd1\xf2\x02\xa5Z^c\xef2E\x1f\xf3 \xcc\xd0P3\x12\xe0\xefv\xaf\xe1.\xea\xebgF\xa5\x92|\x9b\xba\xc4\x1c\x8a\xf6\v\x94\n\xb9\x7f3YR\xc3wMd\xd2\xdf\xd2\xbb\xff\xe3\xb6\xd8\xd0r\xc0\xca\xc7\xfa\x0efX\x85\xcde\xc7\x88L\x1c\x9bw\x15!!\xb8\x06l\xb9\xf7\x82%sb\xc0\x89m\x16\b4\x87\x8a\xb0\x02\xd8\xc5\xbc\xc3\x9c\xabF\xd1x\xc4\xc2b\x1b\xb1\xbc\xb5*\xd7\x19\xe2\xc6\x04\xfa\xf0Hbk\xc7\xce\xbdQ\x06\x84\x04Dc\x81\x02\'\x95\xe9\xb2*s\xf9\xe0\x14\x88\xea\x85\x01\xed\v\x05\xe1P\xef\xf3^\x10s\xa3\xce\xd2/\xd3>w\x8d\x11\x00\xb2\xff\x88\xa9\xe7\x8c\xf0\xcf\xd6u\xff\xc1%N\xe7\xc3T\x19\x93\xd0\b\xd3K\xb1\r\xd0DXN\x98\x01\x88\xcc\xdc\xf2\x12\xaf\xa0o?wg\xb0\xf4-p\xa9-\v\t\x04\x15\xf6\xecOp\xfd`\x1bu}1x\x99\x88\xaaA\xb9 \xbeB3^\xa1\x9e\xa2\x1cz\x8a\xe4\xf9\xa0\xd9\xc5\xben;\x1aLGZ\xf4\xdapbH.\xc4\x12\xf0\x94\x943\xe8r\x89\x8cy\x02d\xe5B\x16\xe3\xb8dnP]\xc2\xfe\xd6D\x92\x1df\xe7\xdb\x9e(\x7f\a\xac\x19X\xd7GK\xb8M\x1c#\x94\xc7&\xda\xc2\xb1\xf3\x1a\xecI}1M\x9b\x9f\xcb\xa3v\x9f\x89\xd2Q\x8b\"\x8d\x98E\xa5\x8bT\xfb\"\xa8\xe5X\xac\xd2\xd3k\xefd;>\xf9\xb1O\x13L#\xe0\x01\x9a\x90\xd9\xc6\x8d\xcb!\xbeZ\x8b\x90\b\xf5\xc2\nA\x06\xd8O\xa7}E\xb47\xb9@\xcc\x8c\x06\xfe\x81EH\x84\xb6\xbe\x19\xa3\xbao!', &(0x7f0000000a40)='$\x00-<\x00-\xc7\xf2\xd74!\xdc\x97{%-\x9c\x1eY\xd2\x9a\x86\xa6\xa6\xf8Og\x1d\xff\x1f\x86\xeb\x9f\xad-\xa5\xf5 \'\xa8W\xef\xc6=\xfc\xa7\xb0$Hs\xcf!\xe9\'t\b\x14\xa2\xc9\xc6\xb4}\xea\x05\xc5\xba}W\x1b3\xdcE\x90\x85\x1d\x1a`\xb9\x06\xd2tRy\xdd\x8c\x9a\f\x11[\x86 \xa34g\x1f\xfap\x84.\x81\xd1\xced\xc9$\xeb\xe4\xd9}\x84\x8d\x18\xd0\xc6|3\xbd\x92u_\xbel\v\xd6\xb5\xd4E\xcf\xce\x93\xe5e\xecn\x0eEz\xb0@\x8d_m/\x1a\xec\xbc\xe0\xb2\x8eW\x14\xca\xf1\t\xda\xba\xec\x19\x0fTc\xd0\xf7\xdc\xf02\x04`\x18M\xfc\r\xaa\xef\xc7', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000000740)='M', 0x1)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
close(r0)
rename(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)

2.260281278s ago: executing program 1 (id=5509):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYBLOB="a183000000000000000005"], 0x78}}, 0x0)

2.200783613s ago: executing program 1 (id=5511):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = creat(&(0x7f0000000640)='./bus\x00', 0x1a8)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write(r1, &(0x7f0000000180)="2cd889f0253e14", 0x7)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x3, &(0x7f0000000440)=@raw=[@map_fd={0x18, 0x4, 0x1, 0x0, r0}, @exit, @cb_func={0x18, 0x3, 0x4, 0x0, 0x8}, @ldst={0x0, 0x3, 0x6, 0x9, 0x8, 0xfffffffffffffff4, 0x1}, @alu={0x4, 0x0, 0xd, 0x5, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xf2}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffca7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000008c0)={0xbc, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}]}, @HEADER={0x80, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}, @HEADER={0x4}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x4000}, 0x40080)
r4 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1, 0x0, r4}}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

2.200501563s ago: executing program 5 (id=5512):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000380)='memory.stat\x00', 0x275a, 0x0)
read(r3, &(0x7f0000000040)=""/190, 0xbe)

2.161723896s ago: executing program 5 (id=5513):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x2, &(0x7f00000002c0)=[{0x9, 0x0, 0x0, 0x7ffc1ffb}, {0x6, 0x8, 0x4, 0x32f}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
statx(0xffffffffffffff9c, 0x0, 0x0, 0xffff4a9c0080ffff, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd6000021000183afffe8000000000000000000080000000bbff02000000000000000000000000000188009078fc000000fc0200"/78], 0x0)
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2714, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0x2a)
signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffc]}, 0x8)
r1 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0xe)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r5, 0x107, 0x7, &(0x7f0000000100)=0x4000200, 0x4)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688a84c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r6, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000)
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x60, 0x3, &(0x7f000063a000/0xc000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000180), 0x0, 0x4, 0x0, 0x2, 0x0, 0x2})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x29, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r8, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r8, 0x6, 0x2, 0x0, 0x0)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)

2.137834588s ago: executing program 1 (id=5515):
prctl$PR_SET_NAME(0xf, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x66be96ba}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0044, &(0x7f0000000100)={[{@noblock_validity}, {@resuid}, {@grpquota}, {@noload}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

2.103461831s ago: executing program 1 (id=5516):
bpf$MAP_CREATE(0x0, &(0x7f0000001540)=ANY=[@ANYBLOB], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
readlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)=""/4073, 0x100e)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x78)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xa8}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000140)={'wg2\x00', @local})

1.99499592s ago: executing program 1 (id=5520):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, 0x0, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x14, 0x2, 0x6, 0x801, 0xe4340000}, 0x14}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, 0x0, 0x80)
syz_usb_connect_ath9k(0x3, 0xfeab, 0x0, 0x0)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r3}, 0x18)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r6, 0x0, 0x7}, 0x18)
r7 = socket(0x2, 0x80805, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r7)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000100))
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'veth1_virt_wifi\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000007c0)=@newqdisc={0xc4, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}, @TCA_STAB={0x98, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7, 0x41, 0x8001, 0x49c, 0x1, 0x8, 0x0, 0x2}}, {0x8, 0x2, [0xc, 0x6]}}, {{0x1c, 0x1, {0x6, 0x7e, 0x0, 0x4, 0x1, 0x9, 0x4, 0x3}}, {0xa, 0x2, [0x7, 0x2, 0x81]}}, {{0x1c, 0x1, {0x7, 0x7f, 0x5, 0x5, 0x0, 0x9, 0x40, 0x1}}, {0x6, 0x2, [0x6]}}, {{0x1c, 0x1, {0x7, 0x7, 0x6, 0x4, 0x2, 0xea31, 0xfff, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r11 = gettid()
pause()
r12 = syz_open_procfs(r11, &(0x7f0000000180)='wchan\x00')
pread64(r12, &(0x7f000001a240)=""/102400, 0x19000, 0x41e)
r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r14}, 0x18)

1.077929683s ago: executing program 5 (id=5538):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000c1010000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000059729ec6850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xe08, 0x0, 0x5, 0x1, 0x80000000}, 0x2}}]}, {0x3}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x68}}, 0x8000)
r5 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x94200, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f0000000000)='cpu&\t\t')
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x81)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1.037562887s ago: executing program 7 (id=5540):
bpf$MAP_CREATE(0x0, &(0x7f0000001540)=ANY=[@ANYBLOB], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
readlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)=""/4073, 0x100e)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x78)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000140)={'wg2\x00', @local})

892.453549ms ago: executing program 7 (id=5541):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200fffe4c0004802800018007000100637400001c000280080001400000000208000240000000160500030001000000200001800700010063740000140002800800024000000011080004400000000c0900010073797a30000000000900020073797a320000000014000000110001"], 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x66be96ba}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0044, &(0x7f0000000100)={[{@noblock_validity}, {@resuid}, {@grpquota}, {@noload}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1aca421, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

733.075671ms ago: executing program 7 (id=5544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r4 = syz_io_uring_setup(0x495, &(0x7f0000000a40)={0x0, 0x82f3, 0x80, 0x0, 0x20e}, &(0x7f0000000540)=<r5=>0x0, &(0x7f0000000680)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, 0x0)
ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0)
io_uring_enter(r4, 0x40f9, 0x217, 0xa5, 0x0, 0x97ff)
close_range(r2, r3, 0x0)

631.71786ms ago: executing program 4 (id=5547):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200fffe4c0004802800018007000100637400001c000280080001400000000208000240000000160500030001000000200001800700010063740000140002800800024000000011080004400000000c0900010073797a30000000000900020073797a320000000014000000110001"], 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89n\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zp\xadbdY\xdcz\xc6lo\xd0\xc7\'CT')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x66be96ba}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0044, &(0x7f0000000100)={[{@noblock_validity}, {@resuid}, {@grpquota}, {@noload}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

631.221559ms ago: executing program 7 (id=5557):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r4 = syz_io_uring_setup(0x495, &(0x7f0000000a40)={0x0, 0x82f3, 0x80, 0x0, 0x20e}, &(0x7f0000000540)=<r5=>0x0, &(0x7f0000000680)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, 0x0)
ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0)
io_uring_enter(r4, 0x40f9, 0x217, 0xa5, 0x0, 0x97ff)
close_range(r2, r3, 0x0)

530.848227ms ago: executing program 7 (id=5548):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
semop(0x0, &(0x7f0000000140)=[{0x0, 0xffff}], 0x1)
semctl$IPC_RMID(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=@RTM_GETMDB={0x18, 0x56, 0xf23}, 0x18}}, 0x0)
recvmsg$kcm(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x3, 0x12)
writev(r4, &(0x7f00000008c0)=[{&(0x7f00000001c0)="45d589604e", 0x5}], 0x1)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x36)
write$bt_hci(r5, &(0x7f00000001c0)=ANY=[], 0x6)
r6 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000280)={[{@noload}, {@resgid}]}, 0x3, 0x450, &(0x7f0000001000)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1DW9rClJbC9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SU4vrFm4g3Px9q44CBqlar1S2dD5+rAhtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT9ZWApKI2BkRu3qs49izP+zpdOzm8XfRh3Wm6vcRz9Sv/7loib+QdF+fnP1fVJb2zRZ3xY1++/3CO53qv634+yC7/v9ve/+vxT+ZNK7Xrqy/jgt/fdlxTtPr/T+evFdLj+f7PplfXT01FzGeHK43unH//uvnFvmifBb/9N72/X97rL0SY7sjIruJH42IxyLi8bztT0TEkxGxt0v8v77+1Ie9xz9YWfyL67r+1xPj0bqnfaJ0/JcfmyqdvCH+a92v/8Faajrfcyvvf7fSrt7uZgAAALj3pBGxNZJ0Zi2dpjMz9e/L74hIK8srq88dWf745GL9NwKTEWnxpGui4XnoXD6tr+fPR0T9qwXF8QP5c+NvS5tr+ZmF5crisIOHEbelQ//P/F0aduuAgfN7LRhd+j+MLv0fRpf+D6OrTf/fPIx2AHdeu8//z4bQDuDOa+n/lv1ghJj/w+jq2P89BYANz+c/jKSVzXHzH8l3TRR/qcfTN2wiyndFMwaWiPSuaMZdmyjf4/1ieO9JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fRfAAAA//8vPt14")
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
utimensat(r6, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={{0x77359400}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000eb99710c0000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000084}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000000605000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a32"], 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0)
getdents64(r7, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)

382.441019ms ago: executing program 7 (id=5551):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="58000000000901010000000000000000000000001000048008000140000000000000000014000280080001000000000008000200a61414000800054000000000090001"], 0x58}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000440)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x8, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x1000000000000}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYRES32, @ANYRESOCT, @ANYBLOB="6e77f9b6b8276c49d817228a240ed20603b709a0c6f07830fa8eb4e8938fc3655e7f5074921f7fd162", @ANYRES16=0x0], 0x0, 0x28, 0x0, 0x1, 0x5}, 0x28)
r2 = msgget$private(0x0, 0x790)
msgsnd(r2, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_flowlabel\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x60100, 0x0)
preadv(r3, &(0x7f0000000240), 0x0, 0x0, 0x800000)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000000)=0x2)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES8=r2], 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x2})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='cachefiles_read\x00', r5, 0x0, 0xfffffffffffffffe}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
chmod(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x14a)
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')

362.607791ms ago: executing program 4 (id=5552):
prctl$PR_SET_NAME(0xf, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x66be96ba}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0044, &(0x7f0000000100)={[{@noblock_validity}, {@resuid}, {@grpquota}, {@noload}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

319.621364ms ago: executing program 2 (id=5553):
bpf$MAP_CREATE(0x0, &(0x7f0000001540)=ANY=[@ANYBLOB], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
readlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)=""/4073, 0x100e)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x78)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000140)={'wg2\x00', @local})

210.393933ms ago: executing program 2 (id=5554):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = creat(&(0x7f0000000640)='./bus\x00', 0x1a8)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write(r2, &(0x7f0000000180)="2cd889f0253e14", 0x7)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x3, &(0x7f0000000440)=@raw=[@map_fd={0x18, 0x4, 0x1, 0x0, r1}, @exit, @cb_func={0x18, 0x3, 0x4, 0x0, 0x8}, @ldst={0x0, 0x3, 0x6, 0x9, 0x8, 0xfffffffffffffff4, 0x1}, @alu={0x4, 0x0, 0xd, 0x5, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xf2}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffca7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1, 0x0, r5}}, 0x40)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0xf, &(0x7f0000000280)=ANY=[@ANYRES32=r3, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000414fa0000b70300be005af1240d81b91cc47d4f3d0fb26034ab74000083000000bf090000000000006e9037d2350a07c09659090100000000000000000000b70200"/93], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)

152.189938ms ago: executing program 4 (id=5555):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380)={<r1=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, r1, 0x400}}, 0x48)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000d40)={0x16, 0x98, 0xfa00, {0x0, 0x2, r1, 0x30, 0x1, @ib={0x1b, 0x8000, 0xfff, {"3f8c0d6cf777eaa6ace6d3ec00ed4771"}, 0x500e, 0x0, 0x5}}}, 0xa0)

78.535094ms ago: executing program 4 (id=5556):
bpf$MAP_CREATE(0x0, &(0x7f0000001540)=ANY=[@ANYBLOB], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
readlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)=""/4073, 0x100e)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x78)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xa8}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8923, &(0x7f0000000140)={'wg2\x00', @local})

78.329104ms ago: executing program 2 (id=5558):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000380)='memory.stat\x00', 0x275a, 0x0)
read(r3, &(0x7f0000000040)=""/190, 0xbe)

72.514034ms ago: executing program 2 (id=5559):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2c, r1, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @local}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008080}, 0x0)

62.679805ms ago: executing program 4 (id=5560):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYRES8], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xf, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x3}, 0x18)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000018110000", @ANYRES32, @ANYRES64=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000010001000a00000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = dup2(r4, r4)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10})
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r8, 0x3, 0x1}, 0x50)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYRES32=r3], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r10}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xd, 0x4, 0x4, 0xffffffff, 0x0, r9, 0x7, '\x00', 0x0, r8, 0x0, 0x3}, 0x50)
ioctl$BLKTRACETEARDOWN(r7, 0x1276, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r11, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2c, r12, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @local}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008080}, 0x0)

36.785187ms ago: executing program 2 (id=5561):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000050000000000000000001811", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfd', @ANYRESHEX=r2])
lstat(&(0x7f0000000440)='./file0\x00', 0x0)

27.744908ms ago: executing program 4 (id=5562):
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dc4a)
pipe2(&(0x7f0000001440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r4, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x2})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r5, 0x0, r1, 0x0, 0x6, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
sendmsg$NFNL_MSG_CTHELPER_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x14, 0x1, 0x9, 0x101}, 0x14}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r6, 0x0, 0xd}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f00001b8000/0x1000)=nil, 0x2)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='\x00')

0s ago: executing program 2 (id=5563):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
syz_emit_ethernet(0x33, &(0x7f0000000cc0)={@random="e90c610faca2", @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x25, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x11, 0x0, @gue={{0x1, 0x1, 0x2, 0x4, 0x0, @void}, "1e94fc90f6"}}}}}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e22, 0x7, 0x18, 0x0, @wg=@data={0x4, 0x1, 0x6}}}}}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r2, 0x0)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x2)

kernel console output (not intermixed with test programs):

sing attributes in process `syz.5.4981'.
[  322.540520][T17384] netlink: 'syz.5.4981': attribute type 1 has an invalid length.
[  322.548698][T17384] netlink: 'syz.5.4981': attribute type 2 has an invalid length.
[  322.556558][T17384] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4981'.
[  322.626797][T17387] pim6reg1: entered promiscuous mode
[  322.632210][T17387] pim6reg1: entered allmulticast mode
[  322.855042][T17405] FAULT_INJECTION: forcing a failure.
[  322.855042][T17405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.868221][T17405] CPU: 0 UID: 0 PID: 17405 Comm: syz.1.4988 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  322.868271][T17405] Tainted: [W]=WARN
[  322.868277][T17405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  322.868288][T17405] Call Trace:
[  322.868295][T17405]  <TASK>
[  322.868302][T17405]  __dump_stack+0x1d/0x30
[  322.868381][T17405]  dump_stack_lvl+0xe8/0x140
[  322.868440][T17405]  dump_stack+0x15/0x1b
[  322.868455][T17405]  should_fail_ex+0x265/0x280
[  322.868473][T17405]  should_fail+0xb/0x20
[  322.868487][T17405]  should_fail_usercopy+0x1a/0x20
[  322.868547][T17405]  _copy_from_user+0x1c/0xb0
[  322.868574][T17405]  vt_resizex+0x4a/0x350
[  322.868640][T17405]  vt_ioctl+0x107a/0x1880
[  322.868767][T17405]  ? tty_jobctrl_ioctl+0x29e/0x810
[  322.868807][T17405]  tty_ioctl+0x7db/0xb80
[  322.868843][T17405]  ? __pfx_tty_ioctl+0x10/0x10
[  322.868882][T17405]  __se_sys_ioctl+0xce/0x140
[  322.868904][T17405]  __x64_sys_ioctl+0x43/0x50
[  322.868992][T17405]  x64_sys_call+0x1816/0x2ff0
[  322.869012][T17405]  do_syscall_64+0xd2/0x200
[  322.869037][T17405]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  322.869059][T17405]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  322.869139][T17405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.869158][T17405] RIP: 0033:0x7f21d77debe9
[  322.869172][T17405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.869196][T17405] RSP: 002b:00007f21d623f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  322.869292][T17405] RAX: ffffffffffffffda RBX: 00007f21d7a05fa0 RCX: 00007f21d77debe9
[  322.869303][T17405] RDX: 0000200000000000 RSI: 000000000000560a RDI: 000000000000000c
[  322.869315][T17405] RBP: 00007f21d623f090 R08: 0000000000000000 R09: 0000000000000000
[  322.869326][T17405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.869337][T17405] R13: 00007f21d7a06038 R14: 00007f21d7a05fa0 R15: 00007ffeca576f78
[  322.869377][T17405]  </TASK>
[  323.256689][T17429] loop4: detected capacity change from 0 to 256
[  323.310725][T17431] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4996'.
[  323.452145][   T29] kauditd_printk_skb: 286 callbacks suppressed
[  323.452162][   T29] audit: type=1400 audit(323.429:17815): avc:  denied  { write } for  pid=17439 comm="syz.5.4998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  323.486029][T17440] loop5: detected capacity change from 0 to 4096
[  323.490677][T17440] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.492660][   T29] audit: type=1400 audit(323.469:17816): avc:  denied  { add_name } for  pid=17439 comm="syz.5.4998" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  323.492715][   T29] audit: type=1400 audit(323.469:17817): avc:  denied  { create } for  pid=17439 comm="syz.5.4998" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  323.493411][   T29] audit: type=1400 audit(323.469:17818): avc:  denied  { read write } for  pid=17439 comm="syz.5.4998" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  323.493447][   T29] audit: type=1400 audit(323.469:17819): avc:  denied  { ioctl open } for  pid=17439 comm="syz.5.4998" path="/485/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  323.494805][T17440] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4998: corrupted inode contents
[  323.495037][T17440] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #15: comm syz.5.4998: mark_inode_dirty error
[  323.495364][T17440] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4998: corrupted inode contents
[  323.495561][T17440] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.4998: mark_inode_dirty error
[  323.495868][T17440] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4998: corrupted inode contents
[  323.496295][T17440] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.4998: mark_inode_dirty error
[  323.496564][T17440] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4998: corrupted inode contents
[  323.496750][T17440] EXT4-fs error (device loop5): ext4_truncate:4666: inode #15: comm syz.5.4998: mark_inode_dirty error
[  323.496929][T17440] EXT4-fs error (device loop5) in ext4_setattr:6071: Corrupt filesystem
[  323.500720][T17440] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4998: corrupted inode contents
[  323.527357][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.753172][T17447] lo speed is unknown, defaulting to 1000
[  323.916143][   T29] audit: type=1400 audit(323.899:17820): avc:  denied  { read } for  pid=17455 comm="syz.5.5002" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  323.938910][   T29] audit: type=1400 audit(323.899:17821): avc:  denied  { open } for  pid=17455 comm="syz.5.5002" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  323.966400][   T29] audit: type=1400 audit(323.899:17822): avc:  denied  { create } for  pid=17455 comm="syz.5.5002" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  323.985628][   T29] audit: type=1400 audit(323.899:17823): avc:  denied  { read } for  pid=17455 comm="syz.5.5002" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  324.043209][   T29] audit: type=1400 audit(323.969:17824): avc:  denied  { ioctl } for  pid=17455 comm="syz.5.5002" path="socket:[57462]" dev="sockfs" ino=57462 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  324.155341][T17466] loop5: detected capacity change from 0 to 256
[  324.267501][T17470] netlink: 'syz.5.5007': attribute type 10 has an invalid length.
[  324.276345][T17470] siw: device registration error -23
[  324.314916][T17474] lo speed is unknown, defaulting to 1000
[  324.358018][T17474] loop5: detected capacity change from 0 to 4096
[  324.367161][T17474] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.397474][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.423091][T17478] loop5: detected capacity change from 0 to 512
[  324.430621][T17478] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  324.442556][T17478] EXT4-fs (loop5): 1 truncate cleaned up
[  324.448772][T17478] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.488894][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.770151][T17486] loop4: detected capacity change from 0 to 164
[  324.785558][T17486] syz.4.5011: attempt to access beyond end of device
[  324.785558][T17486] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  324.800770][T17486] syz.4.5011: attempt to access beyond end of device
[  324.800770][T17486] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  325.242398][T17499] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  325.242398][T17499]    program syz.7.5015 not setting count and/or reply_len properly
[  325.264183][T17499] loop7: detected capacity change from 0 to 128
[  325.506667][T17511] loop5: detected capacity change from 0 to 256
[  325.537239][T17511] FAT-fs (loop5): codepage cp857 not found
[  325.651460][T17518] loop2: detected capacity change from 0 to 256
[  325.726108][T17522] lo speed is unknown, defaulting to 1000
[  325.847650][T17527] loop2: detected capacity change from 0 to 512
[  325.855464][T17527] EXT4-fs: Ignoring removed mblk_io_submit option
[  325.862240][T17527] EXT4-fs: Ignoring removed nomblk_io_submit option
[  325.869845][T17527] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  325.878485][T17527] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  325.916934][T17527] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.5024: Allocating blocks 41-42 which overlap fs metadata
[  325.935270][T17527] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.5024: Failed to acquire dquot type 1
[  325.954434][T17532] loop4: detected capacity change from 0 to 256
[  325.967651][T17527] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  325.996649][T17527] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5024: corrupted inode contents
[  326.027375][T17534] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5026'.
[  326.037808][T17527] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm syz.2.5024: mark_inode_dirty error
[  326.051242][T17527] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5024: corrupted inode contents
[  326.071734][T17527] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.5024: mark_inode_dirty error
[  326.084585][T17527] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5024: corrupted inode contents
[  326.097774][T17527] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  326.116175][T17535] loop4: detected capacity change from 0 to 512
[  326.126142][T17527] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5024: corrupted inode contents
[  326.139442][T17527] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm syz.2.5024: mark_inode_dirty error
[  326.154661][T17535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.182950][T17527] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  326.213544][T17527] EXT4-fs (loop2): 1 truncate cleaned up
[  326.220058][T17527] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.252046][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.280753][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.473861][T17579] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5040'.
[  326.527343][T17585] loop5: detected capacity change from 0 to 256
[  326.538206][T17581] loop2: detected capacity change from 0 to 512
[  326.551078][T17581] EXT4-fs: Ignoring removed mblk_io_submit option
[  326.558554][T17581] EXT4-fs: Ignoring removed nomblk_io_submit option
[  326.588481][T17581] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  326.595122][T17565] Set syz1 is full, maxelem 65536 reached
[  326.597053][T17581] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  326.642977][T17581] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.5041: Allocating blocks 41-42 which overlap fs metadata
[  326.645689][T17594] netlink: 100 bytes leftover after parsing attributes in process `syz.5.5043'.
[  326.659241][T17581] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.5041: Allocating blocks 41-42 which overlap fs metadata
[  326.682785][T17581] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.5041: Failed to acquire dquot type 1
[  326.695472][T17581] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  326.710531][T17581] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5041: corrupted inode contents
[  326.724448][T17581] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm syz.2.5041: mark_inode_dirty error
[  326.736805][T17581] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5041: corrupted inode contents
[  326.749107][T17581] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.5041: mark_inode_dirty error
[  326.761205][T17581] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5041: corrupted inode contents
[  326.774980][T17581] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  326.778907][T17599] loop5: detected capacity change from 0 to 256
[  326.783781][T17581] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5041: corrupted inode contents
[  326.791315][T17596] lo speed is unknown, defaulting to 1000
[  326.804416][T17581] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm syz.2.5041: mark_inode_dirty error
[  326.820772][T17581] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  326.830560][T17581] EXT4-fs (loop2): 1 truncate cleaned up
[  326.837432][T17581] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.895373][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.985150][T17613] FAULT_INJECTION: forcing a failure.
[  326.985150][T17613] name failslab, interval 1, probability 0, space 0, times 0
[  326.997933][T17613] CPU: 1 UID: 0 PID: 17613 Comm: syz.5.5049 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  326.997976][T17613] Tainted: [W]=WARN
[  326.998024][T17613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  326.998116][T17613] Call Trace:
[  326.998126][T17613]  <TASK>
[  326.998136][T17613]  __dump_stack+0x1d/0x30
[  326.998165][T17613]  dump_stack_lvl+0xe8/0x140
[  326.998197][T17613]  dump_stack+0x15/0x1b
[  326.998219][T17613]  should_fail_ex+0x265/0x280
[  326.998265][T17613]  ? __se_sys_memfd_create+0x1cc/0x590
[  326.998294][T17613]  should_failslab+0x8c/0xb0
[  326.998327][T17613]  __kmalloc_cache_noprof+0x4c/0x320
[  326.998447][T17613]  ? fput+0x8f/0xc0
[  326.998487][T17613]  __se_sys_memfd_create+0x1cc/0x590
[  326.998565][T17613]  __x64_sys_memfd_create+0x31/0x40
[  326.998670][T17613]  x64_sys_call+0x2abe/0x2ff0
[  326.998697][T17613]  do_syscall_64+0xd2/0x200
[  326.998734][T17613]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  326.998863][T17613]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  326.998893][T17613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.998914][T17613] RIP: 0033:0x7f98d06bebe9
[  326.998931][T17613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.998960][T17613] RSP: 002b:00007f98cf11ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  326.998985][T17613] RAX: ffffffffffffffda RBX: 000000000000042f RCX: 00007f98d06bebe9
[  326.998997][T17613] RDX: 00007f98cf11eef0 RSI: 0000000000000000 RDI: 00007f98d07427e8
[  326.999009][T17613] RBP: 0000200000000940 R08: 00007f98cf11ebb7 R09: 00007f98cf11ee40
[  326.999020][T17613] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000016c0
[  326.999085][T17613] R13: 00007f98cf11eef0 R14: 00007f98cf11eeb0 R15: 0000200000001080
[  326.999110][T17613]  </TASK>
[  327.297711][T17624] lo speed is unknown, defaulting to 1000
[  327.453414][T17620] tmpfs: Bad value for 'mpol'
[  327.459391][T17638] loop2: detected capacity change from 0 to 512
[  327.468177][T17637] FAULT_INJECTION: forcing a failure.
[  327.468177][T17637] name failslab, interval 1, probability 0, space 0, times 0
[  327.480885][T17637] CPU: 1 UID: 0 PID: 17637 Comm: syz.5.5059 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  327.480962][T17637] Tainted: [W]=WARN
[  327.480969][T17637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  327.480984][T17637] Call Trace:
[  327.480991][T17637]  <TASK>
[  327.481070][T17637]  __dump_stack+0x1d/0x30
[  327.481095][T17637]  dump_stack_lvl+0xe8/0x140
[  327.481117][T17637]  dump_stack+0x15/0x1b
[  327.481136][T17637]  should_fail_ex+0x265/0x280
[  327.481236][T17637]  should_failslab+0x8c/0xb0
[  327.481262][T17637]  __kmalloc_node_noprof+0xa9/0x410
[  327.481291][T17637]  ? qdisc_alloc+0x65/0x440
[  327.481311][T17637]  qdisc_alloc+0x65/0x440
[  327.481328][T17637]  ? nla_strcmp+0xc3/0xe0
[  327.481418][T17637]  qdisc_create+0xf5/0x9e0
[  327.481449][T17637]  tc_modify_qdisc+0xf2e/0x1420
[  327.481486][T17637]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  327.481545][T17637]  rtnetlink_rcv_msg+0x657/0x6d0
[  327.481577][T17637]  netlink_rcv_skb+0x123/0x220
[  327.481597][T17637]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  327.481676][T17637]  rtnetlink_rcv+0x1c/0x30
[  327.481700][T17637]  netlink_unicast+0x5bd/0x690
[  327.481735][T17637]  netlink_sendmsg+0x58b/0x6b0
[  327.481759][T17637]  ? __pfx_netlink_sendmsg+0x10/0x10
[  327.481841][T17637]  __sock_sendmsg+0x145/0x180
[  327.481869][T17637]  ____sys_sendmsg+0x31e/0x4e0
[  327.481894][T17637]  ___sys_sendmsg+0x17b/0x1d0
[  327.481982][T17637]  __x64_sys_sendmsg+0xd4/0x160
[  327.482008][T17637]  x64_sys_call+0x191e/0x2ff0
[  327.482029][T17637]  do_syscall_64+0xd2/0x200
[  327.482056][T17637]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  327.482156][T17637]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  327.482182][T17637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.482203][T17637] RIP: 0033:0x7f98d06bebe9
[  327.482218][T17637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.482235][T17637] RSP: 002b:00007f98cf11f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  327.482258][T17637] RAX: ffffffffffffffda RBX: 00007f98d08e5fa0 RCX: 00007f98d06bebe9
[  327.482270][T17637] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[  327.482282][T17637] RBP: 00007f98cf11f090 R08: 0000000000000000 R09: 0000000000000000
[  327.482294][T17637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.482305][T17637] R13: 00007f98d08e6038 R14: 00007f98d08e5fa0 R15: 00007ffc91818a38
[  327.482325][T17637]  </TASK>
[  327.726623][T17638] EXT4-fs: Ignoring removed mblk_io_submit option
[  327.733234][T17638] EXT4-fs: Ignoring removed nomblk_io_submit option
[  327.740537][T17638] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  327.749027][T17638] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  327.767675][T17638] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.5058: Allocating blocks 41-42 which overlap fs metadata
[  327.805408][T17638] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.5058: Allocating blocks 41-42 which overlap fs metadata
[  327.853575][T17638] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.5058: Failed to acquire dquot type 1
[  327.854448][T17646] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5061'.
[  327.881900][T17638] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  327.882102][T17648] loop5: detected capacity change from 0 to 512
[  327.904162][T17638] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5058: corrupted inode contents
[  327.917878][T17648] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  327.928094][T17638] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm syz.2.5058: mark_inode_dirty error
[  327.941397][T17638] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5058: corrupted inode contents
[  327.957561][T17648] EXT4-fs (loop5): 1 truncate cleaned up
[  327.963996][T17648] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.977730][T17638] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.5058: mark_inode_dirty error
[  327.998334][T17638] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5058: corrupted inode contents
[  328.030699][T17658] netlink: 100 bytes leftover after parsing attributes in process `syz.1.5064'.
[  328.041271][T17638] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  328.081175][T17638] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5058: corrupted inode contents
[  328.093884][T17638] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm syz.2.5058: mark_inode_dirty error
[  328.107180][T17638] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  328.128474][T17638] EXT4-fs (loop2): 1 truncate cleaned up
[  328.135533][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.135732][T17638] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.188449][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.219598][T17670] netlink: 12 bytes leftover after parsing attributes in process `gtp'.
[  328.228071][T17670] netlink: 32 bytes leftover after parsing attributes in process `gtp'.
[  328.253781][T17666] loop5: detected capacity change from 0 to 4096
[  328.295238][T17666] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.311516][T17666] EXT4-fs error (device loop5): ext4_empty_dir:3096: inode #12: block 80: comm syz.5.5067: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  328.337434][T17670] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=16409 sclass=netlink_xfrm_socket pid=17670 comm=gtp
[  328.376647][T17666] EXT4-fs (loop5): Remounting filesystem read-only
[  328.383337][T17666] EXT4-fs warning (device loop5): ext4_empty_dir:3099: inode #12: comm syz.5.5067: directory missing '..'
[  328.439184][T17679] netlink: 'syz.7.5072': attribute type 10 has an invalid length.
[  328.450649][T17679] 8021q: adding VLAN 0 to HW filter on device team0
[  328.459321][T17679] bond0: (slave team0): Enslaving as an active interface with an up link
[  328.469693][T17679] siw: device registration error -23
[  328.498581][T17687] loop7: detected capacity change from 0 to 512
[  328.513813][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.523148][T17687] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  328.537989][T17687] EXT4-fs (loop7): 1 truncate cleaned up
[  328.544255][T17687] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.565935][T17691] loop2: detected capacity change from 0 to 256
[  328.613813][T17690] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5074'.
[  328.622814][T17690] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5074'.
[  328.633462][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.654149][   T29] kauditd_printk_skb: 51 callbacks suppressed
[  328.654167][   T29] audit: type=1400 audit(328.629:17865): avc:  denied  { create } for  pid=17698 comm="syz.5.5078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  328.679926][   T29] audit: type=1400 audit(328.639:17866): avc:  denied  { connect } for  pid=17698 comm="syz.5.5078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  328.733330][   T29] audit: type=1400 audit(328.709:17867): avc:  denied  { create } for  pid=17698 comm="syz.5.5078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  328.756236][T17703] netlink: 'syz.5.5078': attribute type 3 has an invalid length.
[  328.767847][   T29] audit: type=1400 audit(328.729:17868): avc:  denied  { connect } for  pid=17698 comm="syz.5.5078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  328.789465][   T29] audit: type=1400 audit(328.769:17869): avc:  denied  { write } for  pid=17698 comm="syz.5.5078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  328.837166][   T29] audit: type=1400 audit(328.819:17870): avc:  denied  { ioctl } for  pid=17700 comm="syz.2.5081" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  328.864588][T17701] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  328.873823][T17701] FAT-fs (loop5): unable to read boot sector
[  328.914990][   T29] audit: type=1400 audit(328.849:17871): avc:  denied  { mounton } for  pid=17700 comm="syz.2.5081" path="/384/file0" dev="tmpfs" ino=2059 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  329.013654][T17714] netlink: 12 bytes leftover after parsing attributes in process `gtp'.
[  329.040236][T17714] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=16409 sclass=netlink_xfrm_socket pid=17714 comm=gtp
[  329.081516][T17716] lo speed is unknown, defaulting to 1000
[  329.142220][T17720] loop2: detected capacity change from 0 to 2048
[  329.197680][T17720] Alternate GPT is invalid, using primary GPT.
[  329.204118][T17720]  loop2: p2 p3 p7
[  329.213064][   T29] audit: type=1400 audit(329.189:17872): avc:  denied  { append } for  pid=17719 comm="syz.2.5087" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  329.403776][   T29] audit: type=1400 audit(329.379:17873): avc:  denied  { nlmsg_write } for  pid=17730 comm="syz.1.5092" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  329.457809][T17731] lo speed is unknown, defaulting to 1000
[  329.474690][   T29] audit: type=1326 audit(329.419:17874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17730 comm="syz.1.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d77debe9 code=0x7ffc0000
[  329.511770][T17734] loop4: detected capacity change from 0 to 512
[  329.542885][T17734] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  329.575250][T17734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.597599][T17734] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  329.607042][T17734] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  329.628001][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.821834][T17757] loop4: detected capacity change from 0 to 512
[  329.836156][T17757] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  329.861152][T17757] EXT4-fs (loop4): 1 truncate cleaned up
[  329.871723][T17757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.939962][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.017668][T17780] loop4: detected capacity change from 0 to 512
[  330.046876][T17780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.062231][T17785] loop7: detected capacity change from 0 to 256
[  330.080679][T17785] FAT-fs (loop7): codepage cp857 not found
[  330.103309][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.163631][T17793] syzkaller1: entered promiscuous mode
[  330.183912][T17793] syzkaller1: entered allmulticast mode
[  330.251495][T17807] loop2: detected capacity change from 0 to 512
[  330.259679][T17807] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  330.271481][T17807] EXT4-fs (loop2): 1 truncate cleaned up
[  330.277769][T17807] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.318526][T17812] loop4: detected capacity change from 0 to 256
[  330.335172][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.520005][T17827] netlink: 'syz.2.5124': attribute type 10 has an invalid length.
[  330.570857][T17835] loop2: detected capacity change from 0 to 164
[  330.636196][T17828] loop4: detected capacity change from 0 to 1024
[  330.650378][T17828] EXT4-fs: Ignoring removed nobh option
[  330.656077][T17828] EXT4-fs: Ignoring removed bh option
[  330.706809][T17845] loop2: detected capacity change from 0 to 256
[  330.717673][T17828] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.792136][T17856] FAULT_INJECTION: forcing a failure.
[  330.792136][T17856] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  330.805591][T17856] CPU: 0 UID: 0 PID: 17856 Comm: syz.5.5134 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  330.805631][T17856] Tainted: [W]=WARN
[  330.805640][T17856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  330.805654][T17856] Call Trace:
[  330.805676][T17856]  <TASK>
[  330.805683][T17856]  __dump_stack+0x1d/0x30
[  330.805757][T17856]  dump_stack_lvl+0xe8/0x140
[  330.805781][T17856]  dump_stack+0x15/0x1b
[  330.805828][T17856]  should_fail_ex+0x265/0x280
[  330.805955][T17856]  should_fail_alloc_page+0xf2/0x100
[  330.805983][T17856]  __alloc_frozen_pages_noprof+0xff/0x360
[  330.806030][T17856]  alloc_pages_mpol+0xb3/0x250
[  330.806061][T17856]  vma_alloc_folio_noprof+0x1aa/0x300
[  330.806099][T17856]  do_wp_page+0x5db/0x24e0
[  330.806159][T17856]  ? __rcu_read_lock+0x37/0x50
[  330.806189][T17856]  handle_mm_fault+0x77d/0x2c20
[  330.806220][T17856]  ? __rcu_read_unlock+0x4f/0x70
[  330.806257][T17856]  do_user_addr_fault+0x3fe/0x1090
[  330.806295][T17856]  exc_page_fault+0x62/0xa0
[  330.806318][T17856]  asm_exc_page_fault+0x26/0x30
[  330.806340][T17856] RIP: 0010:__put_user_4+0xd/0x20
[  330.806374][T17856] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[  330.806391][T17856] RSP: 0018:ffffc900029cbd80 EFLAGS: 00050202
[  330.806422][T17856] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000007ff8
[  330.806438][T17856] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  330.806449][T17856] RBP: 0000000000040000 R08: 0001c9000291502f R09: 0000000000000000
[  330.806462][T17856] R10: ffffffff810000d2 R11: 0001c900029cb968 R12: 0000000000000000
[  330.806474][T17856] R13: 0000200000007fc0 R14: 0000200000007fc0 R15: 00000000000003ff
[  330.806493][T17856]  ? entry_SYSCALL_64_after_hwframe+0x19/0x7f
[  330.806584][T17856]  __sys_sendmmsg+0x19b/0x300
[  330.806621][T17856]  __x64_sys_sendmmsg+0x57/0x70
[  330.806723][T17856]  x64_sys_call+0x1c4a/0x2ff0
[  330.806743][T17856]  do_syscall_64+0xd2/0x200
[  330.806768][T17856]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  330.806870][T17856]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  330.806912][T17856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.806962][T17856] RIP: 0033:0x7f98d06bebe9
[  330.806979][T17856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.806996][T17856] RSP: 002b:00007f98cf11f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  330.807012][T17856] RAX: ffffffffffffffda RBX: 00007f98d08e5fa0 RCX: 00007f98d06bebe9
[  330.807061][T17856] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000008
[  330.807077][T17856] RBP: 00007f98cf11f090 R08: 0000000000000000 R09: 0000000000000000
[  330.807091][T17856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  330.807106][T17856] R13: 00007f98d08e6038 R14: 00007f98d08e5fa0 R15: 00007ffc91818a38
[  330.807244][T17856]  </TASK>
[  331.125264][T17822] sd 0:0:1:0: device reset
[  331.265781][T17877] __nla_validate_parse: 5 callbacks suppressed
[  331.265809][T17877] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5139'.
[  331.323675][T17877] netlink: 'syz.1.5139': attribute type 1 has an invalid length.
[  331.331559][T17877] netlink: 'syz.1.5139': attribute type 2 has an invalid length.
[  331.360193][T17877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5139'.
[  331.407463][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.408369][T17877] pim6reg1: entered promiscuous mode
[  331.421930][T17877] pim6reg1: entered allmulticast mode
[  331.450626][T17858] netlink: 'syz.2.5135': attribute type 10 has an invalid length.
[  331.504858][T17891] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5143'.
[  331.573417][T17902] loop7: detected capacity change from 0 to 512
[  331.581431][T17902] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  331.594886][T17902] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.598183][T17904] loop2: detected capacity change from 0 to 512
[  331.628776][T17902] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  331.649777][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.655896][T17904] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.703424][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.759212][T17923] loop2: detected capacity change from 0 to 512
[  331.767248][T17923] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  331.780062][T17923] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.794817][T17923] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  331.817529][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.919051][T17938] loop2: detected capacity change from 0 to 256
[  331.976952][T17944] loop2: detected capacity change from 0 to 256
[  331.985479][T17930] netlink: 'syz.7.5158': attribute type 10 has an invalid length.
[  332.013272][T17930] siw: device registration error -23
[  332.101418][T17962] hugetlbfs: Bad value for 'gid'
[  332.106599][T17962] hugetlbfs: Bad value for 'gid'
[  332.112037][T17961] ªªªªªªÿÿòÿÿÿòÿÿ: renamed from wg2 (while UP)
[  332.217892][T17974] loop2: detected capacity change from 0 to 256
[  332.544179][T17986] netlink: 'syz.7.5181': attribute type 10 has an invalid length.
[  332.560485][T17986] siw: device registration error -23
[  332.863397][T18026] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  332.872713][T18026] FAT-fs (loop15): unable to read boot sector
[  333.053381][T18034] FAULT_INJECTION: forcing a failure.
[  333.053381][T18034] name failslab, interval 1, probability 0, space 0, times 0
[  333.066155][T18034] CPU: 0 UID: 0 PID: 18034 Comm: syz.2.5199 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  333.066192][T18034] Tainted: [W]=WARN
[  333.066198][T18034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  333.066265][T18034] Call Trace:
[  333.066272][T18034]  <TASK>
[  333.066280][T18034]  __dump_stack+0x1d/0x30
[  333.066301][T18034]  dump_stack_lvl+0xe8/0x140
[  333.066320][T18034]  dump_stack+0x15/0x1b
[  333.066339][T18034]  should_fail_ex+0x265/0x280
[  333.066365][T18034]  ? v9fs_mount+0x51/0x5c0
[  333.066413][T18034]  should_failslab+0x8c/0xb0
[  333.066442][T18034]  __kmalloc_cache_noprof+0x4c/0x320
[  333.066474][T18034]  v9fs_mount+0x51/0x5c0
[  333.066499][T18034]  ? selinux_capable+0x31/0x40
[  333.066581][T18034]  ? __pfx_v9fs_mount+0x10/0x10
[  333.066616][T18034]  legacy_get_tree+0x75/0xd0
[  333.066644][T18034]  vfs_get_tree+0x54/0x1d0
[  333.066668][T18034]  do_new_mount+0x207/0x5e0
[  333.066767][T18034]  ? security_capable+0x83/0x90
[  333.066830][T18034]  path_mount+0x4a4/0xb20
[  333.066857][T18034]  ? user_path_at+0x109/0x130
[  333.066964][T18034]  __se_sys_mount+0x28f/0x2e0
[  333.066997][T18034]  __x64_sys_mount+0x67/0x80
[  333.067020][T18034]  x64_sys_call+0x2b4d/0x2ff0
[  333.067044][T18034]  do_syscall_64+0xd2/0x200
[  333.067134][T18034]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  333.067157][T18034]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  333.067185][T18034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.067211][T18034] RIP: 0033:0x7fcf59e8ebe9
[  333.067300][T18034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.067317][T18034] RSP: 002b:00007fcf588ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  333.067339][T18034] RAX: ffffffffffffffda RBX: 00007fcf5a0b5fa0 RCX: 00007fcf59e8ebe9
[  333.067355][T18034] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 00002000000013c0
[  333.067370][T18034] RBP: 00007fcf588ef090 R08: 0000200000000080 R09: 0000000000000000
[  333.067436][T18034] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000002
[  333.067448][T18034] R13: 00007fcf5a0b6038 R14: 00007fcf5a0b5fa0 R15: 00007ffe275ffdf8
[  333.067466][T18034]  </TASK>
[  333.367683][T18046] program syz.7.5204 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  333.386124][T18048] FAULT_INJECTION: forcing a failure.
[  333.386124][T18048] name failslab, interval 1, probability 0, space 0, times 0
[  333.399285][T18048] CPU: 1 UID: 0 PID: 18048 Comm: syz.4.5203 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  333.399382][T18048] Tainted: [W]=WARN
[  333.399390][T18048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  333.399407][T18048] Call Trace:
[  333.399414][T18048]  <TASK>
[  333.399423][T18048]  __dump_stack+0x1d/0x30
[  333.399449][T18048]  dump_stack_lvl+0xe8/0x140
[  333.399473][T18048]  dump_stack+0x15/0x1b
[  333.399513][T18048]  should_fail_ex+0x265/0x280
[  333.399551][T18048]  should_failslab+0x8c/0xb0
[  333.399578][T18048]  __kvmalloc_node_noprof+0x123/0x4e0
[  333.399668][T18048]  ? io_alloc_cache_init+0x31/0xa0
[  333.399707][T18048]  io_alloc_cache_init+0x31/0xa0
[  333.399746][T18048]  io_ring_ctx_alloc+0x2d8/0x6a0
[  333.399797][T18048]  io_uring_create+0x10f/0x610
[  333.399832][T18048]  __se_sys_io_uring_setup+0x1f7/0x210
[  333.399870][T18048]  __x64_sys_io_uring_setup+0x31/0x40
[  333.399898][T18048]  x64_sys_call+0x2b21/0x2ff0
[  333.399931][T18048]  do_syscall_64+0xd2/0x200
[  333.399966][T18048]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  333.400040][T18048]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  333.400124][T18048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.400152][T18048] RIP: 0033:0x7fc44084ebe9
[  333.400171][T18048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.400247][T18048] RSP: 002b:00007fc43f2b6fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  333.400268][T18048] RAX: ffffffffffffffda RBX: 00007fc440a75fa0 RCX: 00007fc44084ebe9
[  333.400281][T18048] RDX: 0000200000000400 RSI: 0000200000000a40 RDI: 0000000000001b68
[  333.400296][T18048] RBP: 0000200000000a40 R08: 0000000000000000 R09: 0000200000000400
[  333.400309][T18048] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  333.400387][T18048] R13: 0000200000000240 R14: 0000000000001b68 R15: 0000200000000400
[  333.400414][T18048]  </TASK>
[  333.667851][T18063] loop2: detected capacity change from 0 to 256
[  333.693026][T18063] FAT-fs (loop2): codepage cp857 not found
[  333.708483][T18070] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5211'.
[  333.719465][T18070] netlink: 'syz.4.5211': attribute type 1 has an invalid length.
[  333.727284][T18070] netlink: 'syz.4.5211': attribute type 2 has an invalid length.
[  333.737235][T18070] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5211'.
[  333.750063][   T29] kauditd_printk_skb: 180 callbacks suppressed
[  333.750080][   T29] audit: type=1326 audit(333.722:18053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18069 comm="syz.4.5211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  333.783365][   T29] audit: type=1400 audit(333.762:18054): avc:  denied  { bind } for  pid=18071 comm="syz.7.5213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  333.795430][T18068] loop5: detected capacity change from 0 to 512
[  333.802363][   T29] audit: type=1400 audit(333.762:18055): avc:  denied  { name_bind } for  pid=18071 comm="syz.7.5213" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  333.830077][   T29] audit: type=1400 audit(333.762:18056): avc:  denied  { node_bind } for  pid=18071 comm="syz.7.5213" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  333.851358][   T29] audit: type=1326 audit(333.762:18057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18069 comm="syz.4.5211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  333.874513][   T29] audit: type=1326 audit(333.762:18058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18069 comm="syz.4.5211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  333.897726][   T29] audit: type=1326 audit(333.762:18059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18069 comm="syz.4.5211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  333.899036][T18074] FAULT_INJECTION: forcing a failure.
[  333.899036][T18074] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.920759][   T29] audit: type=1326 audit(333.762:18060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18069 comm="syz.4.5211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  333.933852][T18074] CPU: 0 UID: 0 PID: 18074 Comm: syz.1.5212 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  333.933968][T18074] Tainted: [W]=WARN
[  333.933978][T18074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  333.933996][T18074] Call Trace:
[  333.934004][T18074]  <TASK>
[  333.934014][T18074]  __dump_stack+0x1d/0x30
[  333.934097][T18074]  dump_stack_lvl+0xe8/0x140
[  333.934162][T18074]  dump_stack+0x15/0x1b
[  333.934188][T18074]  should_fail_ex+0x265/0x280
[  333.934233][T18074]  should_fail+0xb/0x20
[  333.934335][T18074]  should_fail_usercopy+0x1a/0x20
[  333.934367][T18074]  _copy_from_user+0x1c/0xb0
[  333.934478][T18074]  __x64_sys_epoll_ctl+0x92/0x100
[  333.934519][T18074]  x64_sys_call+0x706/0x2ff0
[  333.934548][T18074]  do_syscall_64+0xd2/0x200
[  333.934587][T18074]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  333.934676][T18074]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  333.934712][T18074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.934816][T18074] RIP: 0033:0x7f21d77debe9
[  333.934839][T18074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.934863][T18074] RSP: 002b:00007f21d623f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  333.934896][T18074] RAX: ffffffffffffffda RBX: 00007f21d7a05fa0 RCX: 00007f21d77debe9
[  333.934913][T18074] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000007
[  333.934933][T18074] RBP: 00007f21d623f090 R08: 0000000000000000 R09: 0000000000000000
[  333.934950][T18074] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  333.934967][T18074] R13: 00007f21d7a06038 R14: 00007f21d7a05fa0 R15: 00007ffeca576f78
[  333.934994][T18074]  </TASK>
[  333.991467][T18068] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  333.992599][   T29] audit: type=1326 audit(333.762:18061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18069 comm="syz.4.5211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  333.998979][T18068] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.001369][   T29] audit: type=1326 audit(333.762:18062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18069 comm="syz.4.5211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  334.201966][T18068] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  334.216031][T18080] pim6reg1: entered promiscuous mode
[  334.221402][T18080] pim6reg1: entered allmulticast mode
[  334.313135][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.329904][T18090] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5217'.
[  334.342825][T18094] loop5: detected capacity change from 0 to 1024
[  334.402767][T18096] loop7: detected capacity change from 0 to 512
[  334.570152][T18096] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.307411][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.340832][T18113] loop5: detected capacity change from 0 to 256
[  335.448558][T18130] loop7: detected capacity change from 0 to 256
[  335.467204][T18130] FAT-fs (loop7): codepage cp857 not found
[  335.483284][T18121] loop5: detected capacity change from 0 to 512
[  335.495166][T18121] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  335.509265][T18129] loop4: detected capacity change from 0 to 512
[  335.512748][T18121] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.518454][T18129] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  335.555055][T18121] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  335.564914][T18129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.607527][T18129] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  335.616703][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.641425][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.690779][T18147] lo speed is unknown, defaulting to 1000
[  335.758069][T18155] loop4: detected capacity change from 0 to 512
[  335.777528][T18155] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  335.803544][T18155] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.818940][T18155] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  335.839311][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.936223][T18176] loop4: detected capacity change from 0 to 512
[  335.953479][T18176] EXT4-fs: Ignoring removed mblk_io_submit option
[  335.961152][T18176] EXT4-fs: Ignoring removed nomblk_io_submit option
[  335.968589][T18176] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  335.977082][T18176] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  336.014770][T18176] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.5245: Allocating blocks 41-42 which overlap fs metadata
[  336.038723][T18176] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.5245: Allocating blocks 41-42 which overlap fs metadata
[  336.073174][T18176] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.5245: Failed to acquire dquot type 1
[  336.086122][T18176] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  336.115709][T18176] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.5245: corrupted inode contents
[  336.148913][T18176] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.5245: mark_inode_dirty error
[  336.167550][T18176] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.5245: corrupted inode contents
[  336.194588][T18176] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.5245: mark_inode_dirty error
[  336.233309][T18176] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.5245: corrupted inode contents
[  336.246706][T18176] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  336.257868][T18176] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.5245: corrupted inode contents
[  336.288669][T18187] lo speed is unknown, defaulting to 1000
[  336.306948][T18176] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.5245: mark_inode_dirty error
[  336.341624][T18192] loop5: detected capacity change from 0 to 512
[  336.352770][T18176] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  336.377877][T18192] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  336.388721][T18176] EXT4-fs (loop4): 1 truncate cleaned up
[  336.411899][T18192] EXT4-fs (loop5): 1 truncate cleaned up
[  336.412848][T18176] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.424103][T18192] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.459047][T18196] loop7: detected capacity change from 0 to 512
[  336.487171][T18196] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  336.501356][T18196] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.529266][T18196] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  336.544440][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.660546][T18216] loop2: detected capacity change from 0 to 256
[  336.712577][T18220] loop5: detected capacity change from 0 to 512
[  336.721114][T18220] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  336.744143][T18220] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.5257: corrupted in-inode xattr: overlapping e_value 
[  336.764953][T18220] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.5257: couldn't read orphan inode 15 (err -117)
[  336.780328][T18225] loop7: detected capacity change from 0 to 256
[  336.910906][T18232] netlink: 'syz.4.5265': attribute type 10 has an invalid length.
[  336.919767][T18232] siw: device registration error -23
[  337.153673][T18250] loop2: detected capacity change from 0 to 512
[  337.964393][T18250] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  338.095101][T18250] EXT4-fs (loop2): 1 truncate cleaned up
[  338.121849][T18259] loop4: detected capacity change from 0 to 512
[  338.129195][T18259] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  338.142067][T18250] FAULT_INJECTION: forcing a failure.
[  338.142067][T18250] name failslab, interval 1, probability 0, space 0, times 0
[  338.154838][T18250] CPU: 1 UID: 0 PID: 18250 Comm: syz.2.5271 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  338.154925][T18250] Tainted: [W]=WARN
[  338.154934][T18250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  338.154950][T18250] Call Trace:
[  338.154957][T18250]  <TASK>
[  338.154966][T18250]  __dump_stack+0x1d/0x30
[  338.154992][T18250]  dump_stack_lvl+0xe8/0x140
[  338.155079][T18250]  dump_stack+0x15/0x1b
[  338.155137][T18250]  should_fail_ex+0x265/0x280
[  338.155164][T18250]  should_failslab+0x8c/0xb0
[  338.155194][T18250]  kmem_cache_alloc_noprof+0x50/0x310
[  338.155238][T18250]  ? getname_flags+0x80/0x3b0
[  338.155307][T18250]  getname_flags+0x80/0x3b0
[  338.155404][T18250]  __x64_sys_renameat2+0x5f/0x90
[  338.155437][T18250]  x64_sys_call+0x3f9/0x2ff0
[  338.155463][T18250]  do_syscall_64+0xd2/0x200
[  338.155497][T18250]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  338.155606][T18250]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  338.155638][T18250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.155664][T18250] RIP: 0033:0x7fcf59e8ebe9
[  338.155685][T18250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.155709][T18250] RSP: 002b:00007fcf588ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  338.155732][T18250] RAX: ffffffffffffffda RBX: 00007fcf5a0b5fa0 RCX: 00007fcf59e8ebe9
[  338.155747][T18250] RDX: 000000000000000b RSI: 0000200000000480 RDI: 000000000000000b
[  338.155763][T18250] RBP: 00007fcf588ef090 R08: 0000000000000004 R09: 0000000000000000
[  338.155778][T18250] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  338.155801][T18250] R13: 00007fcf5a0b6038 R14: 00007fcf5a0b5fa0 R15: 00007ffe275ffdf8
[  338.155826][T18250]  </TASK>
[  338.158413][T18259] EXT4-fs (loop4): 1 truncate cleaned up
[  338.387652][T18272] loop2: detected capacity change from 0 to 512
[  338.408592][T18272] EXT4-fs: Ignoring removed mblk_io_submit option
[  338.416204][T18272] EXT4-fs: Ignoring removed nomblk_io_submit option
[  338.449019][T18272] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  338.457536][T18272] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  338.471255][T18274] loop4: detected capacity change from 0 to 512
[  338.571169][T18276] loop5: detected capacity change from 0 to 512
[  338.579249][T18274] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  338.592934][T18276] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  338.606828][T18272] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.5279: Allocating blocks 41-42 which overlap fs metadata
[  338.611504][T18280] FAT-fs (loop3): bogus number of reserved sectors
[  338.627267][T18280] FAT-fs (loop3): Can't find a valid FAT filesystem
[  338.672317][T18286] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5282'.
[  338.681427][T18286] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5282'.
[  338.705988][T18272] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.5279: Failed to acquire dquot type 1
[  338.717974][T18272] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  338.735263][T18272] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5279: corrupted inode contents
[  338.747952][T18272] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm syz.2.5279: mark_inode_dirty error
[  338.760249][T18272] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5279: corrupted inode contents
[  338.772766][T18272] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.5279: mark_inode_dirty error
[  338.785216][T18272] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5279: corrupted inode contents
[  338.799060][T18272] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  338.808589][T18272] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5279: corrupted inode contents
[  338.820712][T18272] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm syz.2.5279: mark_inode_dirty error
[  338.832792][T18272] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  338.842163][T18272] EXT4-fs (loop2): 1 truncate cleaned up
[  338.934926][T18274] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  338.963464][T18276] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  339.037178][T18306] loop5: detected capacity change from 0 to 1024
[  339.067475][T18306] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.5291: Allocating blocks 481-513 which overlap fs metadata
[  339.082481][T18309] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5290'.
[  339.091552][T18309] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5290'.
[  339.102413][T18306] FAULT_INJECTION: forcing a failure.
[  339.102413][T18306] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  339.115739][T18306] CPU: 0 UID: 0 PID: 18306 Comm: syz.5.5291 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  339.115772][T18306] Tainted: [W]=WARN
[  339.115780][T18306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  339.115796][T18306] Call Trace:
[  339.115805][T18306]  <TASK>
[  339.115814][T18306]  __dump_stack+0x1d/0x30
[  339.115891][T18306]  dump_stack_lvl+0xe8/0x140
[  339.115909][T18306]  dump_stack+0x15/0x1b
[  339.115925][T18306]  should_fail_ex+0x265/0x280
[  339.115944][T18306]  should_fail_alloc_page+0xf2/0x100
[  339.116036][T18306]  __alloc_frozen_pages_noprof+0xff/0x360
[  339.116144][T18306]  alloc_pages_mpol+0xb3/0x250
[  339.116197][T18306]  vma_alloc_folio_noprof+0x1aa/0x300
[  339.116241][T18306]  handle_mm_fault+0xec2/0x2c20
[  339.116270][T18306]  ? __rcu_read_unlock+0x4f/0x70
[  339.116335][T18306]  do_user_addr_fault+0x3fe/0x1090
[  339.116396][T18306]  exc_page_fault+0x62/0xa0
[  339.116419][T18306]  asm_exc_page_fault+0x26/0x30
[  339.116440][T18306] RIP: 0010:rep_stos_alternative+0x40/0x80
[  339.116508][T18306] Code: c9 75 f6 e9 52 04 02 00 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  339.116530][T18306] RSP: 0018:ffffc90000f5b940 EFLAGS: 00050206
[  339.116549][T18306] RAX: 0000000000000000 RBX: 00007ffffffff001 RCX: 0000000000053000
[  339.116563][T18306] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000200000005000
[  339.116577][T18306] RBP: 0000200000000000 R08: 0001c90000f5bc7f R09: 0000000000000000
[  339.116591][T18306] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000058000
[  339.116629][T18306] R13: ffffc90000f5bc78 R14: 0000000000000000 R15: 0000200000058000
[  339.116652][T18306]  iov_iter_zero+0xfc/0xd50
[  339.116685][T18306]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  339.116725][T18306]  ? iomap_iter+0x477/0x730
[  339.116817][T18306]  __iomap_dio_rw+0xc51/0x1250
[  339.116864][T18306]  ? filemap_map_pages+0x86b/0xab0
[  339.116903][T18306]  ? avc_policy_seqno+0x15/0x30
[  339.116985][T18306]  iomap_dio_rw+0x40/0x90
[  339.117013][T18306]  ext4_file_read_iter+0x20f/0x290
[  339.117046][T18306]  aio_read+0x1dd/0x2e0
[  339.117089][T18306]  io_submit_one+0xab2/0x11d0
[  339.117146][T18306]  __se_sys_io_submit+0xfb/0x280
[  339.117228][T18306]  __x64_sys_io_submit+0x43/0x50
[  339.117259][T18306]  x64_sys_call+0x2d5d/0x2ff0
[  339.117286][T18306]  do_syscall_64+0xd2/0x200
[  339.117344][T18306]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  339.117373][T18306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.117398][T18306] RIP: 0033:0x7f98d06bebe9
[  339.117412][T18306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.117441][T18306] RSP: 002b:00007f98cf11f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  339.117518][T18306] RAX: ffffffffffffffda RBX: 00007f98d08e5fa0 RCX: 00007f98d06bebe9
[  339.117534][T18306] RDX: 0000200000001d00 RSI: 000000001ffffff0 RDI: 00007f98cf0e6000
[  339.117548][T18306] RBP: 00007f98cf11f090 R08: 0000000000000000 R09: 0000000000000000
[  339.117563][T18306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  339.117579][T18306] R13: 00007f98d08e6038 R14: 00007f98d08e5fa0 R15: 00007ffc91818a38
[  339.117603][T18306]  </TASK>
[  339.156990][T18301] netlink: 'syz.4.5288': attribute type 10 has an invalid length.
[  339.327073][T18311] siw: device registration error -23
[  339.505154][T18314] loop7: detected capacity change from 0 to 512
[  339.513132][T18314] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  339.527291][T18314] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  339.562153][T18316] C: renamed from team_slave_0 (while UP)
[  339.571289][T18316] netlink: 164 bytes leftover after parsing attributes in process `syz.2.5292'.
[  339.585691][T18316] can0: slcan on ttyS3.
[  339.624762][T18316] can0 (unregistered): slcan off ttyS3.
[  339.635586][T18316] can0: slcan on ttyS3.
[  339.647724][T18316] netlink: 'syz.2.5292': attribute type 1 has an invalid length.
[  339.655699][T18316] netlink: 224 bytes leftover after parsing attributes in process `syz.2.5292'.
[  339.687298][T18327] loop5: detected capacity change from 0 to 512
[  339.696903][T18327] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  339.704499][T18330] lo speed is unknown, defaulting to 1000
[  339.723353][T18327] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  339.739201][T18333] lo speed is unknown, defaulting to 1000
[  339.763987][T18315] can0 (unregistered): slcan off ttyS3.
[  339.849681][T18345] loop2: detected capacity change from 0 to 512
[  339.850437][T18343] loop5: detected capacity change from 0 to 512
[  339.866703][T18345] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  339.886713][T18343] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  339.927330][T18345] EXT4-fs (loop2): 1 truncate cleaned up
[  339.944925][T18343] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  340.087782][T18365] loop4: detected capacity change from 0 to 1024
[  340.103184][T18365] EXT4-fs: Ignoring removed bh option
[  340.115746][T18367] loop5: detected capacity change from 0 to 512
[  340.126076][T18367] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  340.142329][T18367] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  340.214981][T18376] FAULT_INJECTION: forcing a failure.
[  340.214981][T18376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.228086][T18376] CPU: 0 UID: 0 PID: 18376 Comm: syz.5.5312 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  340.228124][T18376] Tainted: [W]=WARN
[  340.228133][T18376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  340.228148][T18376] Call Trace:
[  340.228156][T18376]  <TASK>
[  340.228164][T18376]  __dump_stack+0x1d/0x30
[  340.228195][T18376]  dump_stack_lvl+0xe8/0x140
[  340.228218][T18376]  dump_stack+0x15/0x1b
[  340.228240][T18376]  should_fail_ex+0x265/0x280
[  340.228267][T18376]  should_fail+0xb/0x20
[  340.228289][T18376]  should_fail_usercopy+0x1a/0x20
[  340.228315][T18376]  _copy_from_user+0x1c/0xb0
[  340.228418][T18376]  io_submit_one+0x52/0x11d0
[  340.228474][T18376]  __se_sys_io_submit+0xfb/0x280
[  340.228541][T18376]  __x64_sys_io_submit+0x43/0x50
[  340.228572][T18376]  x64_sys_call+0x2d5d/0x2ff0
[  340.228596][T18376]  do_syscall_64+0xd2/0x200
[  340.228686][T18376]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  340.228770][T18376]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  340.228799][T18376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.228883][T18376] RIP: 0033:0x7f98d06bebe9
[  340.228902][T18376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.228924][T18376] RSP: 002b:00007f98cf11f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  340.228948][T18376] RAX: ffffffffffffffda RBX: 00007f98d08e5fa0 RCX: 00007f98d06bebe9
[  340.228963][T18376] RDX: 00002000000001c0 RSI: 0000000000000001 RDI: 00007f98d1420000
[  340.228977][T18376] RBP: 00007f98cf11f090 R08: 0000000000000000 R09: 0000000000000000
[  340.228992][T18376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.229061][T18376] R13: 00007f98d08e6038 R14: 00007f98d08e5fa0 R15: 00007ffc91818a38
[  340.229134][T18376]  </TASK>
[  340.422909][T18381] loop2: detected capacity change from 0 to 256
[  340.426245][T18380] lo speed is unknown, defaulting to 1000
[  340.468501][T18381] FAT-fs (loop2): codepage cp857 not found
[  340.517387][T18389] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5316'.
[  340.526681][T18389] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5316'.
[  340.550306][T18390] loop4: detected capacity change from 0 to 256
[  340.567661][T18390] FAT-fs (loop4): codepage cp857 not found
[  340.632102][T18395] loop5: detected capacity change from 0 to 512
[  340.639905][T18395] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  340.651883][T18395] EXT4-fs (loop5): 1 truncate cleaned up
[  340.700141][T18401] loop5: detected capacity change from 0 to 256
[  340.818610][T18403] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  340.827957][T18403] FAT-fs (loop11): unable to read boot sector
[  340.920767][T18410] loop5: detected capacity change from 0 to 512
[  340.929921][T18410] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  340.945936][T18410] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  340.996335][T18421] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5329'.
[  341.005609][T18421] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5329'.
[  341.016928][   T29] kauditd_printk_skb: 49 callbacks suppressed
[  341.016946][   T29] audit: type=1400 audit(340.992:18105): avc:  denied  { execute } for  pid=18420 comm="syz.1.5329" dev="hugetlbfs" ino=60819 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  341.114981][T18431] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  341.121555][T18431] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  341.129073][T18431] vhci_hcd vhci_hcd.0: Device attached
[  341.137492][T18434] loop2: detected capacity change from 0 to 512
[  341.143977][T18431] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(6)
[  341.150591][T18431] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  341.158275][T18431] vhci_hcd vhci_hcd.0: Device attached
[  341.167589][T18431] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(8)
[  341.174163][T18431] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  341.181857][T18431] vhci_hcd vhci_hcd.0: Device attached
[  341.191713][T18431] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(10)
[  341.198354][T18431] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  341.206079][T18431] vhci_hcd vhci_hcd.0: Device attached
[  341.216681][T18431] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(12)
[  341.223351][T18431] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  341.230979][T18431] vhci_hcd vhci_hcd.0: Device attached
[  341.241706][T18431] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(14)
[  341.248406][T18431] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  341.256092][T18431] vhci_hcd vhci_hcd.0: Device attached
[  341.265892][T18431] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  341.274867][T18431] vhci_hcd vhci_hcd.0: pdev(1) rhport(7) sockfd(18)
[  341.281577][T18431] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  341.289529][T18431] vhci_hcd vhci_hcd.0: Device attached
[  341.300844][T18457] vhci_hcd: connection closed
[  341.301353][T18450] vhci_hcd: connection closed
[  341.306512][T18446] vhci_hcd: connection closed
[  341.311458][T18444] vhci_hcd: connection closed
[  341.319059][T18441] vhci_hcd: connection closed
[  341.325203][T18435] vhci_hcd: connection closed
[  341.336106][    T9] vhci_hcd: vhci_device speed not set
[  341.356905][T18432] vhci_hcd: connection closed
[  341.357097][ T9152] vhci_hcd: stop threads
[  341.366147][ T9152] vhci_hcd: release socket
[  341.370578][ T9152] vhci_hcd: disconnect device
[  341.391922][ T9152] vhci_hcd: stop threads
[  341.396277][ T9152] vhci_hcd: release socket
[  341.400759][ T9152] vhci_hcd: disconnect device
[  341.407563][ T9152] vhci_hcd: stop threads
[  341.411991][ T9152] vhci_hcd: release socket
[  341.416602][ T9152] vhci_hcd: disconnect device
[  341.418704][T18460] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  341.421864][    T9] usb 3-1: new full-speed USB device number 2 using vhci_hcd
[  341.430507][T18460] FAT-fs (loop5): unable to read boot sector
[  341.445106][T18433] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  341.455603][ T9152] vhci_hcd: stop threads
[  341.459962][ T9152] vhci_hcd: release socket
[  341.464654][ T9152] vhci_hcd: disconnect device
[  341.512211][ T9152] vhci_hcd: stop threads
[  341.516596][ T9152] vhci_hcd: release socket
[  341.521024][ T9152] vhci_hcd: disconnect device
[  341.529246][ T9152] vhci_hcd: stop threads
[  341.533520][ T9152] vhci_hcd: release socket
[  341.538067][ T9152] vhci_hcd: disconnect device
[  341.573491][ T9152] vhci_hcd: stop threads
[  341.577925][ T9152] vhci_hcd: release socket
[  341.582407][ T9152] vhci_hcd: disconnect device
[  341.628444][T18490] loop7: detected capacity change from 0 to 256
[  341.639561][T18488] loop2: detected capacity change from 0 to 256
[  341.750905][T18500] lo speed is unknown, defaulting to 1000
[  341.807091][T18496] netlink: 'syz.2.5350': attribute type 10 has an invalid length.
[  341.892608][T18510] FAULT_INJECTION: forcing a failure.
[  341.892608][T18510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.905906][T18510] CPU: 0 UID: 0 PID: 18510 Comm: syz.4.5355 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  341.905946][T18510] Tainted: [W]=WARN
[  341.905955][T18510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  341.905971][T18510] Call Trace:
[  341.905979][T18510]  <TASK>
[  341.906042][T18510]  __dump_stack+0x1d/0x30
[  341.906070][T18510]  dump_stack_lvl+0xe8/0x140
[  341.906096][T18510]  dump_stack+0x15/0x1b
[  341.906117][T18510]  should_fail_ex+0x265/0x280
[  341.906189][T18510]  should_fail+0xb/0x20
[  341.906213][T18510]  should_fail_usercopy+0x1a/0x20
[  341.906241][T18510]  _copy_to_user+0x20/0xa0
[  341.906273][T18510]  simple_read_from_buffer+0xb5/0x130
[  341.906327][T18510]  proc_fail_nth_read+0x10e/0x150
[  341.906443][T18510]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  341.906471][T18510]  vfs_read+0x1a8/0x770
[  341.906497][T18510]  ? __rcu_read_unlock+0x4f/0x70
[  341.906535][T18510]  ? __fget_files+0x184/0x1c0
[  341.906597][T18510]  ksys_read+0xda/0x1a0
[  341.906619][T18510]  __x64_sys_read+0x40/0x50
[  341.906779][T18510]  x64_sys_call+0x27bc/0x2ff0
[  341.906806][T18510]  do_syscall_64+0xd2/0x200
[  341.906890][T18510]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  341.906913][T18510]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  341.906940][T18510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.906966][T18510] RIP: 0033:0x7fc44084d5fc
[  341.906985][T18510] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  341.907081][T18510] RSP: 002b:00007fc43f2b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  341.907106][T18510] RAX: ffffffffffffffda RBX: 00007fc440a75fa0 RCX: 00007fc44084d5fc
[  341.907123][T18510] RDX: 000000000000000f RSI: 00007fc43f2b70a0 RDI: 0000000000000007
[  341.907139][T18510] RBP: 00007fc43f2b7090 R08: 0000000000000000 R09: 0000000000000000
[  341.907154][T18510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  341.907170][T18510] R13: 00007fc440a76038 R14: 00007fc440a75fa0 R15: 00007ffd8f7f4818
[  341.907189][T18510]  </TASK>
[  341.909395][   T29] audit: type=1326 audit(341.862:18106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  341.993883][T18508] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  341.998356][   T29] audit: type=1326 audit(341.862:18107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  342.003102][T18508] FAT-fs (loop5): unable to read boot sector
[  342.007256][   T29] audit: type=1326 audit(341.862:18108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  342.007287][   T29] audit: type=1326 audit(341.862:18109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  342.222418][   T29] audit: type=1326 audit(341.862:18110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  342.245407][   T29] audit: type=1326 audit(341.862:18111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  342.268647][   T29] audit: type=1326 audit(341.862:18112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  342.292063][   T29] audit: type=1326 audit(341.862:18113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  342.298766][T18515] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.315647][   T29] audit: type=1326 audit(341.862:18114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18509 comm="syz.4.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc44084ebe9 code=0x7ffc0000
[  342.356452][T18515] bridge_slave_0 (unregistering): left allmulticast mode
[  342.363544][T18515] bridge_slave_0 (unregistering): left promiscuous mode
[  342.370591][T18515] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.380033][T18514] loop7: detected capacity change from 0 to 512
[  342.387076][T18514] EXT4-fs: quotafile must be on filesystem root
[  342.437568][T18518] loop4: detected capacity change from 0 to 256
[  342.491523][T18514] random: crng reseeded on system resumption
[  342.525358][T18528] loop4: detected capacity change from 0 to 512
[  342.531541][T18530] loop2: detected capacity change from 0 to 512
[  342.533339][T18528] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  342.540472][T18530] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  342.579563][T18528] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  342.658837][T18530] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  342.715359][T18537] loop5: detected capacity change from 0 to 512
[  342.742963][T18537] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  342.831126][T18537] EXT4-fs (loop5): 1 truncate cleaned up
[  342.925682][T18542] netlink: 'syz.7.5365': attribute type 1 has an invalid length.
[  342.933480][T18542] netlink: 'syz.7.5365': attribute type 2 has an invalid length.
[  343.022566][T18544] loop5: detected capacity change from 0 to 512
[  343.029450][T18544] EXT4-fs: Ignoring removed mblk_io_submit option
[  343.038412][T18544] EXT4-fs: Ignoring removed nomblk_io_submit option
[  343.049906][T18544] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  343.058428][T18544] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  343.069055][T18547] pim6reg1: entered promiscuous mode
[  343.074420][T18547] pim6reg1: entered allmulticast mode
[  343.087840][T18544] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.5366: Allocating blocks 41-42 which overlap fs metadata
[  343.112675][T18544] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.5366: Allocating blocks 41-42 which overlap fs metadata
[  343.133959][T18544] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.5366: Failed to acquire dquot type 1
[  343.162100][T18546] netlink: 'syz.4.5367': attribute type 10 has an invalid length.
[  343.170788][T18544] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  343.172651][T18546] siw: device registration error -23
[  343.207452][T18544] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.5366: corrupted inode contents
[  343.213030][T18559] loop2: detected capacity change from 0 to 512
[  343.226702][T18559] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  343.227001][T18544] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #12: comm syz.5.5366: mark_inode_dirty error
[  343.248673][T18544] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.5366: corrupted inode contents
[  343.260331][T18559] EXT4-fs (loop2): 1 truncate cleaned up
[  343.262575][T18544] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.5366: mark_inode_dirty error
[  343.305265][T18544] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.5366: corrupted inode contents
[  343.318543][T18544] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  343.343490][T18544] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.5366: corrupted inode contents
[  343.356563][T18544] EXT4-fs error (device loop5): ext4_truncate:4666: inode #12: comm syz.5.5366: mark_inode_dirty error
[  343.367987][T18544] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  343.375457][T18571] loop2: detected capacity change from 0 to 512
[  343.379077][T18544] EXT4-fs (loop5): 1 truncate cleaned up
[  343.385087][T18571] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  343.391961][T18574] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  343.414232][T18571] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  343.464950][T18575] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  343.551314][T18583] loop2: detected capacity change from 0 to 512
[  343.559494][T18583] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  343.574315][T18583] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  343.665762][T18586] loop2: detected capacity change from 0 to 512
[  343.833823][T18599] loop7: detected capacity change from 0 to 512
[  343.840953][T18599] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  343.856041][T18599] EXT4-fs (loop7): 1 truncate cleaned up
[  343.926914][T18597] netlink: 'syz.2.5383': attribute type 10 has an invalid length.
[  343.966018][T18612] SELinux:  Context system_u:object_r:sendmail_exec_t:s0 is not valid (left unmapped).
[  343.982691][T18613] loop5: detected capacity change from 0 to 256
[  343.986880][T18615] __nla_validate_parse: 4 callbacks suppressed
[  343.986900][T18615] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5389'.
[  344.005256][T18615] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5389'.
[  344.011831][T18613] FAT-fs (loop5): codepage cp857 not found
[  344.081303][T18628] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5393'.
[  344.157262][T18638] loop7: detected capacity change from 0 to 512
[  344.165004][T18575] FAULT_INJECTION: forcing a failure.
[  344.165004][T18575] name fail_futex, interval 1, probability 0, space 0, times 1
[  344.177975][T18575] CPU: 1 UID: 0 PID: 18575 Comm: syz.1.5374 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  344.178019][T18575] Tainted: [W]=WARN
[  344.178027][T18575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  344.178106][T18575] Call Trace:
[  344.178112][T18575]  <TASK>
[  344.178119][T18575]  __dump_stack+0x1d/0x30
[  344.178141][T18575]  dump_stack_lvl+0xe8/0x140
[  344.178166][T18575]  dump_stack+0x15/0x1b
[  344.178185][T18575]  should_fail_ex+0x265/0x280
[  344.178242][T18575]  should_fail+0xb/0x20
[  344.178306][T18575]  get_futex_key+0x130/0xbd0
[  344.178438][T18575]  futex_wake+0x7d/0x360
[  344.178471][T18575]  ? __rcu_read_unlock+0x4f/0x70
[  344.178497][T18575]  do_futex+0x323/0x380
[  344.178529][T18575]  mm_release+0xb2/0x1e0
[  344.178564][T18575]  exit_mm_release+0x25/0x30
[  344.178589][T18575]  exit_mm+0x38/0x190
[  344.178628][T18575]  do_exit+0x417/0x15c0
[  344.178662][T18575]  ? __pfx_tcp_recvmsg+0x10/0x10
[  344.178813][T18575]  do_group_exit+0xff/0x140
[  344.178836][T18575]  ? get_signal+0xe51/0xf70
[  344.178865][T18575]  get_signal+0xe59/0xf70
[  344.178946][T18575]  arch_do_signal_or_restart+0x96/0x480
[  344.179031][T18575]  exit_to_user_mode_loop+0x7a/0x100
[  344.179094][T18575]  do_syscall_64+0x1d6/0x200
[  344.179119][T18575]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  344.179186][T18575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.179205][T18575] RIP: 0033:0x7f21d77debe9
[  344.179219][T18575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.179234][T18575] RSP: 002b:00007f21d61fd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  344.179251][T18575] RAX: fffffffffffffe00 RBX: 00007f21d7a06180 RCX: 00007f21d77debe9
[  344.179262][T18575] RDX: fffffffffffffd0b RSI: 0000200000000080 RDI: 0000000000000004
[  344.179281][T18575] RBP: 00007f21d61fd090 R08: 0000000000000000 R09: fffffffffffffd25
[  344.179292][T18575] R10: 0000000000000720 R11: 0000000000000246 R12: 0000000000000001
[  344.179325][T18575] R13: 00007f21d7a06218 R14: 00007f21d7a06180 R15: 00007ffeca576f78
[  344.179379][T18575]  </TASK>
[  344.444138][T18652] FAULT_INJECTION: forcing a failure.
[  344.444138][T18652] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  344.457501][T18652] CPU: 1 UID: 0 PID: 18652 Comm: syz.4.5401 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  344.457541][T18652] Tainted: [W]=WARN
[  344.457550][T18652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  344.457566][T18652] Call Trace:
[  344.457574][T18652]  <TASK>
[  344.457582][T18652]  __dump_stack+0x1d/0x30
[  344.457626][T18652]  dump_stack_lvl+0xe8/0x140
[  344.457645][T18652]  dump_stack+0x15/0x1b
[  344.457661][T18652]  should_fail_ex+0x265/0x280
[  344.457683][T18652]  should_fail_alloc_page+0xf2/0x100
[  344.457716][T18652]  __alloc_frozen_pages_noprof+0xff/0x360
[  344.457814][T18652]  alloc_pages_bulk_noprof+0x4b8/0x540
[  344.457856][T18652]  ? __kmalloc_noprof+0x364/0x3e0
[  344.457889][T18652]  ? copy_splice_read+0xc2/0x660
[  344.458017][T18652]  copy_splice_read+0xf3/0x660
[  344.458039][T18652]  ? __pfx_copy_splice_read+0x10/0x10
[  344.458057][T18652]  splice_direct_to_actor+0x26f/0x680
[  344.458157][T18652]  ? __pfx_direct_splice_actor+0x10/0x10
[  344.458249][T18652]  do_splice_direct+0xda/0x150
[  344.458337][T18652]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  344.458361][T18652]  do_sendfile+0x380/0x650
[  344.458398][T18652]  __x64_sys_sendfile64+0x105/0x150
[  344.458434][T18652]  x64_sys_call+0x2bb0/0x2ff0
[  344.458474][T18652]  do_syscall_64+0xd2/0x200
[  344.458501][T18652]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  344.458531][T18652]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  344.458591][T18652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.458663][T18652] RIP: 0033:0x7fc44084ebe9
[  344.458691][T18652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.458714][T18652] RSP: 002b:00007fc43f2b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  344.458749][T18652] RAX: ffffffffffffffda RBX: 00007fc440a75fa0 RCX: 00007fc44084ebe9
[  344.458788][T18652] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  344.458804][T18652] RBP: 00007fc43f2b7090 R08: 0000000000000000 R09: 0000000000000000
[  344.458820][T18652] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[  344.458836][T18652] R13: 00007fc440a76038 R14: 00007fc440a75fa0 R15: 00007ffd8f7f4818
[  344.458860][T18652]  </TASK>
[  344.835759][T18673] loop7: detected capacity change from 0 to 512
[  344.840521][T18640] netlink: 'syz.2.5398': attribute type 10 has an invalid length.
[  344.858281][T18673] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  344.879196][T18673] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  344.903320][T18682] loop5: detected capacity change from 0 to 512
[  344.928969][T18682] EXT4-fs: Ignoring removed mblk_io_submit option
[  344.936894][T18682] EXT4-fs: Ignoring removed nomblk_io_submit option
[  344.944284][T18682] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  344.952744][T18682] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  344.955145][T18681] loop4: detected capacity change from 0 to 512
[  344.973413][T18681] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.5411: Invalid inode bitmap blk 4 in block_group 0
[  344.988096][T18686] loop2: detected capacity change from 0 to 512
[  344.994446][T18689] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5414'.
[  345.005594][T18681] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  345.014856][T18686] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  345.015609][T18682] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.5410: Allocating blocks 41-42 which overlap fs metadata
[  345.030094][T18686] EXT4-fs (loop2): 1 truncate cleaned up
[  345.039880][T18682] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.5410: Allocating blocks 41-42 which overlap fs metadata
[  345.058682][T18682] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.5410: Failed to acquire dquot type 1
[  345.070313][T18682] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  345.085004][T18682] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.5410: corrupted inode contents
[  345.085142][T18689] loop7: detected capacity change from 0 to 512
[  345.103765][T18682] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #12: comm syz.5.5410: mark_inode_dirty error
[  345.124693][T18682] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.5410: corrupted inode contents
[  345.137043][T18682] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.5410: mark_inode_dirty error
[  345.149559][T18682] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.5410: corrupted inode contents
[  345.166781][T18682] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  345.189345][T18682] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.5410: corrupted inode contents
[  345.195934][T18703] loop2: detected capacity change from 0 to 512
[  345.207787][T18702] loop4: detected capacity change from 0 to 512
[  345.209239][T18703] EXT4-fs: Ignoring removed mblk_io_submit option
[  345.214841][T18702] EXT4-fs: Ignoring removed mblk_io_submit option
[  345.222751][T18703] EXT4-fs: Ignoring removed nomblk_io_submit option
[  345.233584][T18682] EXT4-fs error (device loop5): ext4_truncate:4666: inode #12: comm syz.5.5410: mark_inode_dirty error
[  345.245709][T18702] EXT4-fs: Ignoring removed nomblk_io_submit option
[  345.252897][T18702] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  345.256971][T18703] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  345.261431][T18702] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  345.262743][T18682] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  345.269946][T18703] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  345.281851][T18682] EXT4-fs (loop5): 1 truncate cleaned up
[  345.290553][T18702] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.5415: Allocating blocks 41-42 which overlap fs metadata
[  345.318075][T18702] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.5415: Allocating blocks 41-42 which overlap fs metadata
[  345.327561][T18703] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.5416: Allocating blocks 41-42 which overlap fs metadata
[  345.346129][T18702] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.5415: Failed to acquire dquot type 1
[  345.357911][T18702] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  345.358993][T18703] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.5416: Failed to acquire dquot type 1
[  345.379120][T18702] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.5415: corrupted inode contents
[  345.384818][T18703] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  345.410576][T18703] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5416: corrupted inode contents
[  345.418619][T18702] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.5415: mark_inode_dirty error
[  345.423320][T18703] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm syz.2.5416: mark_inode_dirty error
[  345.436365][T18702] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.5415: corrupted inode contents
[  345.446210][T18703] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5416: corrupted inode contents
[  345.471575][T18702] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.5415: mark_inode_dirty error
[  345.485111][T18702] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.5415: corrupted inode contents
[  345.486830][T18703] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.5416: mark_inode_dirty error
[  345.509603][T18703] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5416: corrupted inode contents
[  345.521538][T18702] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  345.522585][T18703] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  345.532885][T18702] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.5415: corrupted inode contents
[  345.540712][T18703] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm syz.2.5416: corrupted inode contents
[  345.554268][T18702] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.5415: mark_inode_dirty error
[  345.574935][T18702] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  345.576106][T18717] loop7: detected capacity change from 0 to 256
[  345.584681][T18702] EXT4-fs (loop4): 1 truncate cleaned up
[  345.596541][T18703] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm syz.2.5416: mark_inode_dirty error
[  345.608945][T18703] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  345.619746][T18703] EXT4-fs (loop2): 1 truncate cleaned up
[  345.623436][T18717] FAT-fs (loop7): codepage cp857 not found
[  345.769954][T18732] loop5: detected capacity change from 0 to 1024
[  345.776515][T18728] netlink: 'syz.7.5423': attribute type 10 has an invalid length.
[  345.776921][T18732] EXT4-fs: Ignoring removed nomblk_io_submit option
[  345.786344][T18728] siw: device registration error -23
[  345.791461][T18732] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  345.807495][T18732] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003]
[  345.815955][T18732] System zones: 0-1, 3-36
[  345.830910][T18736] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  345.844643][T18738] loop7: detected capacity change from 0 to 512
[  345.851790][T18738] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  345.867280][T18738] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.5425: Failed to acquire dquot type 1
[  345.875258][T18732] netlink: 'syz.5.5424': attribute type 3 has an invalid length.
[  345.883748][T18738] EXT4-fs (loop7): 1 truncate cleaned up
[  345.915507][T18742] loop5: detected capacity change from 0 to 512
[  345.922580][T18742] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  345.935963][T18742] EXT4-fs (loop5): 1 truncate cleaned up
[  345.940230][T18744] loop7: detected capacity change from 0 to 512
[  345.957360][T18744] EXT4-fs warning (device loop7): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  345.973354][T18744] EXT4-fs (loop7): mount failed
[  345.993274][T18744] loop7: detected capacity change from 0 to 512
[  346.019919][T18744] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.5427: corrupted inode contents
[  346.044071][T18744] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #3: comm syz.7.5427: mark_inode_dirty error
[  346.057950][T18744] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.5427: corrupted inode contents
[  346.073810][   T29] kauditd_printk_skb: 96 callbacks suppressed
[  346.073839][   T29] audit: type=1400 audit(346.042:18193): avc:  denied  { listen } for  pid=18750 comm="syz.5.5428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  346.099907][   T29] audit: type=1400 audit(346.052:18194): avc:  denied  { write } for  pid=18750 comm="syz.5.5428" path="socket:[61710]" dev="sockfs" ino=61710 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  346.099936][T18744] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #3: comm syz.7.5427: mark_inode_dirty error
[  346.141439][T18744] Quota error (device loop7): write_blk: dquota write failed
[  346.149364][T18744] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  346.159549][T18744] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.5427: Failed to acquire dquot type 0
[  346.172833][T18744] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.5427: corrupted inode contents
[  346.185765][T18763] loop4: detected capacity change from 0 to 256
[  346.195025][T18744] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #16: comm syz.7.5427: mark_inode_dirty error
[  346.203462][T18763] FAT-fs (loop4): codepage cp857 not found
[  346.209137][T18744] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.5427: corrupted inode contents
[  346.225447][T18744] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #16: comm syz.7.5427: mark_inode_dirty error
[  346.237402][T18765] loop2: detected capacity change from 0 to 512
[  346.238867][T18744] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.5427: corrupted inode contents
[  346.256130][T18744] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[  346.265016][T18744] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.5427: corrupted inode contents
[  346.268259][T18765] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.5433: Invalid inode bitmap blk 4 in block_group 0
[  346.293727][T18744] EXT4-fs error (device loop7): ext4_truncate:4666: inode #16: comm syz.7.5427: mark_inode_dirty error
[  346.306079][T18744] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[  346.306265][T18769] loop4: detected capacity change from 0 to 512
[  346.315516][T18744] EXT4-fs (loop7): 1 truncate cleaned up
[  346.324482][T18769] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  346.342954][T18769] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  346.351882][T18765] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  346.401235][T18774] loop5: detected capacity change from 0 to 256
[  346.403915][   T29] audit: type=1326 audit(346.372:18195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0c486ebe9 code=0x7ffc0000
[  346.430128][   T29] audit: type=1326 audit(346.372:18196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0c486ebe9 code=0x7ffc0000
[  346.430168][   T29] audit: type=1326 audit(346.372:18197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0c486ebe9 code=0x7ffc0000
[  346.430240][   T29] audit: type=1326 audit(346.372:18198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff0c486ebe9 code=0x7ffc0000
[  346.430274][   T29] audit: type=1326 audit(346.372:18199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0c486ebe9 code=0x7ffc0000
[  346.430309][   T29] audit: type=1326 audit(346.372:18200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ff0c486ebe9 code=0x7ffc0000
[  346.467310][T18784] serio: Serial port ptm0
[  346.627861][    T9] usb 3-1: enqueue for inactive port 0
[  346.633534][    T9] usb 3-1: enqueue for inactive port 0
[  346.683524][T18801] loop2: detected capacity change from 0 to 512
[  346.692163][T18801] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.5443: Invalid inode bitmap blk 4 in block_group 0
[  346.692229][T18803] loop4: detected capacity change from 0 to 256
[  346.712446][    T9] vhci_hcd: vhci_device speed not set
[  346.719059][T18801] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  346.729010][T18803] FAT-fs (loop4): codepage cp857 not found
[  346.770714][T18808] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5439'.
[  346.779836][T18808] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5439'.
[  346.850329][T12086] EXT4-fs unmount: 81 callbacks suppressed
[  346.850391][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.866985][T18810] loop4: detected capacity change from 0 to 512
[  346.890622][T18810] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.5445: Invalid inode bitmap blk 4 in block_group 0
[  346.914177][T18814] loop2: detected capacity change from 0 to 512
[  346.923116][T18814] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  346.937921][T18810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.951616][T18814] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.974132][T18810] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  346.988418][T18814] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  347.031993][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.054992][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.081909][T18817] FAULT_INJECTION: forcing a failure.
[  347.081909][T18817] name failslab, interval 1, probability 0, space 0, times 0
[  347.094671][T18817] CPU: 1 UID: 0 PID: 18817 Comm: syz.4.5447 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  347.094772][T18817] Tainted: [W]=WARN
[  347.094792][T18817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  347.094808][T18817] Call Trace:
[  347.094816][T18817]  <TASK>
[  347.094824][T18817]  __dump_stack+0x1d/0x30
[  347.094888][T18817]  dump_stack_lvl+0xe8/0x140
[  347.094912][T18817]  dump_stack+0x15/0x1b
[  347.094932][T18817]  should_fail_ex+0x265/0x280
[  347.094958][T18817]  should_failslab+0x8c/0xb0
[  347.094987][T18817]  kmem_cache_alloc_noprof+0x50/0x310
[  347.095082][T18817]  ? dst_alloc+0xbd/0x100
[  347.095104][T18817]  dst_alloc+0xbd/0x100
[  347.095130][T18817]  ip_route_output_key_hash_rcu+0xef5/0x1380
[  347.095182][T18817]  ip_route_output_flow+0x7b/0x130
[  347.095228][T18817]  udp_sendmsg+0x11b0/0x13c0
[  347.095289][T18817]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  347.095318][T18817]  ? avc_has_perm+0xf7/0x180
[  347.095356][T18817]  ? __pfx_udp_sendmsg+0x10/0x10
[  347.095405][T18817]  inet_sendmsg+0xac/0xd0
[  347.095432][T18817]  __sock_sendmsg+0x102/0x180
[  347.095469][T18817]  ____sys_sendmsg+0x345/0x4e0
[  347.095535][T18817]  ___sys_sendmsg+0x17b/0x1d0
[  347.095580][T18817]  __sys_sendmmsg+0x178/0x300
[  347.095622][T18817]  __x64_sys_sendmmsg+0x57/0x70
[  347.095676][T18817]  x64_sys_call+0x1c4a/0x2ff0
[  347.095702][T18817]  do_syscall_64+0xd2/0x200
[  347.095736][T18817]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  347.095766][T18817]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  347.095802][T18817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.095855][T18817] RIP: 0033:0x7fc44084ebe9
[  347.095874][T18817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.095896][T18817] RSP: 002b:00007fc43f2b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  347.095916][T18817] RAX: ffffffffffffffda RBX: 00007fc440a75fa0 RCX: 00007fc44084ebe9
[  347.095930][T18817] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000004
[  347.095945][T18817] RBP: 00007fc43f2b7090 R08: 0000000000000000 R09: 0000000000000000
[  347.095959][T18817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  347.095996][T18817] R13: 00007fc440a76038 R14: 00007fc440a75fa0 R15: 00007ffd8f7f4818
[  347.096018][T18817]  </TASK>
[  347.101853][T18819] loop2: detected capacity change from 0 to 512
[  347.236250][T18821] loop4: detected capacity change from 0 to 256
[  347.349641][T18819] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  347.379527][T18819] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.412062][T18819] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  347.447865][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.518391][T18832] netlink: 100 bytes leftover after parsing attributes in process `syz.4.5453'.
[  347.526955][T18834] 9pnet_fd: Insufficient options for proto=fd
[  347.553321][T18836] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5457'.
[  347.593946][T18840] loop4: detected capacity change from 0 to 512
[  347.601649][T18840] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  347.614537][T18840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.631754][T18842] loop7: detected capacity change from 0 to 512
[  347.639505][T18840] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  347.660504][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.678328][T18844] loop2: detected capacity change from 0 to 164
[  347.686910][T18842] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.701407][T18844] syz.2.5469: attempt to access beyond end of device
[  347.701407][T18844] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  347.716903][T18844] syz.2.5469: attempt to access beyond end of device
[  347.716903][T18844] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  347.761861][T18854] loop2: detected capacity change from 0 to 256
[  347.775947][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.779752][T18852] loop4: detected capacity change from 0 to 512
[  347.806527][T18852] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  347.843635][T18852] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.887594][T18870] 9pnet_fd: Insufficient options for proto=fd
[  347.920584][T18869] netlink: 100 bytes leftover after parsing attributes in process `syz.2.5468'.
[  347.954662][T18852] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  347.969921][T18865] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  347.979559][T18865] FAT-fs (loop15): unable to read boot sector
[  348.001275][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.107756][T18884] FAULT_INJECTION: forcing a failure.
[  348.107756][T18884] name failslab, interval 1, probability 0, space 0, times 0
[  348.120494][T18884] CPU: 1 UID: 0 PID: 18884 Comm: syz.7.5475 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  348.120531][T18884] Tainted: [W]=WARN
[  348.120539][T18884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  348.120553][T18884] Call Trace:
[  348.120561][T18884]  <TASK>
[  348.120569][T18884]  __dump_stack+0x1d/0x30
[  348.120622][T18884]  dump_stack_lvl+0xe8/0x140
[  348.120645][T18884]  dump_stack+0x15/0x1b
[  348.120663][T18884]  should_fail_ex+0x265/0x280
[  348.120711][T18884]  ? igmpv3_add_delrec+0x89/0x2e0
[  348.120743][T18884]  should_failslab+0x8c/0xb0
[  348.120796][T18884]  __kmalloc_cache_noprof+0x4c/0x320
[  348.120826][T18884]  ? __mod_timer+0x86/0x840
[  348.120853][T18884]  igmpv3_add_delrec+0x89/0x2e0
[  348.120917][T18884]  __igmp_group_dropped+0x409/0x460
[  348.120999][T18884]  ? mod_timer+0x1f/0x30
[  348.121028][T18884]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  348.121145][T18884]  __ip_mc_dec_group+0x194/0x3d0
[  348.121169][T18884]  ip_mc_drop_socket+0x16c/0x1e0
[  348.121201][T18884]  inet_release+0x31/0xf0
[  348.121277][T18884]  sock_close+0x68/0x150
[  348.121382][T18884]  ? __pfx_sock_close+0x10/0x10
[  348.121464][T18884]  __fput+0x298/0x650
[  348.121498][T18884]  ____fput+0x1c/0x30
[  348.121524][T18884]  task_work_run+0x131/0x1a0
[  348.121553][T18884]  exit_to_user_mode_loop+0xe4/0x100
[  348.121637][T18884]  do_syscall_64+0x1d6/0x200
[  348.121668][T18884]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  348.121689][T18884]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  348.121714][T18884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.121740][T18884] RIP: 0033:0x7ff0c486ebe9
[  348.121799][T18884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.121819][T18884] RSP: 002b:00007ff0c32cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  348.121836][T18884] RAX: 0000000000000000 RBX: 00007ff0c4a95fa0 RCX: 00007ff0c486ebe9
[  348.121848][T18884] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000005
[  348.121859][T18884] RBP: 00007ff0c32cf090 R08: 0000000000000000 R09: 0000000000000000
[  348.121871][T18884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.121901][T18884] R13: 00007ff0c4a96038 R14: 00007ff0c4a95fa0 R15: 00007ffe2c50d368
[  348.121924][T18884]  </TASK>
[  348.356751][T18886] loop5: detected capacity change from 0 to 256
[  348.371647][T18889] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5474'.
[  348.425829][T18893] lo speed is unknown, defaulting to 1000
[  348.450322][T18900] 9pnet_fd: Insufficient options for proto=fd
[  348.451536][T18898] loop4: detected capacity change from 0 to 512
[  348.488879][T18898] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.512347][T18906] loop5: detected capacity change from 0 to 512
[  348.533834][T18906] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  348.571818][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.586445][T18906] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.613452][T18906] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  348.661108][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.699308][T18919] syzkaller1: entered promiscuous mode
[  348.706887][T18919] syzkaller1: entered allmulticast mode
[  348.854190][T18921] Set syz1 is full, maxelem 65536 reached
[  349.850375][T18930] __nla_validate_parse: 3 callbacks suppressed
[  349.850391][T18930] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5488'.
[  349.894787][T18935] loop5: detected capacity change from 0 to 1024
[  349.908355][T18935] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.953183][T18943] 9pnet_fd: Insufficient options for proto=fd
[  349.960115][T18935] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.998871][T18946] lo speed is unknown, defaulting to 1000
[  350.101129][T18956] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5495'.
[  350.109930][T18947] netlink: 'syz.7.5493': attribute type 10 has an invalid length.
[  350.119907][T18947] siw: device registration error -23
[  350.188311][T18964] loop7: detected capacity change from 0 to 512
[  350.197664][T18964] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[  350.205791][T18964] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -2
[  350.215573][T18964] EXT4-fs (loop7): 1 truncate cleaned up
[  350.221747][T18964] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.236568][T18964] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.270041][T18956] loop5: detected capacity change from 0 to 512
[  350.288035][T18956] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.336553][T18978] loop7: detected capacity change from 0 to 512
[  350.343619][T18978] EXT4-fs: Ignoring removed mblk_io_submit option
[  350.350575][T18978] EXT4-fs: Ignoring removed nomblk_io_submit option
[  350.358855][T18978] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  350.367353][T18978] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  350.390736][T10626] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.405606][T18978] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.5500: Allocating blocks 41-42 which overlap fs metadata
[  350.421618][T18978] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.5500: Allocating blocks 41-42 which overlap fs metadata
[  350.437816][T18978] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.5500: Failed to acquire dquot type 1
[  350.449567][T18978] EXT4-fs error (device loop7): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  350.466019][T18978] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #12: comm syz.7.5500: corrupted inode contents
[  350.478570][T18978] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #12: comm syz.7.5500: mark_inode_dirty error
[  350.492938][T18978] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #12: comm syz.7.5500: corrupted inode contents
[  350.507274][T18978] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #12: comm syz.7.5500: mark_inode_dirty error
[  350.520815][T18978] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #12: comm syz.7.5500: corrupted inode contents
[  350.534273][T18978] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[  350.543295][T18978] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #12: comm syz.7.5500: corrupted inode contents
[  350.558891][T18978] EXT4-fs error (device loop7): ext4_truncate:4666: inode #12: comm syz.7.5500: mark_inode_dirty error
[  350.570861][T18978] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[  350.581774][T18978] EXT4-fs (loop7): 1 truncate cleaned up
[  350.588473][T18978] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.191304][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.248530][T18986] loop7: detected capacity change from 0 to 512
[  351.261447][T18986] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  351.282160][T18986] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.300353][T18986] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  351.323854][T18996] lo speed is unknown, defaulting to 1000
[  351.332337][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.370376][T19001] loop7: detected capacity change from 0 to 512
[  351.398381][T19001] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  351.416678][T19001] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.436679][T19001] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  351.463052][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.480406][   T29] kauditd_printk_skb: 91 callbacks suppressed
[  351.480421][   T29] audit: type=1400 audit(351.452:18288): avc:  denied  { create } for  pid=19012 comm="syz.5.5513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  351.514476][   T29] audit: type=1400 audit(351.482:18289): avc:  denied  { getopt } for  pid=19012 comm="syz.5.5513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  351.555496][T19021] 9pnet_fd: Insufficient options for proto=fd
[  351.571853][T19024] loop7: detected capacity change from 0 to 512
[  351.594515][T19024] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm syz.7.5514: Invalid inode bitmap blk 4 in block_group 0
[  351.624390][T19024] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.642876][T19024] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  351.666020][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.734519][T19040] loop4: detected capacity change from 0 to 256
[  351.772232][T19040] FAT-fs (loop4): codepage cp857 not found
[  351.875893][T19053] loop7: detected capacity change from 0 to 1024
[  351.882672][T19053] EXT4-fs: Ignoring removed nomblk_io_submit option
[  351.890506][T19053] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  351.899401][T19051] loop4: detected capacity change from 0 to 512
[  351.907410][T19053] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003]
[  351.917574][T19051] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.5528: Invalid inode bitmap blk 4 in block_group 0
[  351.923758][T19053] System zones: 0-1, 3-36
[  351.941189][T19051] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.944396][T19053] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.971851][T19051] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  352.009309][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.020416][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.055260][T19062] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5532'.
[  352.082465][T19056] loop2: detected capacity change from 0 to 1024
[  352.095357][T19056] EXT4-fs: Ignoring removed nobh option
[  352.100979][T19056] EXT4-fs: Ignoring removed bh option
[  352.125752][T19056] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.138677][T19069] loop4: detected capacity change from 0 to 512
[  352.166388][T19069] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.190907][T19073] loop7: detected capacity change from 0 to 512
[  352.211818][T19073] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  352.225551][T19073] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.238807][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.253639][T19073] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  352.304625][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.328403][T19080] sd 0:0:1:0: device reset
[  352.347456][   T29] audit: type=1326 audit(352.302:18290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19043 comm="syz.2.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf59e8ebe9 code=0x7ffc0000
[  352.370599][   T29] audit: type=1326 audit(352.302:18291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19043 comm="syz.2.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf59e8ebe9 code=0x7ffc0000
[  352.393649][   T29] audit: type=1326 audit(352.302:18292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19043 comm="syz.2.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcf59e8d550 code=0x7ffc0000
[  352.416728][   T29] audit: type=1326 audit(352.302:18293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19043 comm="syz.2.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf59e8ebe9 code=0x7ffc0000
[  352.439979][   T29] audit: type=1326 audit(352.302:18294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19043 comm="syz.2.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf59e8ebe9 code=0x7ffc0000
[  352.463149][   T29] audit: type=1326 audit(352.302:18295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19043 comm="syz.2.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fcf59e8ebe9 code=0x7ffc0000
[  352.486127][   T29] audit: type=1326 audit(352.302:18296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19043 comm="syz.2.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf59e8ebe9 code=0x7ffc0000
[  352.509132][   T29] audit: type=1326 audit(352.302:18297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19043 comm="syz.2.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf59e8ebe9 code=0x7ffc0000
[  352.565307][T19088] loop4: detected capacity change from 0 to 1024
[  352.593729][T19088] EXT4-fs: Ignoring removed nomblk_io_submit option
[  352.626374][T19088] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  352.650618][T19088] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003]
[  352.659953][T19088] System zones: 0-1, 3-36
[  352.665430][T19088] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.738929][T19096] loop7: detected capacity change from 0 to 512
[  352.755803][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.774426][T19097] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5538'.
[  352.783443][T19097] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5538'.
[  352.794736][T19096] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm syz.7.5541: Invalid inode bitmap blk 4 in block_group 0
[  352.811567][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.824749][T19096] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.839167][T19096] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  352.879566][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.909216][T19107] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5545'.
[  353.006519][T19116] loop2: detected capacity change from 0 to 512
[  353.017268][T19116] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.068561][T19115] loop4: detected capacity change from 0 to 512
[  353.098356][T19115] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm +}[@: Invalid inode bitmap blk 4 in block_group 0
[  353.115911][T19115] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.129826][T12086] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.139134][T19123] loop7: detected capacity change from 0 to 512
[  353.148051][T19123] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  353.169108][T19123] EXT4-fs (loop7): 1 truncate cleaned up
[  353.173283][T19127] 9pnet_fd: Insufficient options for proto=fd
[  353.175423][T19123] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.194534][T19115] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  353.239077][T17187] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.248916][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.281297][T19133] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5551'.
[  353.300282][T19131] loop4: detected capacity change from 0 to 512
[  353.323464][T19133] netlink: 'syz.7.5551': attribute type 1 has an invalid length.
[  353.331359][T19133] netlink: 'syz.7.5551': attribute type 2 has an invalid length.
[  353.342685][T19131] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.5552: Invalid inode bitmap blk 4 in block_group 0
[  353.357371][T19133] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5551'.
[  353.384569][T19131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.424318][T19131] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  353.459725][T10748] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.590323][T19156] 9pnet_fd: Insufficient options for proto=fd
[  353.755476][    T9] ==================================================================
[  353.763692][    T9] BUG: KCSAN: data-race in pipe_poll / pipe_resize_ring
[  353.770675][    T9] 
[  353.773011][    T9] write to 0xffff8881294e27d8 of 4 bytes by task 19161 on cpu 1:
[  353.780733][    T9]  pipe_resize_ring+0x2c3/0x350
[  353.785627][    T9]  pipe_fcntl+0x2e3/0x350
[  353.790019][    T9]  do_fcntl+0x667/0xdf0
[  353.794209][    T9]  __se_sys_fcntl+0xb1/0x120
[  353.798833][    T9]  __x64_sys_fcntl+0x43/0x50
[  353.803463][    T9]  x64_sys_call+0x29a0/0x2ff0
[  353.808153][    T9]  do_syscall_64+0xd2/0x200
[  353.812674][    T9]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.818582][    T9] 
[  353.820911][    T9] read to 0xffff8881294e27d8 of 4 bytes by task 9 on cpu 0:
[  353.828207][    T9]  pipe_poll+0x1ea/0x250
[  353.832483][    T9]  p9_poll_workfn+0x29f/0x3e0
[  353.837264][    T9]  process_scheduled_works+0x4ce/0x9d0
[  353.842747][    T9]  worker_thread+0x582/0x770
[  353.847450][    T9]  kthread+0x486/0x510
[  353.851540][    T9]  ret_from_fork+0xda/0x150
[  353.856057][    T9]  ret_from_fork_asm+0x1a/0x30
[  353.860829][    T9] 
[  353.863158][    T9] value changed: 0x00000010 -> 0x00000001
[  353.869050][    T9] 
[  353.871376][    T9] Reported by Kernel Concurrency Sanitizer on:
[  353.877576][    T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  353.888718][    T9] Tainted: [W]=WARN
[  353.892544][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  353.902612][    T9] Workqueue: events p9_poll_workfn
[  353.907747][    T9] ==================================================================