last executing test programs:

2.881769466s ago: executing program 2 (id=571):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

2.369876505s ago: executing program 4 (id=585):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008080003400000011014"], 0xc4}}, 0x20050800)

2.268422125s ago: executing program 4 (id=588):
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
read$char_usb(r0, &(0x7f0000000100)=""/124, 0xfffffd77)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000040)={'gre0\x00', &(0x7f0000000000)={'gre0\x00', <r1=>0x0, 0x80, 0x40, 0x7080, 0x6, {{0x6, 0x4, 0x0, 0x16, 0x18, 0x67, 0x0, 0x8, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x35}, @dev={0xac, 0x14, 0x14, 0x1e}, {[@end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'syztnl2\x00', &(0x7f0000000080)={'syztnl1\x00', r1, 0x8000, 0x1, 0x6, 0x9, {{0xf, 0x4, 0x0, 0x1b, 0x3c, 0x67, 0x0, 0x3, 0x4, 0x0, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ssrr={0x89, 0x27, 0xc1, [@private=0xa010102, @dev={0xac, 0x14, 0x14, 0x21}, @local, @dev={0xac, 0x14, 0x14, 0x2b}, @private=0xa010100, @empty, @multicast1, @multicast1, @multicast2]}]}}}}})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x48, 0x30, 0x9, 0x0, 0x0, {}, [{0x34, 0x1, [@m_skbedit={0x30, 0x1, 0x0, 0x0, {{0xc}, {0x4}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x3b}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
close(r2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000040)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x24, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@add_addr={0x1e, 0xa, 0x5, 0xa, 0x0, @remote}, @mptcp=@ack={0x1e, 0x4, 0x7f}]}}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)

2.056840205s ago: executing program 4 (id=591):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="5402"], 0x69)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000300)=0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000ec2e4818", @ANYRES32, @ANYRESDEC=r0], 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0)
close(r5)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000007000000020000000100000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r6, &(0x7f0000000440), &(0x7f0000000b00)=""/130}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x80, r6}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
statx(r7, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x7ff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={r5, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000001240)="b9ff03076804268c989e14f088a8657986dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
close(r0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r8}, 0x10)
r10 = getpgrp(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r10, r9, 0x0, 0xf, &(0x7f00000000c0)='netlink_extack\x00'}, 0x30)
ptrace$ARCH_SET_CPUID(0x1e, r10, 0x1, 0x1012)

2.035085274s ago: executing program 2 (id=592):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYRES8=0x0], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mq_open(&(0x7f0000000000)='\x00', 0x1, 0x44, &(0x7f00000001c0)={0x1ff, 0x9, 0x100000000, 0xe})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
msgctl$IPC_SET(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10)
execve(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'team_slave_0\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000a40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010300000000000000001c0000000c00018008000100", @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
setpriority(0x0, r7, 0x8)
timer_create(0x2, &(0x7f00000002c0)={0x0, 0x8, 0x0, @tid=r7}, &(0x7f0000000300))

1.946635784s ago: executing program 2 (id=594):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
getrlimit(0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000280)=[&(0x7f000060e000/0x4000)=nil], &(0x7f00000002c0), &(0x7f0000000300), 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='devlink_hwerr\x00', r2}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="4269928f8f40560df121fc129f7fa9059e183fad55f96b2d3de96258b8cb8b25e1dc18962d07fc18100b68aaf18b49bc9292a04dddc89cbeff4cebdc2a28be3a973034c6fb775471177cd6ffced02e9589df5d219f7c5ffc72466d7ad21331c8b30caff162cf"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r4, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000500)={&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYBLOB="120629bd7000fbdbdf255c00000008006b005a00000008006b001c02000876006b005a000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x20000810)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffd000/0x3000)=nil)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000380)={0x6, &(0x7f0000000300)=[{0x9, 0x3, 0x2, 0x401}, {0x3, 0x4, 0x0, 0x2}, {0x400, 0xcc, 0xf8, 0x13}, {0x1, 0x7, 0x9, 0x6}, {0x7, 0x33, 0x4, 0x2}, {0x40, 0x7, 0xfa, 0xfffffff4}]}, 0x10)
lseek(r7, 0x38, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="020000dcc45c121f14461c179abe0004faff0008", @ANYRES32=r1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="02000000020000000100"/28], 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@union={0x0, 0x0, 0x0, 0x5, 0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0x8}}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
pivot_root(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)

1.929468014s ago: executing program 2 (id=595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000008"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[], 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000040)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x68, 0x0, 0x0, 0x2, 0x0, @rand_addr=0x1, @dev={0xac, 0x14, 0x14, 0x10}, {[@noop, @generic={0x88, 0x2}]}}, @address_request}}}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x480, &(0x7f0000000000)={[{@nomblk_io_submit}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}]}, 0x1, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000500)={0x28, 0x0, 0x1, @host}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty}, 0x1c)
getsockopt$IP_SET_OP_GET_FNAME(r4, 0x1, 0x53, &(0x7f0000000080)={0x8, 0x7, 0x0, 'syz0\x00'}, &(0x7f00000000c0)=0x2c)
shutdown(r4, 0x1)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, 0x0, 0x0)
pipe2$9p(&(0x7f0000000040), 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
bind$inet(r5, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10)
sendmmsg$inet(r5, &(0x7f0000000600), 0x0, 0x2000c044)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2, 0x80000000}, 0x1c)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r8, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)

1.542164174s ago: executing program 1 (id=602):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000080000100000000000000000000000000008000000500000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_tracing={0x1a, 0x12, &(0x7f0000000180)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @generic={0x2, 0x9, 0xc, 0x7, 0x80000001}, @jmp={0x5, 0x0, 0x7, 0x4, 0xa, 0xffffffffffffffff, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc}, @call={0x85, 0x0, 0x0, 0x4b}], &(0x7f0000000040)='GPL\x00', 0x3, 0x31, &(0x7f0000000080)=""/49, 0x41000, 0x4, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x4, 0x8, 0xd, 0x9}, 0x10, 0x2b223, 0xffffffffffffffff, 0x4, &(0x7f0000000300)=[r0, 0x1, r0, r0, r0, r0], &(0x7f0000000340)=[{0x3, 0x1, 0xf, 0xb}, {0x2, 0x3, 0x5, 0xa}, {0x2, 0x4, 0x3, 0xc}, {0x1, 0x2, 0xb, 0xa}], 0x10, 0x1, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_UIE_ON(r2, 0x7003)
ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x16, 0x0, 0xa9, 0x0, 0xf1, 0x1})

1.541525644s ago: executing program 1 (id=603):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
execve(&(0x7f0000000340)='./file0/file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000000), &(0x7f0000000240)=ANY=[], 0x15, 0x0)

1.502388723s ago: executing program 1 (id=605):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x1ff, 0x5c, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

1.452214963s ago: executing program 1 (id=608):
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'pim6reg\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x401800, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = io_uring_setup(0x1ee7, &(0x7f0000000000)={0x0, 0x4f7e, 0x800, 0x3, 0x323})
io_uring_register$IORING_REGISTER_FILES2(r3, 0xd, &(0x7f00000002c0)={0x1, 0x1000000, 0x0, &(0x7f0000000200)=[{0x0}], 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='signal_deliver\x00'}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32, @ANYBLOB="0000000000000000000e355665dc1de1ca00a33e", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000070000000300000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='mr_alloc\x00', r4}, 0x18)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000500)={0xffffffffffffffff}, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4)
bind$inet6(r7, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @empty}, 0x1c)
shutdown(r7, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r1, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000300)=r6}, 0x51)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1b, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000f00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='mm_page_free\x00', r9}, 0x10)
setrlimit(0x9, &(0x7f0000000000))

1.330808763s ago: executing program 1 (id=610):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000080000100000000000000000000000000008000000500000000"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r5}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@version_u}]}})
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r8, @ANYRESHEX=r4], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_tracing={0x1a, 0x12, &(0x7f0000000180)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @generic={0x2, 0x9, 0xc, 0x7, 0x80000001}, @jmp={0x5, 0x0, 0x7, 0x4, 0xa, 0xffffffffffffffff, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc}, @call={0x85, 0x0, 0x0, 0x4b}], &(0x7f0000000040)='GPL\x00', 0x3, 0x31, &(0x7f0000000080)=""/49, 0x41000, 0x4, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x5, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0x8, 0xd, 0x9}, 0x10, 0x2b223, r9, 0x4, &(0x7f0000000300)=[r0, 0x1, r0, r0, r0, r0], &(0x7f0000000340)=[{0x3, 0x1, 0xf, 0xb}, {0x2, 0x3, 0x5, 0xa}, {0x2, 0x4, 0x3, 0xc}, {0x1, 0x2, 0xb, 0xa}], 0x10, 0x1, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x1c, 0xc, &(0x7f0000000600)=ANY=[@ANYRES64=r1], 0x0, 0x20000001, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x1e, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r10)
r11 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$int_in(r11, 0x5452, &(0x7f0000000280)=0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB="2c007b410ad9c857a2b64a0119ea"])
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r12}, 0x10)
r13 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_UIE_ON(r13, 0x7003)

1.330079353s ago: executing program 3 (id=611):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x24, 0x0, &(0x7f0000000180))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r3}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000080)={'dummy0\x00'})
r5 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r5, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}})
r6 = socket$can_raw(0x1d, 0x3, 0x1)
r7 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r7, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
bind(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r7, {0x2, 0x4e23, @remote}, 0x0, 0x3, 0x4, 0x1}}, 0x80)

1.328610693s ago: executing program 0 (id=612):
r0 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x54e, &(0x7f00000014c0)="$eJzs3c9vHFcdAPDvjH+sm6ZxAj1ABSRAIaAou/Gmjape2lxAqKqEqDggDqmxN5bJbjZk16U2kXD/hiKBxAn+BA5IHJB64sCNIxIHhFQOSAEsUIwE0qKZHf+ovcaLd73bej8faTLz5s3M973Ys+/t2/W8ACbWlYjYjIjZiHgzIuaL/UmxxKvdJTvuydajpe2tR0tJdDpv/C3J87N9+QmlvWs+XVxzLiK+8dWI7ySH47bWN+4t1uu1h0W60m48qLTWN66vNhZXaiu1+9XqrYVbN166+WJ1aHW93PjF46+svvbNX//q0+//bvPLP8iKdb7I263HkHWrPrMbJzMdEa+dRrAxmCrWs2MuByeTRsTHIuJz+f0/H1P5bycAcJZ1OvPRmd+fBgDOujQfA0vSckSkadEJKHfH8J6Nc2m92Wpfu9tcu7/cHSu7GDPp3dV67cal0h++lx88k2TphTwvz8/T1QPpmxFxKSJ+VHoqT5eXmvXl8XR5AGDiPb2//Y+If5bStFzu69Qen+oBAB8Zc+MuAAAwctp/AJg82n8AmDx9tP/Fh/2bp14WAGA0/r/3/xdOrRwAwOgY/weAyaP9B4CJ8vXXX8+Wznbx/Ovlt9bX7jXfur5ca90rN9aWykvNhw/KK83mSv7MnsZx16s3mw8WXoi1tyvtWqtdaa1v3Gk01+637+TP9b5TmxlJrQCA/+XS5fd+n0TE5stP5Uvsm8tBWw1nWzruAgBjMzXIyToI8JFmti+YXH014Xkn4benXhZgPHo+zHuu5+YH/aS7erefIL5nBB8qVz/Z//i/OZ7hbDH+D5PrZOP/rwy9HMDoGf+HydXpJAfn/J/dzQIAzqQBvsLX+eGwOiHAWB03mfdxn/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJDofEd+NJC3nc4Gn2b9puRzxTERcjJnk7mq9diMiLsTliJgpZemFcRcaABhQ+pekmP/r6vzz5w/mzib/KuXriPj+T9/48duL7fbDhWz/33f3l3amD6vunTfAvIIAwJDl7Xe1WO97I/9k69HSzjLK8jy+Hf8ppiJe2t56lC/dnOnIdkbM5X2Jc/9IYro4Zy4inouIqSHE33wnIj7Rq/5JPjZysZj5dH/8KGI/M9L46Qfip3led511vj4+hLLApHnvdkS82uv+S+NKvu59/8/lr1CDe3y7e7Gd177tffGni0hTPeJn9/yVfmO88JuvHdrZme/mvRPx3HSv+Mlu/OSI+M/3Gf+Pn/rMu68ckdf5WcTV6B1/f6xKu/Gg0lrfuL7aWFyprdTuV6u3Fm7deOnmi9VKPkZd2RmpPuyvL1+7cFTZsvqfOyL+XM/6z+6e+4U+6//zf7/57c/uJUsH43/p871//s/2jN+VtYlf7DP+4rlfHjl9dxZ/+Yj6H/fzv9Zn/Pf/vLHc56EAwAi01jfuLdbrtYcDbWTvQodxnUMbWRH7O3inuzhY0D/FadTihBszp/W/euob07t9xeFe+VvZFXtkpX3+kpxkIx16LQbaeDKqWON7TQJGY++mH3dJAAAAAAAAAAAAAACAo4ziT5fGXUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrv8GAAD//xxkzKw=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="020019dcf976034c3c2d74b9c5cbd40000040000000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=r0, @ANYBLOB="040000000000800008000000", @ANYRES32=r0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
open(&(0x7f0000000040)='.\x00', 0x418601, 0x8)

1.322501563s ago: executing program 3 (id=613):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000080000100000000000000000000000000008000000500000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_tracing={0x1a, 0x12, &(0x7f0000000180)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @generic={0x2, 0x9, 0xc, 0x7, 0x80000001}, @jmp={0x5, 0x0, 0x7, 0x4, 0xa, 0xffffffffffffffff, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc}, @call={0x85, 0x0, 0x0, 0x4b}], &(0x7f0000000040)='GPL\x00', 0x3, 0x31, &(0x7f0000000080)=""/49, 0x41000, 0x4, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x4, 0x8, 0xd, 0x9}, 0x10, 0x2b223, 0xffffffffffffffff, 0x4, &(0x7f0000000300)=[r0, 0x1, r0, r0, r0, r0], &(0x7f0000000340)=[{0x3, 0x1, 0xf, 0xb}, {0x2, 0x3, 0x5, 0xa}, {0x2, 0x4, 0x3, 0xc}, {0x1, 0x2, 0xb, 0xa}], 0x10, 0x1, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_UIE_ON(r2, 0x7003)
ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x16, 0x0, 0xa9, 0x0, 0xf1, 0x1})

1.283332813s ago: executing program 3 (id=614):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000002c0))
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r6, &(0x7f00000000c0)={0x0, 0x952b, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
setsockopt$inet6_opts(r6, 0x29, 0x36, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000680)='qdisc_create\x00', r7}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r8}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @timestamp, @mss={0x2, 0x10000}, @timestamp, @window={0x3, 0x1000}, @timestamp], 0x2000000000000113)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

1.205115383s ago: executing program 1 (id=615):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x6, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303, 0x37}, "475566172f000011", "bd14060000000000000092f94413582b", "a4774ec6", "15b188e5e74e13ed"}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000d4074fbf29abc21228651b8d00dd00000000000000000000000089631daba94a75bbf49984f2c73b380d4d0f74eb3c308fedbc952f4c3c5ab5278eeab0a070fa4974370d25b8dceb833cfe8e065ed1342781da828a70ca05c1e6c1a89db9931bb2ffff18e2df1103505f82c5cefd", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1d, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r6}, &(0x7f0000000000), &(0x7f00000005c0)=r7}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f0000000180)=0x6, &(0x7f00000008c0)=0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

1.123998283s ago: executing program 0 (id=616):
mbind(&(0x7f0000564000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0xffff, 0xc, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdcc90d0d672eb0fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)

997.163242ms ago: executing program 4 (id=617):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea4, '.\x00'}})
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006400)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {}, {0x5}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0xf3b6, 0x8, 0x2}, {0x4, 0x6, 0x4}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd9}}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x800)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3, 0x10, r1, 0xa2339000)

996.333612ms ago: executing program 2 (id=618):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nouid32}, {@minixdf}]}, 0x1, 0x504, &(0x7f0000000880)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0xfb, 0xc00)

939.096112ms ago: executing program 0 (id=619):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000040000000000000a20000000000a03000000040000000000070000000900010073797a30000000005c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021200011800e000100636f6e6e6c696d69740000000c00028008000140"], 0xe0}, 0x1, 0x0, 0x0, 0x1}, 0x0)

870.734632ms ago: executing program 3 (id=620):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
getrlimit(0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000280)=[&(0x7f000060e000/0x4000)=nil], &(0x7f00000002c0), &(0x7f0000000300), 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='devlink_hwerr\x00', r2}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="4269928f8f40560df121fc129f7fa9059e183fad55f96b2d3de96258b8cb8b25e1dc18962d07fc18100b68aaf18b49bc9292a04dddc89cbeff4cebdc2a28be3a973034c6fb775471177cd6ffced02e9589df5d219f7c5ffc72466d7ad21331c8b30caff162cf"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r4, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000500)={&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYBLOB="120629bd7000fbdbdf255c00000008006b005a00000008006b001c02000876006b005a000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x20000810)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffd000/0x3000)=nil)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000380)={0x6, &(0x7f0000000300)=[{0x9, 0x3, 0x2, 0x401}, {0x3, 0x4, 0x0, 0x2}, {0x400, 0xcc, 0xf8, 0x13}, {0x1, 0x7, 0x9, 0x6}, {0x7, 0x33, 0x4, 0x2}, {0x40, 0x7, 0xfa, 0xfffffff4}]}, 0x10)
lseek(r7, 0x38, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="020000dcc45c121f14461c179abe0004faff0008", @ANYRES32=r1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="02000000020000000100"/28], 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@union={0x0, 0x0, 0x0, 0x5, 0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0x8}}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
pivot_root(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)

857.624072ms ago: executing program 3 (id=621):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x20000000)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000080)={0x0, 0x1, 0x7, 0x1f, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
ioctl$TCFLSH(r1, 0x540b, 0x0)
r2 = inotify_init()
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
inotify_add_watch(r2, &(0x7f00000000c0)='.\x00', 0x5000009)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r3, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000280)='bic\x00', 0x4)
shutdown(r3, 0x1)
bind$bt_l2cap(r0, &(0x7f00000007c0)={0x1f, 0x0, @any, 0x4}, 0xe)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100)={'#! ', './file0', [{0x20, '#! '}, {}, {0x20, '\',+(%'}, {0x20, '\\{{-}\\-#'}], 0xa, "7bc9088b032a317fcc795a9ad62ba91deab6d1fcb989ac09a17fc8bf3505c708d090f382a9ad8cd380071ae44f709bf655989f1453b89421c5d7ee3c3850aa3309c8df1a6b1db2d427c689bee3c8df78"}, 0x6f)
io_setup(0x5, &(0x7f0000000000))
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x18)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000780)={'veth1_to_bridge\x00'})
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000500)={0x3a, 0xa, '\x00', [@calipso={0x7, 0x30, {0x1, 0xa, 0x2, 0x2, [0x100000001, 0x6, 0x8, 0x6, 0x1]}}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x98ea}, @enc_lim, @jumbo={0xc2, 0x4, 0x2f9}, @ra={0x5, 0x2, 0x3}, @ra={0x5, 0x2, 0x8}, @pad1, @jumbo={0xc2, 0x4, 0x1}]}, 0x60)

826.257562ms ago: executing program 4 (id=622):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x220, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000500], 0x7, 0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000011000000000000000000a22a30456b880000145b41fe69e3ffff78616d3000000000000000000000000079616d3000000000000000000000000076657468315f742f5f626f6e640000000180c20000000000000000000180c20000000800000000000000b100000067010000900100007374617469737469630000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000646e61740000060000000000ff0300000000000000000000000000000000000010000000000000000180c20000000000bb8e66505c1aa6d062c3b52cffffffff000000006e666c6f670000000000000000000000000000000000000050000000121b6eb244c4f0fffbf04a000000007e4b000022569e338e2c551c2fc4a19597ba4c501c8b1f16fb7809c40aeea768e825383d2afb577ed2bb6dd99fd43741089cca6edb0041555449540000000000000000000000000626967e000000000000000000000008000000000000200000000000000000840200"/544]}, 0x298)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008000840002400000800124040000000050005000a000000050001000600000012000300686173683a6e6574"], 0x60}}, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000140)={0xfffffffffffffffe, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x60, 0x1403, 0x100, 0x70bd2b, 0x25dfdbff, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'xfrm0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth1_vlan\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x844}, 0x54)

707.052171ms ago: executing program 2 (id=623):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = syz_io_uring_setup(0x3b, &(0x7f00000004c0)={0x0, 0x0, 0x10100, 0x1, 0x3c5}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000380)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x1, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}})
io_uring_enter(r1, 0x92, 0x1067, 0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a5000000080000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)

705.111412ms ago: executing program 4 (id=624):
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000016c0)=[{{&(0x7f00000002c0)=@isdn, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000340)}, {&(0x7f00000008c0)=""/216, 0xd8}, {&(0x7f00000009c0)=""/105, 0x69}, {&(0x7f0000001800)=""/129, 0x81}, {&(0x7f0000000380)=""/24, 0x18}], 0x5, &(0x7f0000000b80)=""/45, 0x2d}, 0x8}, {{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000bc0)=""/22, 0x16}, {&(0x7f0000000c00)=""/70, 0x46}, {&(0x7f0000000c80)=""/59, 0x3b}, {&(0x7f0000000cc0)=""/111, 0x6f}, {&(0x7f0000000d40)=""/190, 0xbe}], 0x5}, 0x4}, {{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000e80)=""/185, 0xb9}, {&(0x7f0000000f40)=""/117, 0x75}, {&(0x7f0000001ac0)=""/4096, 0x1000}], 0x3}, 0x1}, {{&(0x7f0000001000)=@caif=@rfm, 0x80, &(0x7f00000010c0)=[{&(0x7f0000001140)=""/190, 0xbe}, {&(0x7f0000001080)=""/42, 0x2a}, {&(0x7f0000001200)=""/238, 0xee}, {&(0x7f0000001300)=""/137, 0x89}], 0x4, &(0x7f00000013c0)=""/34, 0x22}, 0x2}, {{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000001400)=""/183, 0xb7}, {&(0x7f0000001540)=""/79, 0x4f}, {&(0x7f00000014c0)=""/46, 0x2e}], 0x3, &(0x7f0000001600)=""/130, 0x82}, 0x10000}], 0x5, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000003000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='sched_switch\x00', r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1370a, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000280)='./bus\x00', 0x10, 0x0)
clock_gettime(0x0, &(0x7f0000000340)={<r7=>0x0, <r8=>0x0})
nanosleep(&(0x7f0000000a40)={r7, r8+60000000}, &(0x7f0000000a80))
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000283d0020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000001500)='mm_page_alloc\x00', r9}, 0x10)
r10 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r10, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)
r11 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r11, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0xfffc, 0x2, 0x1c, {0xa, 0x0, 0x4, @dev}}, 0x24, 0x0, 0x0, &(0x7f00000000c0)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0xfc00)
chown(&(0x7f0000000040)='./file1\x00', 0xffffffffffffffff, r1)

694.788312ms ago: executing program 0 (id=625):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000080000100000000000000000000000000008000000500000000"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r5}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@version_u}]}})
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r8, @ANYRESHEX=r4], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_tracing={0x1a, 0x12, &(0x7f0000000180)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @generic={0x2, 0x9, 0xc, 0x7, 0x80000001}, @jmp={0x5, 0x0, 0x7, 0x4, 0xa, 0xffffffffffffffff, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc}, @call={0x85, 0x0, 0x0, 0x4b}], &(0x7f0000000040)='GPL\x00', 0x3, 0x31, &(0x7f0000000080)=""/49, 0x41000, 0x4, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x5, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0x8, 0xd, 0x9}, 0x10, 0x2b223, r9, 0x4, &(0x7f0000000300)=[r0, 0x1, r0, r0, r0, r0], &(0x7f0000000340)=[{0x3, 0x1, 0xf, 0xb}, {0x2, 0x3, 0x5, 0xa}, {0x2, 0x4, 0x3, 0xc}, {0x1, 0x2, 0xb, 0xa}], 0x10, 0x1, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x1c, 0xc, &(0x7f0000000600)=ANY=[@ANYRES64=r1], 0x0, 0x20000001, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x1e, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r10)
r11 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$int_in(r11, 0x5452, &(0x7f0000000280)=0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB="2c007b410ad9c857a2b64a0119ea"])
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r12}, 0x10)
r13 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_UIE_ON(r13, 0x7003)

577.908921ms ago: executing program 0 (id=626):
r0 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@empty, @in=@private=0xa010100, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x0, 0x0, 0x1d}, {0x0, 0x4, 0x4000000000003, 0x0, 0x9, 0x9, 0x0, 0x40000000000000}, {0x0, 0x1000000000, 0x53e5, 0x20}, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1}, {{@in6=@loopback, 0x0, 0x32}, 0x2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x1502, 0x4, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x4, 0x40)
accept$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x57, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, @perf_bp={0x0, 0x2}, 0x1606c, 0x80, 0x3b, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)
time(&(0x7f00000001c0))
socket$key(0xf, 0x3, 0x2)

501.260321ms ago: executing program 0 (id=627):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="01000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000008bc945dbd3f0286c37e504d88bb5736b505904846d7fabca9b36adc28a4b9afc8a0828349a414fa27d363465bd8af62d0a1bf2ed30d004208cd7959c25f0283def7c0907be940869ea70ca34b126a512bf1421e0a71f2045137afe32102c448e0924da851b2c6b97b65668e823ab34ca58ea3d06e394e0bfabb4a3de57ce4a0ed743f310a01ea245337db5062b27ba5796c19adb6a3177c7474c30e85f951c78d2d45c5c0263f316c7e36d3e641b84c1c24bdbd370c46b415e9848f6cb284be6b4dc9d80eaf3f29151a8b955fc64804fd915d6706b8e1054"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000008001400200000000000000", @ANYRES32, @ANYBLOB="0001000000000000000000000000000004", @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x10, 0x80010, r5, 0x1000)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000340), 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2711, @my=0x1}, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r7)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r8, 0x1, 0x0, 0x0, {0x3, 0x74, 0x600}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6gre0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x26000000}]}, 0x30}, 0x1, 0xffffffff00000003}, 0x0)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), 0xffffffffffffffff)
r10 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r10, 0x402, 0x29)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
r13 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r13, &(0x7f0000002f40)=""/4098, 0x1002)
sendmsg$IEEE802154_ASSOCIATE_RESP(r6, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0x1c, r9, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_STATUS={0x5, 0x3, 0x2e}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x10)

0s ago: executing program 3 (id=628):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3c9vI1cdAPDveOPd7G62SYEDVGoptGi3grWThrYRh1IkBKdKiHJfQuJEUZw4ip12E1WQ/QuQEAIkTnDhgsQfgIRW4sIRIVWCM0hFIARbkOAAHTT2OAnOOPEWb5x1Ph9pdt6bX9/v8+aNZ+yncQAX1rMR8VpEvJ+m6QsRMZ0vL0VEkhX2O1O23XsP3l7KpiTS9I2/Ju31Wb17rCSfX893m4yIr3454hvJ8bjN3b31xXq9tp3Xq62NrWpzd+/22sbiam21tjk/P/fywisLLy3MDqWdNyLi1S/+8Xvf/smXXv3FZ976w50/3/pmltZUvv5oOx7SxEkrO00vX5ns2WH7AwY7j7L2lLuVq4Ptc+8R5gMAQH/Zdf6HIuKTEfFCTMelky9nAQAAgMdQ+vmp+HcSkRa73Gc5AAAA8BgptcfAJqVKPhZgKkqlSqUzhvcjca1UbzRbn15p7Gwud8bKzkS5tLJWr83mY4Vnopxk9bl2+bD+Yk99PiKejIjvTl9t1ytLjfryqD/8AAAAgAvies/9/z+mO/f/AAAAwJiZGXUCAAAAwCPn/h8AAADGn/t/AAAAGGtfef31bEq7v3+9/ObuznrjzdvLteZ6ZWNnqbLU2N6qrDYaq+1n9m2cdrx6o7H12djcuVtt1ZqtanN3785GY2ezdWctJs+kQQAAAMAxT378/u+SiNj/3NX2lLk86qSAMzFxUEryeUHv//0Tnfm7Z5QUcCYuDbDNu1eKl7tOgMfbRO+CPn0dGD/lUScAjFxyyvq+g3d+nc8/Mdx8AACA4bv5seLv/0un7rl/+ibAuaYTw8XV8/1/Oj2qRIAz1/7+f9CBPC4WYKyUBxoBCIyz//v7/1Ol6UMlBAAADN1Ue0pKlfzjvakolSqViBvtnwUoJytr9dpsRDwREb+dLl/J6nPtPZNT7xkAAAAAAAAAAAAAAAAAAAAAAAAAgI40TSIFAAAAxlpE6U/JLzvP8r85/fxU7+cDl5N/tX8S+HJEvPXDN75/d7HV2p7Llv/tYHnrB/nyF0fxCQYAAADQq3uf3p7/c9TZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBu3nvw9lJ3GmDzq8OK+5cvRMRMUfyJmGzPJ6McEdf+nsTEkf2SiLg0hPj79yLio0Xxkyytg5BF8YfxIpwSP2byV6Eo/vUhxIeL7H52/nmtqP+V4tn2vLj/TUT8T/2D6n/+i4Pz36U+/f/GgDGeeudn1b7x70U8NVF8/unGT/rEf27A+F//2t5ev3XpjyJudt9/2me8oxEOS9XWxla1ubt3e21jcbW2Wtucn597eeGVhZcWZqsra/Va/m9hjO88/fP3T2r/tcL3vyTPpn/7ny84XtF70n/eufvgw93K/vH4t54riP+rH+dbHI9fyuN8Ki9n6292y/ud8lHP/PQ3z5zU/uXD9pcf5v//Vr+D9jrWUZ4e9E8HAHgEmrt764v1em17bAvZXfo5SEPhHBa+NdQDpmmaZn2qYNX9iBjkOEkMuaWl4nwOC33PAKM+MwEAAMN2eNE/6kwAAAAAAAAAAAAAAAAAAADg4jqLp6z1xjx8BHIyjEdoAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMxX8DAAD//5Fw0/k=")

kernel console output (not intermixed with test programs):

tries to fit new maximum fragment MTU (-320)
[   34.929242][ T3511] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   34.940130][ T3511] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   34.950950][ T3511] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   34.961985][ T3511] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   34.972785][ T3511] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   34.983638][ T3511] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   34.994537][ T3511] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   35.024507][ T3461] syz.0.1 (3461) used greatest stack depth: 10536 bytes left
[   35.110830][ T3524] loop3: detected capacity change from 0 to 512
[   35.127063][ T3527] loop0: detected capacity change from 0 to 512
[   35.136389][ T3524] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   35.155845][ T3527] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   35.170954][ T3524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.269961][ T3524] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.24: corrupted inode contents
[   35.282714][ T3524] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.24: mark_inode_dirty error
[   35.291242][ T3527] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.307820][ T3524] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.24: corrupted inode contents
[   35.350260][ T3527] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.22: corrupted inode contents
[   35.367844][ T3527] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.22: mark_inode_dirty error
[   35.384062][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.393363][ T3527] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.22: corrupted inode contents
[   35.475778][ T3536] loop3: detected capacity change from 0 to 512
[   35.491882][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.512356][ T3536] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   35.540444][ T3536] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.601053][ T3536] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.25: corrupted inode contents
[   35.742276][ T3536] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.25: mark_inode_dirty error
[   35.816046][ T3536] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.25: corrupted inode contents
[   36.020341][ T3536] syz.3.25 (3536) used greatest stack depth: 10376 bytes left
[   36.063979][ T3550] loop4: detected capacity change from 0 to 8192
[   36.109137][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.188662][ T3558] netlink: 8 bytes leftover after parsing attributes in process `syz.3.30'.
[   36.432008][ T3568] loop2: detected capacity change from 0 to 512
[   36.452712][ T3568] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   36.491934][ T3568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.533722][ T3568] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.36: corrupted inode contents
[   36.558647][ T3575] loop1: detected capacity change from 0 to 512
[   36.561485][ T3568] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #2: comm syz.2.36: mark_inode_dirty error
[   36.578048][ T3575] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   36.618563][ T3568] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.36: corrupted inode contents
[   36.638949][ T3575] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.708822][ T3575] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #2: comm syz.1.38: corrupted inode contents
[   36.722838][ T3575] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #2: comm syz.1.38: mark_inode_dirty error
[   36.749761][ T3575] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #2: comm syz.1.38: corrupted inode contents
[   36.770842][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.792983][ T3586] loop4: detected capacity change from 0 to 512
[   36.814794][ T3586] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   36.831540][ T3586] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.834499][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.864714][ T3586] EXT4-fs error (device loop4): ext4_do_update_inode:5153: inode #2: comm syz.4.41: corrupted inode contents
[   36.901337][ T3592] loop1: detected capacity change from 0 to 512
[   36.908438][ T3592] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   36.918820][ T3586] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #2: comm syz.4.41: mark_inode_dirty error
[   36.935996][ T3592] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.949899][ T3586] EXT4-fs error (device loop4): ext4_do_update_inode:5153: inode #2: comm syz.4.41: corrupted inode contents
[   36.956313][ T3592] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #2: comm syz.1.42: corrupted inode contents
[   36.978773][ T3592] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #2: comm syz.1.42: mark_inode_dirty error
[   37.001044][ T3592] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #2: comm syz.1.42: corrupted inode contents
[   37.024179][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.029888][ T3600] loop0: detected capacity change from 0 to 512
[   37.049824][ T3600] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   37.060790][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.071321][ T3598] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.094392][ T3600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.115351][ T3600] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.44: corrupted inode contents
[   37.131024][ T3600] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.44: mark_inode_dirty error
[   37.142966][ T3600] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.44: corrupted inode contents
[   37.172799][ T3608] netlink: 4 bytes leftover after parsing attributes in process `syz.4.45'.
[   37.192033][ T3598] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.202597][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.225726][ T3611] loop0: detected capacity change from 0 to 512
[   37.233046][ T3611] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   37.261672][ T3611] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.277698][ T3611] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.47: corrupted inode contents
[   37.291048][ T3611] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.47: mark_inode_dirty error
[   37.292365][ T3598] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.303068][ T3611] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.47: corrupted inode contents
[   37.356344][ T3614] loop1: detected capacity change from 0 to 128
[   37.372161][ T3614] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   37.380111][ T3614] FAT-fs (loop1): Filesystem has been set read-only
[   37.507360][ T3598] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.578649][ T3598] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   37.592981][ T3598] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   37.608390][ T3598] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   37.668179][ T3598] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   37.792947][ T3618] netlink: 16 bytes leftover after parsing attributes in process `syz.3.50'.
[   37.802800][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.823100][   T29] kauditd_printk_skb: 248 callbacks suppressed
[   37.823116][   T29] audit: type=1400 audit(1737024507.389:368): avc:  denied  { write } for  pid=3617 comm="syz.3.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   37.851193][   T29] audit: type=1400 audit(1737024507.419:369): avc:  denied  { read } for  pid=3617 comm="syz.3.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   37.851768][ T3618] process 'syz.3.50' launched './file1' with NULL argv: empty string added
[   37.872456][   T29] audit: type=1400 audit(1737024507.419:370): avc:  denied  { execute } for  pid=3617 comm="syz.3.50" name="file1" dev="tmpfs" ino=70 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   37.902622][   T29] audit: type=1400 audit(1737024507.449:371): avc:  denied  { execute_no_trans } for  pid=3617 comm="syz.3.50" path="/10/file1" dev="tmpfs" ino=70 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   37.971468][ T3621] loop0: detected capacity change from 0 to 512
[   37.984191][   T29] audit: type=1326 audit(1737024507.549:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3622 comm="syz.4.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   37.984729][ T3621] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   38.007884][   T29] audit: type=1326 audit(1737024507.549:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3622 comm="syz.4.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   38.040721][   T29] audit: type=1326 audit(1737024507.549:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3622 comm="syz.4.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   38.040843][ T3624] loop3: detected capacity change from 0 to 8192
[   38.063998][   T29] audit: type=1326 audit(1737024507.549:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3622 comm="syz.4.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   38.064032][   T29] audit: type=1326 audit(1737024507.549:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3622 comm="syz.4.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   38.110707][ T3621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.117033][   T29] audit: type=1326 audit(1737024507.589:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3622 comm="syz.4.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   38.185524][ T3621] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.48: corrupted inode contents
[   38.215913][ T3621] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.48: mark_inode_dirty error
[   38.261752][ T3621] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.48: corrupted inode contents
[   38.286705][ T3635] loop3: detected capacity change from 0 to 512
[   38.334179][ T3635] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   38.351469][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.352456][ T3635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.393914][ T3637] loop4: detected capacity change from 0 to 2048
[   38.462304][ T3643] loop1: detected capacity change from 0 to 512
[   38.469044][ T3643] EXT4-fs: Ignoring removed i_version option
[   38.488434][ T3643] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   38.501642][ T3643] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   38.514355][ T3637] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.547886][ T3635] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.56: corrupted inode contents
[   38.566653][ T3637] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[   38.579042][ T3637] EXT4-fs (loop4): This should not happen!! Data will be lost
[   38.579042][ T3637] 
[   38.588721][ T3637] EXT4-fs (loop4): Total free blocks count 0
[   38.594729][ T3637] EXT4-fs (loop4): Free/Dirty block details
[   38.600666][ T3637] EXT4-fs (loop4): free_blocks=0
[   38.605617][ T3637] EXT4-fs (loop4): dirty_blocks=0
[   38.610716][ T3637] EXT4-fs (loop4): Block reservation details
[   38.616720][ T3637] EXT4-fs (loop4): i_reserved_data_blocks=0
[   38.632743][ T3643] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2863: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   38.645876][ T3643] EXT4-fs (loop1): 1 truncate cleaned up
[   38.652282][ T3643] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.692472][ T3635] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.56: mark_inode_dirty error
[   38.736254][ T3635] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.56: corrupted inode contents
[   38.856449][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.866436][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.919112][ T3660] loop4: detected capacity change from 0 to 1024
[   38.944524][ T3662] FAULT_INJECTION: forcing a failure.
[   38.944524][ T3662] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   38.958120][ T3662] CPU: 0 UID: 0 PID: 3662 Comm: +}[@ Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   38.968314][ T3662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   38.978394][ T3662] Call Trace:
[   38.981827][ T3662]  <TASK>
[   38.984780][ T3662]  dump_stack_lvl+0xf2/0x150
[   38.989411][ T3662]  dump_stack+0x15/0x1a
[   38.993592][ T3662]  should_fail_ex+0x223/0x230
[   38.998300][ T3662]  should_fail_alloc_page+0xfd/0x110
[   39.003746][ T3662]  __alloc_pages_noprof+0x109/0x340
[   39.008987][ T3662]  alloc_pages_mpol_noprof+0xb8/0x260
[   39.014394][ T3662]  vma_alloc_folio_noprof+0x1a0/0x2f0
[   39.019862][ T3662]  handle_mm_fault+0xdd7/0x2ac0
[   39.024803][ T3662]  exc_page_fault+0x296/0x650
[   39.029525][ T3662]  ? pagemap_pte_hole+0x24c/0x280
[   39.034649][ T3662]  asm_exc_page_fault+0x26/0x30
[   39.039537][ T3662] RIP: 0010:rep_movs_alternative+0x4a/0x70
[   39.045510][ T3662] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[   39.065311][ T3662] RSP: 0018:ffffc9000fc67d58 EFLAGS: 00050206
[   39.071418][ T3662] RAX: ffff888104dc5cf8 RBX: 0000000020004240 RCX: 0000000000000240
[   39.079512][ T3662] RDX: 0000000000000000 RSI: ffff8881182b9dc0 RDI: 0000000020004000
[   39.087667][ T3662] RBP: 0000000000001000 R08: 0000000080000000 R09: 0000000000000000
[   39.095733][ T3662] R10: 00018881182b9000 R11: 00018881182b9fff R12: 0000000000001000
[   39.103751][ T3662] R13: 00007ffffffff000 R14: 0000000020003240 R15: ffff8881182b9000
[   39.111754][ T3662]  _copy_to_user+0x7c/0xa0
[   39.116331][ T3662]  pagemap_read+0x3af/0x610
[   39.120938][ T3662]  ? __pfx_pagemap_read+0x10/0x10
[   39.125993][ T3662]  vfs_read+0x1a2/0x700
[   39.130250][ T3662]  ? __fget_files+0x17c/0x1c0
[   39.134970][ T3662]  ? __rcu_read_unlock+0x4e/0x70
[   39.140002][ T3662]  ? __fget_files+0x17c/0x1c0
[   39.144788][ T3662]  __x64_sys_pread64+0xf6/0x150
[   39.149735][ T3662]  x64_sys_call+0x26ee/0x2dc0
[   39.154456][ T3662]  do_syscall_64+0xc9/0x1c0
[   39.158982][ T3662]  ? clear_bhb_loop+0x55/0xb0
[   39.163687][ T3662]  ? clear_bhb_loop+0x55/0xb0
[   39.168404][ T3662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.174478][ T3662] RIP: 0033:0x7f290a305d29
[   39.178919][ T3662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.198604][ T3662] RSP: 002b:00007f2908977038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[   39.207161][ T3662] RAX: ffffffffffffffda RBX: 00007f290a4f5fa0 RCX: 00007f290a305d29
[   39.215153][ T3662] RDX: 0000000000200000 RSI: 0000000020001240 RDI: 0000000000000005
[   39.223148][ T3662] RBP: 00007f2908977090 R08: 0000000000000000 R09: 0000000000000000
[   39.231142][ T3662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.239181][ T3662] R13: 0000000000000000 R14: 00007f290a4f5fa0 R15: 00007ffd63197bc8
[   39.247224][ T3662]  </TASK>
[   39.305840][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.547296][ T3680] syz.1.71 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   39.585487][ T3680] loop1: detected capacity change from 0 to 512
[   39.594624][ T3681] loop4: detected capacity change from 0 to 128
[   39.606727][ T3681] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   39.614703][ T3681] FAT-fs (loop4): Filesystem has been set read-only
[   39.811642][ T3680] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.944801][ T3680] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.033902][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.099554][ T3692] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   40.134266][ T3694] netlink: 8 bytes leftover after parsing attributes in process `syz.2.74'.
[   40.236083][ T3700] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[   40.375851][ T3714] loop2: detected capacity change from 0 to 512
[   40.400098][ T3714] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   40.425136][ T3714] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.467056][ T3714] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.82: corrupted inode contents
[   40.493681][ T3716] loop4: detected capacity change from 0 to 8192
[   40.505927][ T3724] netlink: 8 bytes leftover after parsing attributes in process `syz.3.86'.
[   40.518115][ T3714] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #2: comm syz.2.82: mark_inode_dirty error
[   40.524707][ T3726] netlink: 40 bytes leftover after parsing attributes in process `syz.0.87'.
[   40.545538][ T3714] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.82: corrupted inode contents
[   40.558353][ T3726] FAULT_INJECTION: forcing a failure.
[   40.558353][ T3726] name failslab, interval 1, probability 0, space 0, times 1
[   40.571053][ T3726] CPU: 1 UID: 0 PID: 3726 Comm: syz.0.87 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   40.581716][ T3726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   40.592146][ T3726] Call Trace:
[   40.595458][ T3726]  <TASK>
[   40.598576][ T3726]  dump_stack_lvl+0xf2/0x150
[   40.603328][ T3726]  dump_stack+0x15/0x1a
[   40.607524][ T3726]  should_fail_ex+0x223/0x230
[   40.612298][ T3726]  should_failslab+0x8f/0xb0
[   40.616900][ T3726]  kmem_cache_alloc_noprof+0x52/0x320
[   40.622462][ T3726]  ? skb_clone+0x154/0x1f0
[   40.626891][ T3726]  skb_clone+0x154/0x1f0
[   40.631144][ T3726]  __netlink_deliver_tap+0x2bd/0x4f0
[   40.636519][ T3726]  netlink_unicast+0x64a/0x670
[   40.641305][ T3726]  netlink_sendmsg+0x5cc/0x6e0
[   40.646130][ T3726]  ? __pfx_netlink_sendmsg+0x10/0x10
[   40.651426][ T3726]  __sock_sendmsg+0x140/0x180
[   40.656114][ T3726]  ____sys_sendmsg+0x312/0x410
[   40.660958][ T3726]  __sys_sendmsg+0x19d/0x230
[   40.665682][ T3726]  __x64_sys_sendmsg+0x46/0x50
[   40.670602][ T3726]  x64_sys_call+0x2734/0x2dc0
[   40.675300][ T3726]  do_syscall_64+0xc9/0x1c0
[   40.679818][ T3726]  ? clear_bhb_loop+0x55/0xb0
[   40.684497][ T3726]  ? clear_bhb_loop+0x55/0xb0
[   40.689200][ T3726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.695205][ T3726] RIP: 0033:0x7fd680b35d29
[   40.699616][ T3726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.719226][ T3726] RSP: 002b:00007fd67f1a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.727666][ T3726] RAX: ffffffffffffffda RBX: 00007fd680d25fa0 RCX: 00007fd680b35d29
[   40.735639][ T3726] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[   40.743633][ T3726] RBP: 00007fd67f1a7090 R08: 0000000000000000 R09: 0000000000000000
[   40.751675][ T3726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.759736][ T3726] R13: 0000000000000000 R14: 00007fd680d25fa0 R15: 00007ffd90a81bd8
[   40.767829][ T3726]  </TASK>
[   40.790006][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.815596][ T3734] loop3: detected capacity change from 0 to 512
[   40.822151][ T3734] =======================================================
[   40.822151][ T3734] WARNING: The mand mount option has been deprecated and
[   40.822151][ T3734]          and is ignored by this kernel. Remove the mand
[   40.822151][ T3734]          option from the mount to silence this warning.
[   40.822151][ T3734] =======================================================
[   40.857127][ T3734] EXT4-fs: Ignoring removed nobh option
[   40.862793][ T3734] EXT4-fs: Ignoring removed mblk_io_submit option
[   40.895845][ T3734] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.961176][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.023663][ T3758] netlink: 'syz.1.92': attribute type 4 has an invalid length.
[   41.035464][ T3757] loop2: detected capacity change from 0 to 8192
[   41.126261][ T3761] netlink: 8 bytes leftover after parsing attributes in process `syz.4.100'.
[   41.160346][ T3769] FAULT_INJECTION: forcing a failure.
[   41.160346][ T3769] name failslab, interval 1, probability 0, space 0, times 0
[   41.173148][ T3769] CPU: 1 UID: 0 PID: 3769 Comm: syz.4.104 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   41.183759][ T3769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   41.193903][ T3769] Call Trace:
[   41.197194][ T3769]  <TASK>
[   41.200174][ T3769]  dump_stack_lvl+0xf2/0x150
[   41.204791][ T3769]  dump_stack+0x15/0x1a
[   41.208995][ T3769]  should_fail_ex+0x223/0x230
[   41.213690][ T3769]  should_failslab+0x8f/0xb0
[   41.218301][ T3769]  kmem_cache_alloc_noprof+0x52/0x320
[   41.223728][ T3769]  ? hashtab_duplicate+0x10f/0x370
[   41.228858][ T3769]  ? kmemdup_noprof+0x45/0x60
[   41.233672][ T3769]  hashtab_duplicate+0x10f/0x370
[   41.238624][ T3769]  ? __pfx_cond_bools_copy+0x10/0x10
[   41.244034][ T3769]  ? __pfx_cond_bools_destroy+0x10/0x10
[   41.249656][ T3769]  cond_policydb_dup+0xdb/0x710
[   41.254534][ T3769]  ? __kmalloc_node_track_caller_noprof+0x1e4/0x410
[   41.261149][ T3769]  ? security_set_bools+0x8b/0x350
[   41.266485][ T3769]  security_set_bools+0xa8/0x350
[   41.271439][ T3769]  ? sel_commit_bools_write+0x164/0x260
[   41.277009][ T3769]  sel_commit_bools_write+0x1de/0x260
[   41.282406][ T3769]  vfs_writev+0x3fb/0x880
[   41.286784][ T3769]  ? __pfx_sel_commit_bools_write+0x10/0x10
[   41.292753][ T3769]  ? mutex_lock+0xd/0x40
[   41.297098][ T3769]  do_writev+0xf4/0x220
[   41.301267][ T3769]  __x64_sys_writev+0x45/0x50
[   41.305973][ T3769]  x64_sys_call+0x1fab/0x2dc0
[   41.310711][ T3769]  do_syscall_64+0xc9/0x1c0
[   41.315309][ T3769]  ? clear_bhb_loop+0x55/0xb0
[   41.320108][ T3769]  ? clear_bhb_loop+0x55/0xb0
[   41.324804][ T3769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.330878][ T3769] RIP: 0033:0x7f290a305d29
[   41.335298][ T3769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.355045][ T3769] RSP: 002b:00007f2908977038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   41.363467][ T3769] RAX: ffffffffffffffda RBX: 00007f290a4f5fa0 RCX: 00007f290a305d29
[   41.371443][ T3769] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000006
[   41.379438][ T3769] RBP: 00007f2908977090 R08: 0000000000000000 R09: 0000000000000000
[   41.387473][ T3769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   41.395448][ T3769] R13: 0000000000000000 R14: 00007f290a4f5fa0 R15: 00007ffd63197bc8
[   41.403484][ T3769]  </TASK>
[   41.408631][ T3772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.103'.
[   41.470920][ T3778] syz.4.108[3778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.471025][ T3778] syz.4.108[3778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.491212][ T3780] loop0: detected capacity change from 0 to 512
[   41.510566][ T3782] loop4: detected capacity change from 0 to 512
[   41.517409][ T3782] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   41.522465][ T3780] EXT4-fs: Ignoring removed oldalloc option
[   41.531236][ T3782] EXT4-fs (loop4): 1 truncate cleaned up
[   41.539908][ T3782] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.559793][ T3780] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.109: Parent and EA inode have the same ino 15
[   41.572456][ T3780] EXT4-fs (loop0): Remounting filesystem read-only
[   41.579084][ T3780] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   41.589619][ T3780] EXT4-fs (loop0): 1 orphan inode deleted
[   41.595671][ T3780] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.608063][ T3780] SELinux: (dev loop0, type ext4) getxattr errno 5
[   41.614922][ T3780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.642045][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.670454][ T3789] netlink: 24 bytes leftover after parsing attributes in process `syz.4.111'.
[   41.681887][ T3789] netlink: 40 bytes leftover after parsing attributes in process `syz.4.111'.
[   41.825969][ T3798] netlink: 8 bytes leftover after parsing attributes in process `syz.4.115'.
[   41.916502][ T3804] net_ratelimit: 11 callbacks suppressed
[   41.916526][ T3804] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   42.000655][ T3812] loop1: detected capacity change from 0 to 512
[   42.012421][ T3814] loop2: detected capacity change from 0 to 512
[   42.031782][ T3814] EXT4-fs: Ignoring removed i_version option
[   42.037820][ T3814] EXT4-fs: Ignoring removed mblk_io_submit option
[   42.050168][ T3814] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   42.070836][ T3814] EXT4-fs (loop2): 1 truncate cleaned up
[   42.071161][ T3814] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.084233][ T3814] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   42.090709][ T3814] netlink: 12 bytes leftover after parsing attributes in process `syz.2.122'.
[   42.097818][ T3812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.097890][ T3812] ext4 filesystem being mounted at /17/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   42.231331][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.242086][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.253163][ T3831] netlink: 16 bytes leftover after parsing attributes in process `syz.0.127'.
[   42.357236][ T3836] devtmpfs: Unknown parameter 'posixacl'
[   42.365240][ T3836] loop0: detected capacity change from 0 to 128
[   42.411523][ T3836] syz.0.127: attempt to access beyond end of device
[   42.411523][ T3836] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   42.424948][ T3836] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   42.433694][ T3836] syz.0.127: attempt to access beyond end of device
[   42.433694][ T3836] loop0: rw=2049, sector=129, nr_sectors = 1 limit=128
[   42.447666][ T3836] Buffer I/O error on dev loop0, logical block 129, lost async page write
[   42.456732][ T3836] syz.0.127: attempt to access beyond end of device
[   42.456732][ T3836] loop0: rw=2049, sector=130, nr_sectors = 1 limit=128
[   42.470223][ T3836] Buffer I/O error on dev loop0, logical block 130, lost async page write
[   42.479283][ T3837] syz.2.126[3837] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.479485][ T3837] syz.2.126[3837] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.490816][ T3837] syz.2.126[3837] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.740637][ T3855] syz.1.131[3855] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.752501][ T3855] syz.1.131[3855] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.763942][ T3855] syz.1.131[3855] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.777010][ T3855] rdma_op ffff888117e9a580 conn xmit_rdma 0000000000000000
[   42.950958][ T3862] loop3: detected capacity change from 0 to 512
[   42.967041][ T3862] audit_log_lost: 542 callbacks suppressed
[   42.967058][ T3862] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[   42.980702][ T3862] audit: out of memory in audit_log_start
[   42.996543][   T29] audit: type=1400 audit(1737024512.529:918): avc:  denied  { associate } for  pid=3861 comm="syz.3.133" name="27" dev="tmpfs" ino=155 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[   43.024775][   T29] audit: type=1400 audit(1737024512.559:919): avc:  denied  { remove_name } for  pid=3299 comm="syz-executor" name="cgroup" dev="tmpfs" ino=156 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   43.051707][   T29] audit: type=1400 audit(1737024512.559:920): avc:  denied  { unlink } for  pid=3299 comm="syz-executor" name="cgroup.stat" dev="tmpfs" ino=160 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   43.074909][   T29] audit: type=1400 audit(1737024512.559:921): avc:  denied  { rmdir } for  pid=3299 comm="syz-executor" name="27" dev="tmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   43.166596][ T3866] loop4: detected capacity change from 0 to 512
[   43.173495][ T3866] EXT4-fs: Ignoring removed i_version option
[   43.199333][ T3866] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   43.242741][ T3866] EXT4-fs (loop4): 1 truncate cleaned up
[   43.249246][ T3866] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.281442][   T29] audit: type=1400 audit(1737024512.839:922): avc:  denied  { read } for  pid=3868 comm="syz.2.135" laddr=ff02::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.334755][ T3869] loop2: detected capacity change from 0 to 512
[   43.415624][ T3869] EXT4-fs: inline encryption not supported
[   43.490627][ T3873] netlink: 'syz.3.134': attribute type 4 has an invalid length.
[   43.541319][ T3875] loop0: detected capacity change from 0 to 128
[   43.554316][ T3875] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   43.582029][   T29] audit: type=1400 audit(1737024513.149:923): avc:  denied  { remount } for  pid=3874 comm="syz.0.136" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   43.606605][   T29] audit: type=1400 audit(1737024513.169:924): avc:  denied  { write } for  pid=3874 comm="syz.0.136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   43.625814][   T29] audit: type=1400 audit(1737024513.169:925): avc:  denied  { create } for  pid=3877 comm="syz.1.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   43.645306][ T3869] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   43.657096][ T3869] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[   43.667292][ T3869] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.135: Corrupt directory, running e2fsck is recommended
[   43.681409][ T3869] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   43.690794][ T3869] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.135: corrupted in-inode xattr: invalid ea_ino
[   43.741983][ T3869] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.135: couldn't read orphan inode 15 (err -117)
[   43.754550][ T3869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.810972][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.821507][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.081709][ T3895] netlink: 'syz.3.143': attribute type 4 has an invalid length.
[   44.514391][ T3898] loop0: detected capacity change from 0 to 8192
[   44.619579][ T3909] FAULT_INJECTION: forcing a failure.
[   44.619579][ T3909] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   44.632759][ T3909] CPU: 1 UID: 0 PID: 3909 Comm: syz.1.148 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   44.643432][ T3909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   44.653678][ T3909] Call Trace:
[   44.657063][ T3909]  <TASK>
[   44.660040][ T3909]  dump_stack_lvl+0xf2/0x150
[   44.664751][ T3909]  dump_stack+0x15/0x1a
[   44.668999][ T3909]  should_fail_ex+0x223/0x230
[   44.673773][ T3909]  should_fail+0xb/0x10
[   44.677957][ T3909]  should_fail_usercopy+0x1a/0x20
[   44.683097][ T3909]  _copy_from_iter+0xd5/0xd00
[   44.687867][ T3909]  ? kmalloc_reserve+0x16e/0x190
[   44.692942][ T3909]  ? __build_skb_around+0x196/0x1f0
[   44.698229][ T3909]  ? __alloc_skb+0x21f/0x310
[   44.702844][ T3909]  ? __virt_addr_valid+0x1ed/0x250
[   44.708001][ T3909]  ? __check_object_size+0x364/0x520
[   44.713306][ T3909]  netlink_sendmsg+0x460/0x6e0
[   44.718617][ T3909]  ? __pfx_netlink_sendmsg+0x10/0x10
[   44.724003][ T3909]  __sock_sendmsg+0x140/0x180
[   44.728742][ T3909]  ____sys_sendmsg+0x312/0x410
[   44.733538][ T3909]  __sys_sendmsg+0x19d/0x230
[   44.738157][ T3909]  __x64_sys_sendmsg+0x46/0x50
[   44.743005][ T3909]  x64_sys_call+0x2734/0x2dc0
[   44.747728][ T3909]  do_syscall_64+0xc9/0x1c0
[   44.752280][ T3909]  ? clear_bhb_loop+0x55/0xb0
[   44.757011][ T3909]  ? clear_bhb_loop+0x55/0xb0
[   44.761699][ T3909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.767796][ T3909] RIP: 0033:0x7fdb859a5d29
[   44.772285][ T3909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.791921][ T3909] RSP: 002b:00007fdb84017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   44.800501][ T3909] RAX: ffffffffffffffda RBX: 00007fdb85b95fa0 RCX: 00007fdb859a5d29
[   44.808479][ T3909] RDX: 0000000000000000 RSI: 00000000200074c0 RDI: 0000000000000003
[   44.816488][ T3909] RBP: 00007fdb84017090 R08: 0000000000000000 R09: 0000000000000000
[   44.824599][ T3909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.832646][ T3909] R13: 0000000000000000 R14: 00007fdb85b95fa0 R15: 00007ffe404c2f08
[   44.840772][ T3909]  </TASK>
[   44.874634][ T3911] loop0: detected capacity change from 0 to 256
[   44.907694][ T3911] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   44.969894][ T3915] ip6gretap0: entered promiscuous mode
[   45.006196][ T3915] loop1: detected capacity change from 0 to 512
[   45.026928][ T3915] EXT4-fs (loop1): corrupt root inode, run e2fsck
[   45.040180][ T3915] EXT4-fs (loop1): mount failed
[   45.089188][ T3920] netlink: zone id is out of range
[   45.157276][ T3932] loop2: detected capacity change from 0 to 1024
[   45.169871][ T3932] EXT4-fs: Ignoring removed orlov option
[   45.190410][ T3932] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.230743][ T3930] netlink: 'syz.3.156': attribute type 4 has an invalid length.
[   45.303935][ T3943] loop0: detected capacity change from 0 to 128
[   45.363047][ T3948] loop1: detected capacity change from 0 to 1024
[   45.399648][ T3943] FAULT_INJECTION: forcing a failure.
[   45.399648][ T3943] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   45.413048][ T3943] CPU: 0 UID: 0 PID: 3943 Comm: syz.0.158 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   45.423715][ T3943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   45.433865][ T3943] Call Trace:
[   45.437249][ T3943]  <TASK>
[   45.440206][ T3943]  dump_stack_lvl+0xf2/0x150
[   45.444894][ T3943]  dump_stack+0x15/0x1a
[   45.449109][ T3943]  should_fail_ex+0x223/0x230
[   45.453849][ T3943]  should_fail_alloc_page+0xfd/0x110
[   45.459213][ T3943]  __alloc_pages_noprof+0x109/0x340
[   45.464486][ T3943]  alloc_pages_mpol_noprof+0xb8/0x260
[   45.469924][ T3943]  folio_alloc_noprof+0xee/0x130
[   45.475017][ T3943]  filemap_alloc_folio_noprof+0x69/0x220
[   45.480730][ T3943]  __filemap_get_folio+0x298/0x5b0
[   45.485941][ T3943]  cont_write_begin+0x512/0x860
[   45.490832][ T3943]  fat_write_begin+0x51/0xe0
[   45.495519][ T3943]  ? __pfx_fat_get_block+0x10/0x10
[   45.500680][ T3943]  generic_perform_write+0x1a8/0x4a0
[   45.506054][ T3943]  __generic_file_write_iter+0xec/0x120
[   45.511661][ T3943]  generic_file_write_iter+0x77/0x1c0
[   45.517126][ T3943]  do_iter_readv_writev+0x394/0x450
[   45.522360][ T3943]  vfs_writev+0x2d4/0x880
[   45.526760][ T3943]  ? proc_fail_nth_write+0x12a/0x150
[   45.532080][ T3943]  __se_sys_pwritev2+0x100/0x1c0
[   45.537147][ T3943]  __x64_sys_pwritev2+0x78/0x90
[   45.542035][ T3943]  x64_sys_call+0x2afe/0x2dc0
[   45.546774][ T3943]  do_syscall_64+0xc9/0x1c0
[   45.551300][ T3943]  ? clear_bhb_loop+0x55/0xb0
[   45.556080][ T3943]  ? clear_bhb_loop+0x55/0xb0
[   45.560854][ T3943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.567057][ T3943] RIP: 0033:0x7fd680b35d29
[   45.571526][ T3943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.591215][ T3943] RSP: 002b:00007fd67f1a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   45.599656][ T3943] RAX: ffffffffffffffda RBX: 00007fd680d25fa0 RCX: 00007fd680b35d29
[   45.607654][ T3943] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000008
[   45.615651][ T3943] RBP: 00007fd67f1a7090 R08: 0000000000000000 R09: 0000000000000000
[   45.623753][ T3943] R10: 0000000000001400 R11: 0000000000000246 R12: 0000000000000002
[   45.631755][ T3943] R13: 0000000000000000 R14: 00007fd680d25fa0 R15: 00007ffd90a81bd8
[   45.639752][ T3943]  </TASK>
[   45.644227][ T3948] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.656703][ T3943] syz.0.158: attempt to access beyond end of device
[   45.656703][ T3943] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   45.670122][ T3943] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   45.678839][ T3943] syz.0.158: attempt to access beyond end of device
[   45.678839][ T3943] loop0: rw=2049, sector=129, nr_sectors = 40 limit=128
[   45.726641][ T3956] capability: warning: `syz.3.162' uses deprecated v2 capabilities in a way that may be insecure
[   45.835736][ T3963] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   45.860279][ T3961] __nla_validate_parse: 6 callbacks suppressed
[   45.860299][ T3961] netlink: 268 bytes leftover after parsing attributes in process `syz.0.164'.
[   45.875609][ T3961] unsupported nla_type 65024
[   46.113559][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.148598][ T3969] loop2: detected capacity change from 0 to 256
[   46.270743][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.522597][ T3986] loop4: detected capacity change from 0 to 8192
[   46.589650][ T3990] netlink: 8 bytes leftover after parsing attributes in process `syz.2.172'.
[   46.988315][ T4002] loop4: detected capacity change from 0 to 128
[   47.052441][ T4002] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   47.060397][ T4002] FAT-fs (loop4): Filesystem has been set read-only
[   47.230015][ T3997] loop3: detected capacity change from 0 to 8192
[   47.495305][ T4004] loop2: detected capacity change from 0 to 2048
[   47.549154][ T4004] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.637208][ T4012] capability: warning: `syz.2.178' uses 32-bit capabilities (legacy support in use)
[   47.993560][ T4025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   48.002271][ T4025] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   48.029340][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.161161][ T4027] loop0: detected capacity change from 0 to 512
[   48.184850][ T4028] loop4: detected capacity change from 0 to 8192
[   48.213002][ T4027] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.225609][ T4027] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.237972][ T4027] Zero length message leads to an empty skb
[   48.250880][ T4036] netlink: 'syz.2.185': attribute type 4 has an invalid length.
[   48.310867][ T4038] loop4: detected capacity change from 0 to 512
[   48.338305][ T4038] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   48.351149][ T4038] EXT4-fs (loop4): 1 truncate cleaned up
[   48.357253][ T4038] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.412221][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.443046][   T29] kauditd_printk_skb: 215 callbacks suppressed
[   48.443061][   T29] audit: type=1326 audit(1737024518.009:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.478076][ T4046] syz.2.187[4046] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.537958][   T29] audit: type=1326 audit(1737024518.049:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.572730][   T29] audit: type=1326 audit(1737024518.049:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.596159][   T29] audit: type=1326 audit(1737024518.049:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.619565][   T29] audit: type=1326 audit(1737024518.049:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.642904][   T29] audit: type=1326 audit(1737024518.049:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.666398][   T29] audit: type=1326 audit(1737024518.049:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.689824][   T29] audit: type=1326 audit(1737024518.049:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.713182][   T29] audit: type=1326 audit(1737024518.049:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   48.736607][   T29] audit: type=1326 audit(1737024518.049:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4045 comm="syz.4.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f290a305d29 code=0x7ffc0000
[   49.055032][ T4059] loop3: detected capacity change from 0 to 512
[   49.075357][ T4059] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   49.149356][ T4059] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.199919][ T4059] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.194: corrupted inode contents
[   49.236948][ T4059] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.194: mark_inode_dirty error
[   49.298258][ T4059] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.194: corrupted inode contents
[   49.411865][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.329778][ T4084] FAULT_INJECTION: forcing a failure.
[   50.329778][ T4084] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   50.343065][ T4084] CPU: 0 UID: 0 PID: 4084 Comm: syz.3.201 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   50.353702][ T4084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   50.363778][ T4084] Call Trace:
[   50.367143][ T4084]  <TASK>
[   50.370087][ T4084]  dump_stack_lvl+0xf2/0x150
[   50.374719][ T4084]  dump_stack+0x15/0x1a
[   50.379070][ T4084]  should_fail_ex+0x223/0x230
[   50.383776][ T4084]  should_fail_alloc_page+0xfd/0x110
[   50.389194][ T4084]  __alloc_pages_noprof+0x109/0x340
[   50.394456][ T4084]  alloc_pages_mpol_noprof+0xb8/0x260
[   50.399930][ T4084]  vma_alloc_folio_noprof+0x1a0/0x2f0
[   50.405343][ T4084]  handle_mm_fault+0xdd7/0x2ac0
[   50.410291][ T4084]  exc_page_fault+0x3b9/0x650
[   50.415007][ T4084]  asm_exc_page_fault+0x26/0x30
[   50.419960][ T4084] RIP: 0033:0x7f34752a8ba3
[   50.424437][ T4084] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   50.444254][ T4084] RSP: 002b:00007f3473a564a0 EFLAGS: 00010202
[   50.450341][ T4084] RAX: 000000000000a000 RBX: 00007f3473a56540 RCX: 00007f346b637000
[   50.458359][ T4084] RDX: 00007f3473a566e0 RSI: 0000000000000000 RDI: 00007f3473a565e0
[   50.466427][ T4084] RBP: 00000000000000d9 R08: 0000000000000006 R09: 000000000000000d
[   50.474422][ T4084] R10: 000000000000001a R11: 00007f3473a56540 R12: 0000000000000001
[   50.482415][ T4084] R13: 00007f3475479040 R14: 0000000000000001 R15: 00007f3473a565e0
[   50.490411][ T4084]  </TASK>
[   50.493680][ T4084] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   50.517984][ T4084] loop3: detected capacity change from 0 to 164
[   50.528877][ T4084] ISOFS: unable to read i-node block
[   50.534197][ T4084] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   50.947472][ T4107] netlink: 8 bytes leftover after parsing attributes in process `syz.1.212'.
[   51.022294][ T4110] loop3: detected capacity change from 0 to 128
[   51.035217][ T4110] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   51.043126][ T4110] FAT-fs (loop3): Filesystem has been set read-only
[   51.259272][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.386849][ T4121] loop0: detected capacity change from 0 to 512
[   51.394300][ T4118] netlink: 'syz.2.215': attribute type 4 has an invalid length.
[   51.419678][ T4121] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   51.442925][ T4121] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.468182][ T4121] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.216: corrupted inode contents
[   51.487036][ T4121] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.216: mark_inode_dirty error
[   51.505037][ T4121] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.216: corrupted inode contents
[   51.520476][ T4125] loop2: detected capacity change from 0 to 8192
[   51.530269][ T4130] FAULT_INJECTION: forcing a failure.
[   51.530269][ T4130] name failslab, interval 1, probability 0, space 0, times 0
[   51.542961][ T4130] CPU: 0 UID: 0 PID: 4130 Comm: syz.1.219 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   51.553668][ T4130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   51.563816][ T4130] Call Trace:
[   51.567259][ T4130]  <TASK>
[   51.570231][ T4130]  dump_stack_lvl+0xf2/0x150
[   51.574932][ T4130]  dump_stack+0x15/0x1a
[   51.579112][ T4130]  should_fail_ex+0x223/0x230
[   51.583839][ T4130]  should_failslab+0x8f/0xb0
[   51.588572][ T4130]  kmem_cache_alloc_node_noprof+0x59/0x320
[   51.594460][ T4130]  ? __alloc_skb+0x10b/0x310
[   51.599149][ T4130]  __alloc_skb+0x10b/0x310
[   51.603655][ T4130]  ? audit_log_start+0x34c/0x6b0
[   51.608657][ T4130]  audit_log_start+0x368/0x6b0
[   51.613505][ T4130]  audit_seccomp+0x4b/0x130
[   51.618052][ T4130]  __seccomp_filter+0x6fa/0x1180
[   51.623105][ T4130]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   51.628870][ T4130]  ? vfs_write+0x596/0x920
[   51.633323][ T4130]  __secure_computing+0x9f/0x1c0
[   51.638331][ T4130]  syscall_trace_enter+0xd1/0x1f0
[   51.643462][ T4130]  ? fpregs_assert_state_consistent+0x83/0xa0
[   51.649559][ T4130]  do_syscall_64+0xaa/0x1c0
[   51.654193][ T4130]  ? clear_bhb_loop+0x55/0xb0
[   51.658948][ T4130]  ? clear_bhb_loop+0x55/0xb0
[   51.663640][ T4130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.669571][ T4130] RIP: 0033:0x7fdb859a5d29
[   51.673995][ T4130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.693632][ T4130] RSP: 002b:00007fdb84016d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   51.702230][ T4130] RAX: ffffffffffffffda RBX: 0000000000001050 RCX: 00007fdb859a5d29
[   51.710309][ T4130] RDX: 00007fdb84016dec RSI: 0000000000000000 RDI: 00007fdb85a22469
[   51.718294][ T4130] RBP: 0000000020001080 R08: 00007fdb84016b07 R09: 0000000000000000
[   51.726306][ T4130] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[   51.734303][ T4130] R13: 00007fdb84016dec R14: 00007fdb84016df0 R15: 00007ffe404c2f08
[   51.742313][ T4130]  </TASK>
[   51.757275][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.803157][ T4134] tmpfs: Unknown parameter 'mp'
[   51.814076][ T4130] loop1: detected capacity change from 0 to 8192
[   51.826414][ T4134] netlink: 4 bytes leftover after parsing attributes in process `syz.0.220'.
[   51.857598][    C0] hrtimer: interrupt took 28446 ns
[   51.901041][ T4130]  loop1: p1 p2
[   51.904730][ T4130] loop1: p1 start 33556480 is beyond EOD, truncated
[   51.911418][ T4130] loop1: p2 size 79757312 extends beyond EOD, truncated
[   51.957225][ T4134] hsr_slave_1 (unregistering): left promiscuous mode
[   51.960467][ T4136] loop2: detected capacity change from 0 to 128
[   51.964129][ T2999]  loop1: p1 p2
[   51.964214][ T2999] loop1: p1 start 33556480 is beyond EOD, truncated
[   51.964270][ T2999] loop1: p2 size 79757312 extends beyond EOD, truncated
[   51.998674][ T4136] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[   52.001173][ T3291] udevd[3291]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   52.293017][ T4155] syz.0.229[4155] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.293192][ T4155] syz.0.229[4155] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.324997][ T4155] syz.0.229[4155] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.369739][ T4158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.230'.
[   52.941054][ T4186] netem: incorrect ge model size
[   52.946174][ T4186] netem: change failed
[   52.978121][ T4188] netlink: 8 bytes leftover after parsing attributes in process `syz.3.241'.
[   53.101133][ T4192] loop3: detected capacity change from 0 to 736
[   53.169834][ T4190] loop2: detected capacity change from 0 to 8192
[   53.187661][ T4195] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[   53.194241][ T4195] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   53.201715][ T4195] vhci_hcd vhci_hcd.0: Device attached
[   53.226274][ T4196] vhci_hcd: cannot find the pending unlink 19892
[   53.232725][ T4196] vhci_hcd: connection closed
[   53.236042][   T50] vhci_hcd: stop threads
[   53.245175][   T50] vhci_hcd: release socket
[   53.249659][   T50] vhci_hcd: disconnect device
[   53.350163][ T4199] netlink: 'syz.2.245': attribute type 4 has an invalid length.
[   53.556447][   T29] kauditd_printk_skb: 310 callbacks suppressed
[   53.556464][   T29] audit: type=1400 audit(1737024523.119:1459): avc:  denied  { read write } for  pid=4207 comm="syz.1.248" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   53.586168][   T29] audit: type=1400 audit(1737024523.119:1460): avc:  denied  { open } for  pid=4207 comm="syz.1.248" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   53.656968][   T29] audit: type=1326 audit(1737024523.219:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4211 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34753e5d29 code=0x7ffc0000
[   53.665286][ T4214] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   53.680352][   T29] audit: type=1326 audit(1737024523.219:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4211 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34753e5d29 code=0x7ffc0000
[   53.711151][   T29] audit: type=1326 audit(1737024523.219:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4211 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34753e5d29 code=0x7ffc0000
[   53.734725][   T29] audit: type=1326 audit(1737024523.219:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4211 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34753e5d29 code=0x7ffc0000
[   53.758254][   T29] audit: type=1326 audit(1737024523.219:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4211 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34753e5d29 code=0x7ffc0000
[   53.781803][   T29] audit: type=1326 audit(1737024523.219:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4211 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34753e5d29 code=0x7ffc0000
[   53.805203][   T29] audit: type=1326 audit(1737024523.219:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4211 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34753e5d29 code=0x7ffc0000
[   53.828715][   T29] audit: type=1326 audit(1737024523.219:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4211 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34753e5d29 code=0x7ffc0000
[   53.931909][ T4223] loop2: detected capacity change from 0 to 512
[   53.935606][ T4227] loop0: detected capacity change from 0 to 8192
[   53.950822][ T4223] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.968532][ T4223] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.989215][ T4232] netlink: 180 bytes leftover after parsing attributes in process `syz.1.257'.
[   54.000906][ T4223] netem: incorrect ge model size
[   54.005255][ T4232] netlink: 56 bytes leftover after parsing attributes in process `syz.1.257'.
[   54.005899][ T4223] netem: change failed
[   54.035592][ T4232] lo speed is unknown, defaulting to 1000
[   54.041955][ T4232] lo speed is unknown, defaulting to 1000
[   54.049903][ T4232] lo speed is unknown, defaulting to 1000
[   54.056549][ T4232] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   54.064212][ T4232] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   54.074134][ T4232] lo speed is unknown, defaulting to 1000
[   54.082699][ T4232] lo speed is unknown, defaulting to 1000
[   54.088881][ T4232] lo speed is unknown, defaulting to 1000
[   54.095000][ T4232] lo speed is unknown, defaulting to 1000
[   54.101190][ T4232] lo speed is unknown, defaulting to 1000
[   54.120221][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.196128][ T4244] lo speed is unknown, defaulting to 1000
[   54.344756][ T4257] loop2: detected capacity change from 0 to 512
[   54.377520][ T4257] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.265: bad orphan inode 13
[   54.399488][ T4257] ext4_test_bit(bit=12, block=4) = 1
[   54.404870][ T4257] is_bad_inode(inode)=0
[   54.409163][ T4257] NEXT_ORPHAN(inode)=0
[   54.413336][ T4257] max_ino=32
[   54.416557][ T4257] i_nlink=1
[   54.435140][ T4262] netlink: 40 bytes leftover after parsing attributes in process `syz.1.266'.
[   54.445617][ T4262] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   54.455755][ T4262] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   54.466870][ T4262] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   54.476921][ T4262] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   54.521900][ T4257] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.547590][ T4257] EXT4-fs warning (device loop2): dx_probe:833: inode #2: comm syz.2.265: Unrecognised inode hash code 20
[   54.559094][ T4257] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.265: Corrupt directory, running e2fsck is recommended
[   54.594961][ T4257] EXT4-fs warning (device loop2): dx_probe:833: inode #2: comm syz.2.265: Unrecognised inode hash code 20
[   54.606562][ T4257] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.265: Corrupt directory, running e2fsck is recommended
[   54.709219][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.736498][ T4273] netlink: 8 bytes leftover after parsing attributes in process `syz.4.268'.
[   54.743190][ T4274] loop2: detected capacity change from 0 to 512
[   54.781811][ T4274] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   54.867070][ T4274] EXT4-fs (loop2): Couldn't remount RDWR because of unprocessed orphan inode list.  Please umount/remount instead
[   54.995086][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.027936][ T4285] netlink: 12 bytes leftover after parsing attributes in process `syz.4.273'.
[   55.057003][ T4287] FAULT_INJECTION: forcing a failure.
[   55.057003][ T4287] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.070195][ T4287] CPU: 1 UID: 0 PID: 4287 Comm: syz.2.275 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   55.080860][ T4287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   55.090928][ T4287] Call Trace:
[   55.094225][ T4287]  <TASK>
[   55.097178][ T4287]  dump_stack_lvl+0xf2/0x150
[   55.101810][ T4287]  dump_stack+0x15/0x1a
[   55.106087][ T4287]  should_fail_ex+0x223/0x230
[   55.110946][ T4287]  should_fail+0xb/0x10
[   55.115140][ T4287]  should_fail_usercopy+0x1a/0x20
[   55.120247][ T4287]  _copy_from_iter+0xd5/0xd00
[   55.124971][ T4287]  ? kmalloc_reserve+0x16e/0x190
[   55.129952][ T4287]  ? __build_skb_around+0x196/0x1f0
[   55.135230][ T4287]  ? __alloc_skb+0x21f/0x310
[   55.139829][ T4287]  ? __virt_addr_valid+0x1ed/0x250
[   55.144963][ T4287]  ? __check_object_size+0x364/0x520
[   55.150436][ T4287]  netlink_sendmsg+0x460/0x6e0
[   55.155225][ T4287]  ? __pfx_netlink_sendmsg+0x10/0x10
[   55.160562][ T4287]  __sock_sendmsg+0x140/0x180
[   55.165275][ T4287]  ____sys_sendmsg+0x312/0x410
[   55.170057][ T4287]  __sys_sendmsg+0x19d/0x230
[   55.174835][ T4287]  __x64_sys_sendmsg+0x46/0x50
[   55.179634][ T4287]  x64_sys_call+0x2734/0x2dc0
[   55.184326][ T4287]  do_syscall_64+0xc9/0x1c0
[   55.188899][ T4287]  ? clear_bhb_loop+0x55/0xb0
[   55.193628][ T4287]  ? clear_bhb_loop+0x55/0xb0
[   55.198314][ T4287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.204276][ T4287] RIP: 0033:0x7f01eb835d29
[   55.208717][ T4287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.228359][ T4287] RSP: 002b:00007f01e9ea7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.236782][ T4287] RAX: ffffffffffffffda RBX: 00007f01eba25fa0 RCX: 00007f01eb835d29
[   55.244756][ T4287] RDX: 0000000000000040 RSI: 00000000200007c0 RDI: 0000000000000003
[   55.252799][ T4287] RBP: 00007f01e9ea7090 R08: 0000000000000000 R09: 0000000000000000
[   55.260777][ T4287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.268919][ T4287] R13: 0000000000000000 R14: 00007f01eba25fa0 R15: 00007ffd68fb8b08
[   55.276916][ T4287]  </TASK>
[   55.286747][ T4289] netlink: 8 bytes leftover after parsing attributes in process `syz.1.276'.
[   55.721592][ T4298] loop2: detected capacity change from 0 to 512
[   55.745149][ T4298] ext4: Bad value for 'stripe'
[   55.799057][ T4307] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[   55.814259][ T4306] siw: device registration error -23
[   55.838900][ T4308] netlink: 'syz.2.279': attribute type 25 has an invalid length.
[   55.873023][ T4308] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   55.881330][ T4308] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   55.889669][ T4308] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   55.898000][ T4308] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   55.928285][ T4318] loop4: detected capacity change from 0 to 512
[   55.943798][ T4318] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   55.948160][ T4311] loop3: detected capacity change from 0 to 8192
[   55.981037][ T4318] EXT4-fs (loop4): 1 truncate cleaned up
[   55.995752][ T4318] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.039779][ T4318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.057849][ T4321] __nla_validate_parse: 2 callbacks suppressed
[   56.057872][ T4321] netlink: 108 bytes leftover after parsing attributes in process `syz.2.286'.
[   56.079141][ T4323] loop3: detected capacity change from 0 to 512
[   56.086036][ T4321] netlink: 108 bytes leftover after parsing attributes in process `syz.2.286'.
[   56.095064][ T4321] netlink: 84 bytes leftover after parsing attributes in process `syz.2.286'.
[   56.107319][ T4323] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   56.214753][ T4323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.217684][ T4330] FAULT_INJECTION: forcing a failure.
[   56.217684][ T4330] name failslab, interval 1, probability 0, space 0, times 0
[   56.239600][ T4323] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.287: corrupted inode contents
[   56.240118][ T4330] CPU: 0 UID: 0 PID: 4330 Comm: syz.4.288 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   56.253281][ T4323] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.287: mark_inode_dirty error
[   56.262241][ T4330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   56.262259][ T4330] Call Trace:
[   56.262268][ T4330]  <TASK>
[   56.262278][ T4330]  dump_stack_lvl+0xf2/0x150
[   56.274438][ T4323] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.287: corrupted inode contents
[   56.283442][ T4330]  dump_stack+0x15/0x1a
[   56.310208][ T4330]  should_fail_ex+0x223/0x230
[   56.315071][ T4330]  should_failslab+0x8f/0xb0
[   56.319714][ T4330]  kmem_cache_alloc_noprof+0x52/0x320
[   56.325110][ T4330]  ? io_submit_one+0xb7/0x1230
[   56.329891][ T4330]  io_submit_one+0xb7/0x1230
[   56.334507][ T4330]  ? __rcu_read_unlock+0x4e/0x70
[   56.339457][ T4330]  __se_sys_io_submit+0xf5/0x280
[   56.344422][ T4330]  __x64_sys_io_submit+0x43/0x50
[   56.349374][ T4330]  x64_sys_call+0x2c20/0x2dc0
[   56.354078][ T4330]  do_syscall_64+0xc9/0x1c0
[   56.358596][ T4330]  ? clear_bhb_loop+0x55/0xb0
[   56.363294][ T4330]  ? clear_bhb_loop+0x55/0xb0
[   56.368057][ T4330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.373984][ T4330] RIP: 0033:0x7f290a305d29
[   56.378398][ T4330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.398111][ T4330] RSP: 002b:00007f2908977038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   56.406605][ T4330] RAX: ffffffffffffffda RBX: 00007f290a4f5fa0 RCX: 00007f290a305d29
[   56.414689][ T4330] RDX: 0000000020000180 RSI: 0000000000000001 RDI: 00007f290b036000
[   56.422744][ T4330] RBP: 00007f2908977090 R08: 0000000000000000 R09: 0000000000000000
[   56.430812][ T4330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.438820][ T4330] R13: 0000000000000000 R14: 00007f290a4f5fa0 R15: 00007ffd63197bc8
[   56.446818][ T4330]  </TASK>
[   56.453787][ T4334] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   56.462517][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.544146][ T4345] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.574012][ T4336] infiniband syz!: set active
[   56.578784][ T4336] infiniband syz!: added team_slave_0
[   56.580313][ T4345] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.634008][ T4336] RDS/IB: syz!: added
[   56.640562][ T4352] loop3: detected capacity change from 0 to 128
[   56.654866][ T4352] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   56.665042][ T4336] smc: adding ib device syz! with port count 1
[   56.674778][ T4336] smc:    ib device syz! port 1 has pnetid 
[   56.685851][ T4352] netlink: 'syz.3.296': attribute type 1 has an invalid length.
[   56.781247][ T4359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.298'.
[   56.807834][ T4359] team0 (unregistering): Port device team_slave_0 removed
[   56.821553][ T4359] team0 (unregistering): Port device team_slave_1 removed
[   57.069207][ T4379] bond1: entered promiscuous mode
[   57.074285][ T4379] bond1: entered allmulticast mode
[   57.079811][ T4379] 8021q: adding VLAN 0 to HW filter on device bond1
[   57.087286][ T4374] netlink: 20 bytes leftover after parsing attributes in process `syz.2.305'.
[   57.098268][ T4379] bond1 (unregistering): Released all slaves
[   57.108635][ T4374] netlink: 20 bytes leftover after parsing attributes in process `syz.2.305'.
[   57.250242][ T4396] netlink: 8 bytes leftover after parsing attributes in process `syz.1.313'.
[   57.281972][ T4400] loop0: detected capacity change from 0 to 512
[   57.288611][ T4400] EXT4-fs: Ignoring removed orlov option
[   57.349670][ T4402] loop4: detected capacity change from 0 to 128
[   57.638632][ T4400] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8842c118, mo2=0002]
[   57.647209][ T4400] EXT4-fs (loop0): too many log groups per flexible block group
[   57.654966][ T4400] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   57.661851][ T4400] EXT4-fs (loop0): mount failed
[   58.117448][ T4414] netlink: 24 bytes leftover after parsing attributes in process `syz.4.318'.
[   58.163101][ T4413] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   58.412300][ T4422] lo speed is unknown, defaulting to 1000
[   58.557001][ T4433] netlink: 12 bytes leftover after parsing attributes in process `syz.0.322'.
[   58.575946][ T4417] netlink: 452 bytes leftover after parsing attributes in process `syz.2.319'.
[   58.617467][ T4436] loop4: detected capacity change from 0 to 512
[   58.635725][ T4436] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   58.652207][ T4440] syz.1.327 uses obsolete (PF_INET,SOCK_PACKET)
[   58.683970][ T4436] EXT4-fs (loop4): 1 truncate cleaned up
[   58.698481][ T4436] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.816692][ T4440] infiniband syz!: set down
[   58.823910][   T29] kauditd_printk_skb: 118 callbacks suppressed
[   58.823926][   T29] audit: type=1400 audit(1737024528.389:1587): avc:  denied  { create } for  pid=4435 comm="syz.4.325" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   58.850583][ T4440] team0 (unregistering): Port device team_slave_0 removed
[   58.857992][   T29] audit: type=1400 audit(1737024528.389:1588): avc:  denied  { connect } for  pid=4435 comm="syz.4.325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   58.880494][ T4440] team0 (unregistering): Port device team_slave_1 removed
[   58.915878][ T4450] loop2: detected capacity change from 0 to 128
[   59.084993][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.094347][ T4452] loop3: detected capacity change from 0 to 512
[   59.128120][ T4452] EXT4-fs: Ignoring removed oldalloc option
[   59.257774][ T4452] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.329: Parent and EA inode have the same ino 15
[   59.282175][ T4452] EXT4-fs (loop3): Remounting filesystem read-only
[   59.288788][ T4452] EXT4-fs warning (device loop3): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   59.315850][ T4452] EXT4-fs (loop3): 1 orphan inode deleted
[   59.341264][ T4452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.353766][ T4452] SELinux: (dev loop3, type ext4) getxattr errno 5
[   59.451641][   T29] audit: type=1400 audit(1737024529.019:1589): avc:  denied  { write } for  pid=4466 comm="syz.0.332" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   59.509947][   T29] audit: type=1326 audit(1737024529.079:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4472 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd680b35d29 code=0x7ffc0000
[   59.533444][   T29] audit: type=1326 audit(1737024529.079:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4472 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd680b35d29 code=0x7ffc0000
[   59.555547][ T4473] SELinux:  policydb version 0 does not match my version range 15-33
[   59.568157][ T4473] SELinux: failed to load policy
[   59.595614][ T4475] lo speed is unknown, defaulting to 1000
[   59.604480][   T29] audit: type=1326 audit(1737024529.079:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4472 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd680b35d29 code=0x7ffc0000
[   59.627856][   T29] audit: type=1326 audit(1737024529.079:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4472 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd680b35d29 code=0x7ffc0000
[   59.651455][   T29] audit: type=1326 audit(1737024529.079:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4472 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd680b35d29 code=0x7ffc0000
[   59.674448][ T4479] loop2: detected capacity change from 0 to 512
[   59.674895][   T29] audit: type=1326 audit(1737024529.099:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4472 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd680b35d29 code=0x7ffc0000
[   59.696095][ T4479] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   59.704462][   T29] audit: type=1326 audit(1737024529.099:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4472 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd680b35d29 code=0x7ffc0000
[   59.762783][ T4479] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.335: corrupted inode contents
[   59.774903][ T4479] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #2: comm syz.2.335: mark_inode_dirty error
[   59.788397][ T4479] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.335: corrupted inode contents
[   59.937248][ T4500] FAULT_INJECTION: forcing a failure.
[   59.937248][ T4500] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.950628][ T4500] CPU: 0 UID: 0 PID: 4500 Comm: syz.3.342 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   59.961280][ T4500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   59.971351][ T4500] Call Trace:
[   59.974640][ T4500]  <TASK>
[   59.977630][ T4500]  dump_stack_lvl+0xf2/0x150
[   59.982274][ T4500]  dump_stack+0x15/0x1a
[   59.986561][ T4500]  should_fail_ex+0x223/0x230
[   59.991276][ T4500]  should_fail+0xb/0x10
[   59.995529][ T4500]  should_fail_usercopy+0x1a/0x20
[   60.000664][ T4500]  _copy_from_user+0x1e/0xb0
[   60.005293][ T4500]  copy_msghdr_from_user+0x54/0x2a0
[   60.010531][ T4500]  ? __fget_files+0x17c/0x1c0
[   60.015272][ T4500]  __sys_sendmsg+0x13e/0x230
[   60.020028][ T4500]  __x64_sys_sendmsg+0x46/0x50
[   60.024805][ T4500]  x64_sys_call+0x2734/0x2dc0
[   60.029515][ T4500]  do_syscall_64+0xc9/0x1c0
[   60.034090][ T4500]  ? clear_bhb_loop+0x55/0xb0
[   60.038781][ T4500]  ? clear_bhb_loop+0x55/0xb0
[   60.043500][ T4500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.049463][ T4500] RIP: 0033:0x7f34753e5d29
[   60.053888][ T4500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.073504][ T4500] RSP: 002b:00007f3473a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.081933][ T4500] RAX: ffffffffffffffda RBX: 00007f34755d5fa0 RCX: 00007f34753e5d29
[   60.089970][ T4500] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000007
[   60.098058][ T4500] RBP: 00007f3473a57090 R08: 0000000000000000 R09: 0000000000000000
[   60.106035][ T4500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.114011][ T4500] R13: 0000000000000000 R14: 00007f34755d5fa0 R15: 00007ffef0014cb8
[   60.121996][ T4500]  </TASK>
[   60.272546][ T4526] sch_tbf: burst 0 is lower than device lo mtu (18) !
[   60.292853][ T4530] loop4: detected capacity change from 0 to 512
[   60.321102][ T4530] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[   60.385256][ T4536] FAULT_INJECTION: forcing a failure.
[   60.385256][ T4536] name failslab, interval 1, probability 0, space 0, times 0
[   60.398036][ T4536] CPU: 1 UID: 0 PID: 4536 Comm: syz.2.357 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   60.408735][ T4536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   60.418815][ T4536] Call Trace:
[   60.422209][ T4536]  <TASK>
[   60.425148][ T4536]  dump_stack_lvl+0xf2/0x150
[   60.429808][ T4536]  dump_stack+0x15/0x1a
[   60.434036][ T4536]  should_fail_ex+0x223/0x230
[   60.438838][ T4536]  should_failslab+0x8f/0xb0
[   60.443512][ T4536]  kmem_cache_alloc_noprof+0x52/0x320
[   60.448900][ T4536]  ? alloc_empty_file+0xd0/0x200
[   60.453846][ T4536]  ? selinux_file_open+0x34a/0x3b0
[   60.459018][ T4536]  alloc_empty_file+0xd0/0x200
[   60.465356][ T4536]  path_openat+0x6a/0x1fa0
[   60.469811][ T4536]  ? mntput+0x49/0x70
[   60.473957][ T4536]  ? terminate_walk+0x260/0x280
[   60.478820][ T4536]  ? sysvec_apic_timer_interrupt+0x44/0x80
[   60.484807][ T4536]  ? kstrtoull+0xd7/0x140
[   60.489140][ T4536]  ? kstrtoull+0xc7/0x140
[   60.493478][ T4536]  do_filp_open+0x107/0x230
[   60.498005][ T4536]  do_open_execat+0xd0/0x280
[   60.502613][ T4536]  alloc_bprm+0x28/0x5d0
[   60.506964][ T4536]  do_execveat_common+0x134/0x800
[   60.512014][ T4536]  ? getname_flags+0x15a/0x3b0
[   60.516849][ T4536]  __x64_sys_execveat+0x75/0x90
[   60.521864][ T4536]  x64_sys_call+0x291e/0x2dc0
[   60.526552][ T4536]  do_syscall_64+0xc9/0x1c0
[   60.531067][ T4536]  ? clear_bhb_loop+0x55/0xb0
[   60.535810][ T4536]  ? clear_bhb_loop+0x55/0xb0
[   60.540496][ T4536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.546559][ T4536] RIP: 0033:0x7f01eb835d29
[   60.550997][ T4536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.570683][ T4536] RSP: 002b:00007f01e9ea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   60.579123][ T4536] RAX: ffffffffffffffda RBX: 00007f01eba25fa0 RCX: 00007f01eb835d29
[   60.587097][ T4536] RDX: 0000000000000000 RSI: 0000000020000140 RDI: ffffffffffffff9c
[   60.595074][ T4536] RBP: 00007f01e9ea7090 R08: 0000000000000000 R09: 0000000000000000
[   60.603106][ T4536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.611082][ T4536] R13: 0000000000000000 R14: 00007f01eba25fa0 R15: 00007ffd68fb8b08
[   60.619150][ T4536]  </TASK>
[   60.674827][ T4541] xt_connbytes: Forcing CT accounting to be enabled
[   60.681814][ T4541] Cannot find del_set index 1 as target
[   60.713034][ T4538] netlink: 'syz.0.356': attribute type 4 has an invalid length.
[   61.048175][ T4543] loop3: detected capacity change from 0 to 1024
[   61.263852][ T4562] netlink: zone id is out of range
[   61.269087][ T4562] netlink: del zone limit has 4 unknown bytes
[   61.284957][ T4566] loop4: detected capacity change from 0 to 512
[   61.302515][ T4566] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   61.328902][ T4566] EXT4-fs error (device loop4): ext4_do_update_inode:5153: inode #2: comm syz.4.368: corrupted inode contents
[   61.340865][ T4566] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #2: comm syz.4.368: mark_inode_dirty error
[   61.352451][ T4566] EXT4-fs error (device loop4): ext4_do_update_inode:5153: inode #2: comm syz.4.368: corrupted inode contents
[   61.418925][ T4581] loop0: detected capacity change from 0 to 512
[   61.427822][ T4581] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   61.441342][ T4581] EXT4-fs (loop0): orphan cleanup on readonly fs
[   61.453219][ T4581] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.373: Failed to acquire dquot type 1
[   61.465039][ T4581] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.373: bg 0: block 40: padding at end of block bitmap is not set
[   61.480571][ T4581] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   61.489769][ T4581] EXT4-fs (loop0): 1 truncate cleaned up
[   61.496979][ T4581] __nla_validate_parse: 5 callbacks suppressed
[   61.496991][ T4581] netlink: 8 bytes leftover after parsing attributes in process `syz.0.373'.
[   61.573676][ T4591] netlink: 60 bytes leftover after parsing attributes in process `syz.2.377'.
[   61.640507][ T4599] lo speed is unknown, defaulting to 1000
[   61.933006][ T4623] loop4: detected capacity change from 0 to 512
[   61.941804][ T4623] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   61.960316][ T4623] EXT4-fs (loop4): 1 truncate cleaned up
[   61.969536][ T4623] FAULT_INJECTION: forcing a failure.
[   61.969536][ T4623] name failslab, interval 1, probability 0, space 0, times 0
[   61.982427][ T4623] CPU: 0 UID: 0 PID: 4623 Comm:  Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   61.992258][ T4623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   62.002387][ T4623] Call Trace:
[   62.005764][ T4623]  <TASK>
[   62.008720][ T4623]  dump_stack_lvl+0xf2/0x150
[   62.013449][ T4623]  dump_stack+0x15/0x1a
[   62.017653][ T4623]  should_fail_ex+0x223/0x230
[   62.022443][ T4623]  should_failslab+0x8f/0xb0
[   62.027069][ T4623]  kmem_cache_alloc_noprof+0x52/0x320
[   62.032528][ T4623]  ? __es_insert_extent+0x563/0xed0
[   62.037772][ T4623]  __es_insert_extent+0x563/0xed0
[   62.042921][ T4623]  ext4_es_insert_extent+0x45a/0x1c60
[   62.048327][ T4623]  ext4_map_blocks+0x8b9/0xd20
[   62.053137][ T4623]  ext4_iomap_begin+0x4a9/0x5d0
[   62.058037][ T4623]  ? __pfx_ext4_iomap_begin+0x10/0x10
[   62.063520][ T4623]  iomap_iter+0x3f1/0x830
[   62.067946][ T4623]  __iomap_dio_rw+0xc25/0x1110
[   62.072815][ T4623]  iomap_dio_rw+0x40/0x90
[   62.077367][ T4623]  ext4_file_write_iter+0xb71/0xf20
[   62.082689][ T4623]  do_iter_readv_writev+0x394/0x450
[   62.087920][ T4623]  vfs_writev+0x2d4/0x880
[   62.092333][ T4623]  ? proc_fail_nth_write+0x12a/0x150
[   62.097775][ T4623]  __se_sys_pwritev2+0x100/0x1c0
[   62.102755][ T4623]  __x64_sys_pwritev2+0x78/0x90
[   62.107662][ T4623]  x64_sys_call+0x2afe/0x2dc0
[   62.112364][ T4623]  do_syscall_64+0xc9/0x1c0
[   62.116932][ T4623]  ? clear_bhb_loop+0x55/0xb0
[   62.121790][ T4623]  ? clear_bhb_loop+0x55/0xb0
[   62.126503][ T4623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.132444][ T4623] RIP: 0033:0x7f290a305d29
[   62.136894][ T4623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.156570][ T4623] RSP: 002b:00007f2908977038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   62.165103][ T4623] RAX: ffffffffffffffda RBX: 00007f290a4f5fa0 RCX: 00007f290a305d29
[   62.173095][ T4623] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000004
[   62.181083][ T4623] RBP: 00007f2908977090 R08: 0000000000000000 R09: 0000000000000003
[   62.189346][ T4623] R10: 0000000000001200 R11: 0000000000000246 R12: 0000000000000002
[   62.197344][ T4623] R13: 0000000000000000 R14: 00007f290a4f5fa0 R15: 00007ffd63197bc8
[   62.205493][ T4623]  </TASK>
[   62.210879][ T4627] netlink: 8 bytes leftover after parsing attributes in process `syz.1.387'.
[   62.305621][ T4634] SELinux:  Context system_u:object_r:fonts_t:s0 is not valid (left unmapped).
[   62.402618][ T4633] loop3: detected capacity change from 0 to 512
[   62.431014][ T4633] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002]
[   62.439864][ T4633] System zones: 1-12
[   62.444519][ T4633] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.390: Directory hole found for htree index block 0
[   62.458227][ T4633] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117
[   62.466539][ T4633] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.390: Directory hole found for htree index block 0
[   62.479252][ T4633] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   62.491000][ T4633] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.390: Directory hole found for htree index block 0
[   62.542442][ T4644] syz.4.393[4644] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.542947][ T4644] syz.4.393[4644] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.564608][ T4644] syz.4.393[4644] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.665651][ T4648] netlink: 8 bytes leftover after parsing attributes in process `syz.4.397'.
[   62.693299][ T4651] loop3: detected capacity change from 0 to 512
[   62.732864][ T4651] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   62.772541][ T4651] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.396: corrupted inode contents
[   62.786325][ T4651] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.396: mark_inode_dirty error
[   62.799895][ T4651] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.396: corrupted inode contents
[   63.005687][ T4671] loop0: detected capacity change from 0 to 1024
[   63.007702][ T4665] loop2: detected capacity change from 0 to 8192
[   63.012650][ T4673] IPv6: syztnl0: Disabled Multicast RS
[   63.021879][ T4671] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   63.035933][ T4671] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   63.045060][ T4671] EXT4-fs (loop0): orphan cleanup on readonly fs
[   63.052513][ T4671] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   63.053107][ T4627] syz.1.387 (4627) used greatest stack depth: 10264 bytes left
[   63.070533][ T4671] EXT4-fs (loop0): Remounting filesystem read-only
[   63.077822][ T4671] EXT4-fs (loop0): 1 orphan inode deleted
[   63.085084][ T4671] SELinux: (dev loop0, type ext4) getxattr errno 5
[   63.106650][ T4671] IPv6: NLM_F_CREATE should be specified when creating new route
[   63.129019][ T4676] netlink: 8 bytes leftover after parsing attributes in process `syz.3.405'.
[   63.154590][ T4671] syz.0.402 (4671) used greatest stack depth: 9832 bytes left
[   63.365648][ T4699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.414'.
[   63.374940][ T4698] netlink: 4 bytes leftover after parsing attributes in process `syz.1.414'.
[   63.460648][ T4704] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.415' sets config #1
[   63.519478][ T4710] netlink: 8 bytes leftover after parsing attributes in process `syz.1.418'.
[   63.675725][ T4724] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=4724 comm=syz.1.423
[   63.773593][ T4728] lo speed is unknown, defaulting to 1000
[   63.861041][   T29] kauditd_printk_skb: 932 callbacks suppressed
[   63.861058][   T29] audit: type=1326 audit(1737024533.429:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4727 comm="syz.2.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   63.892676][   T29] audit: type=1326 audit(1737024533.449:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4727 comm="syz.2.425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   63.917857][   T29] audit: type=1326 audit(1737024533.479:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   63.941270][   T29] audit: type=1326 audit(1737024533.479:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   63.964641][   T29] audit: type=1326 audit(1737024533.479:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   63.988052][   T29] audit: type=1326 audit(1737024533.479:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   64.011404][   T29] audit: type=1326 audit(1737024533.479:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   64.037232][ T4745] netlink: 8 bytes leftover after parsing attributes in process `syz.2.431'.
[   64.055767][   T29] audit: type=1326 audit(1737024533.529:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   64.079198][   T29] audit: type=1326 audit(1737024533.529:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   64.102608][   T29] audit: type=1326 audit(1737024533.539:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f01eb835d29 code=0x7ffc0000
[   64.342483][ T3376] kernel write not supported for file /snd/seq (pid: 3376 comm: kworker/0:4)
[   64.651598][ T4778] netlink: 8 bytes leftover after parsing attributes in process `syz.4.443'.
[   64.681762][ T4780] loop4: detected capacity change from 0 to 128
[   65.076460][ T4786] pim6reg1: entered promiscuous mode
[   65.081846][ T4786] pim6reg1: entered allmulticast mode
[   65.403845][ T4818] loop2: detected capacity change from 0 to 128
[   65.939282][ T4845] veth1_macvtap: left promiscuous mode
[   65.987373][ T4849] netlink: 'syz.1.468': attribute type 27 has an invalid length.
[   66.020810][ T4849] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.028107][ T4849] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.063598][ T4849] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.074434][ T4849] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.099028][ T4849] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.108164][ T4849] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.117148][ T4849] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.126052][ T4849] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.185940][ T4855] mmap: syz.2.469 (4855) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   66.207854][ T4858] syz.0.471[4858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.208110][ T4858] syz.0.471[4858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.219916][ T4858] syz.0.471[4858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.233385][ T4858] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4858 comm=syz.0.471
[   66.257175][ T4858] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4858 comm=syz.0.471
[   66.364228][ T4866] loop2: detected capacity change from 0 to 512
[   66.373930][ T4866] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   66.405183][ T4866] EXT4-fs (loop2): 1 truncate cleaned up
[   66.420533][ T4874] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[   66.746097][ T4882] loop3: detected capacity change from 0 to 512
[   66.757680][ T4882] 9pnet_fd: Insufficient options for proto=fd
[   66.766780][ T4882] batadv_slave_1: entered promiscuous mode
[   66.773652][ T4881] batadv_slave_1: left promiscuous mode
[   66.783433][ T4884] __nla_validate_parse: 1 callbacks suppressed
[   66.783446][ T4884] netlink: 8 bytes leftover after parsing attributes in process `syz.4.478'.
[   66.831514][ T4889] loop4: detected capacity change from 0 to 512
[   66.843615][ T4889] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   66.869282][ T4889] EXT4-fs (loop4): 1 truncate cleaned up
[   66.875307][ T4889] EXT4-fs mount: 16 callbacks suppressed
[   66.875322][ T4889] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.950757][ T4897] FAULT_INJECTION: forcing a failure.
[   66.950757][ T4897] name failslab, interval 1, probability 0, space 0, times 0
[   66.963490][ T4897] CPU: 0 UID: 0 PID: 4897 Comm: syz.4.482 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   66.974104][ T4897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   66.984200][ T4897] Call Trace:
[   66.987567][ T4897]  <TASK>
[   66.990513][ T4897]  dump_stack_lvl+0xf2/0x150
[   66.995133][ T4897]  dump_stack+0x15/0x1a
[   66.999377][ T4897]  should_fail_ex+0x223/0x230
[   67.004077][ T4897]  should_failslab+0x8f/0xb0
[   67.008755][ T4897]  kmem_cache_alloc_noprof+0x52/0x320
[   67.014204][ T4897]  ? ext4_mb_new_blocks+0x7ad/0x2020
[   67.019538][ T4897]  ext4_mb_new_blocks+0x7ad/0x2020
[   67.024667][ T4897]  ? check_xattrs+0x629/0x780
[   67.029449][ T4897]  ? ext4_get_branch+0x31a/0x390
[   67.034423][ T4897]  ? ext4_inode_to_goal_block+0x197/0x1f0
[   67.040259][ T4897]  ext4_ind_map_blocks+0xb3e/0x14a0
[   67.045498][ T4897]  ext4_map_blocks+0x555/0xd20
[   67.050337][ T4897]  ext4_convert_inline_data_nolock+0x2b2/0x780
[   67.056525][ T4897]  ? ext4_journal_check_start+0xf3/0x180
[   67.062188][ T4897]  ? __ext4_journal_start_sb+0x130/0x340
[   67.067942][ T4897]  ext4_convert_inline_data+0x2c2/0x370
[   67.073535][ T4897]  ext4_fallocate+0xac/0x1170
[   67.078324][ T4897]  vfs_fallocate+0x368/0x3b0
[   67.082938][ T4897]  do_vfs_ioctl+0x1451/0x1530
[   67.087642][ T4897]  ? __fget_files+0x17c/0x1c0
[   67.092349][ T4897]  __se_sys_ioctl+0x80/0x140
[   67.096963][ T4897]  __x64_sys_ioctl+0x43/0x50
[   67.101572][ T4897]  x64_sys_call+0x1690/0x2dc0
[   67.106387][ T4897]  do_syscall_64+0xc9/0x1c0
[   67.110909][ T4897]  ? clear_bhb_loop+0x55/0xb0
[   67.115676][ T4897]  ? clear_bhb_loop+0x55/0xb0
[   67.120381][ T4897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.126432][ T4897] RIP: 0033:0x7f290a305d29
[   67.130864][ T4897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.150607][ T4897] RSP: 002b:00007f2908956038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   67.159162][ T4897] RAX: ffffffffffffffda RBX: 00007f290a4f6080 RCX: 00007f290a305d29
[   67.167196][ T4897] RDX: 0000000020000b40 RSI: 0000000040305829 RDI: 0000000000000006
[   67.175169][ T4897] RBP: 00007f2908956090 R08: 0000000000000000 R09: 0000000000000000
[   67.183198][ T4897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.191211][ T4897] R13: 0000000000000000 R14: 00007f290a4f6080 R15: 00007ffd63197bc8
[   67.199208][ T4897]  </TASK>
[   67.215830][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.249441][ T4904] netlink: 4 bytes leftover after parsing attributes in process `syz.2.486'.
[   67.256731][ T4906] loop0: detected capacity change from 0 to 512
[   67.269020][ T4906] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   67.282982][ T4901] netlink: 'syz.3.485': attribute type 4 has an invalid length.
[   67.305371][ T4906] EXT4-fs (loop0): 1 truncate cleaned up
[   67.315182][ T4906] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.368798][ T4909] netlink: 132840 bytes leftover after parsing attributes in process `'.
[   67.382371][ T4913] netlink: 4 bytes leftover after parsing attributes in process `syz.3.490'.
[   67.382951][ T4909] loop2: detected capacity change from 0 to 512
[   67.402937][ T4909] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   67.414960][ T4909] EXT4-fs (loop2): 1 truncate cleaned up
[   67.422325][ T4909] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.440724][ T4917] netlink: 4 bytes leftover after parsing attributes in process `syz.3.491'.
[   67.492057][ T4919] netlink: 208 bytes leftover after parsing attributes in process `syz.3.492'.
[   67.532454][ T4919] netlink: 4 bytes leftover after parsing attributes in process `syz.3.492'.
[   67.559141][ T4926] 9pnet_fd: Insufficient options for proto=fd
[   67.673139][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.762173][ T4938] loop4: detected capacity change from 0 to 512
[   67.797952][ T4938] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.826618][ T4939] loop3: detected capacity change from 0 to 2048
[   67.838296][ T4938] ext4 filesystem being mounted at /109/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.876493][ T4939] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.952217][ T4939] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   67.982500][ T4948] netlink: 'syz.1.499': attribute type 4 has an invalid length.
[   68.059010][ T4939] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 512 with max blocks 2 with error 28
[   68.071473][ T4939] EXT4-fs (loop3): This should not happen!! Data will be lost
[   68.071473][ T4939] 
[   68.081179][ T4939] EXT4-fs (loop3): Total free blocks count 0
[   68.087176][ T4939] EXT4-fs (loop3): Free/Dirty block details
[   68.093133][ T4939] EXT4-fs (loop3): free_blocks=2415919104
[   68.098929][ T4939] EXT4-fs (loop3): dirty_blocks=16
[   68.104073][ T4939] EXT4-fs (loop3): Block reservation details
[   68.110254][ T4939] EXT4-fs (loop3): i_reserved_data_blocks=1
[   68.121357][ T4955] netlink: 4 bytes leftover after parsing attributes in process `syz.1.501'.
[   68.144819][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.188350][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.304377][ T4966] xt_TPROXY: Can be used only with -p tcp or -p udp
[   68.507103][ T4939] syz.3.494 (4939) used greatest stack depth: 9320 bytes left
[   68.538682][ T4986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.513'.
[   68.602441][ T4991] netlink: 'syz.2.516': attribute type 1 has an invalid length.
[   68.613291][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.675810][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.810859][ T5018] loop4: detected capacity change from 0 to 512
[   68.817741][ T5018] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   68.840877][ T5018] EXT4-fs (loop4): 1 truncate cleaned up
[   68.844664][ T5022] netlink: 8 bytes leftover after parsing attributes in process `syz.1.526'.
[   68.846987][ T5018] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.868598][ T5018] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.877706][   T29] kauditd_printk_skb: 566 callbacks suppressed
[   68.877721][   T29] audit: type=1400 audit(1737024538.439:3099): avc:  denied  { create } for  pid=5024 comm="syz.3.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   68.903325][   T29] audit: type=1326 audit(1737024538.439:3100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5021 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb859a5d29 code=0x7ffc0000
[   68.926731][   T29] audit: type=1326 audit(1737024538.439:3101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5021 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb859a5d29 code=0x7ffc0000
[   68.950217][   T29] audit: type=1400 audit(1737024538.439:3102): avc:  denied  { ioctl } for  pid=5024 comm="syz.3.527" path="socket:[9446]" dev="sockfs" ino=9446 ioctlcmd=0x89ec scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   68.974619][   T29] audit: type=1326 audit(1737024538.439:3103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5021 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdb859a5d29 code=0x7ffc0000
[   68.998143][   T29] audit: type=1326 audit(1737024538.439:3104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5021 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb859a5d29 code=0x7ffc0000
[   69.021462][   T29] audit: type=1326 audit(1737024538.439:3105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5021 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb859a5d29 code=0x7ffc0000
[   69.045070][   T29] audit: type=1326 audit(1737024538.439:3106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5021 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdb859a5d29 code=0x7ffc0000
[   69.068305][   T29] audit: type=1326 audit(1737024538.439:3107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5021 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb859a5d29 code=0x7ffc0000
[   69.091699][   T29] audit: type=1326 audit(1737024538.439:3108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5021 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb859a5d29 code=0x7ffc0000
[   69.117498][ T5027] 9pnet_fd: Insufficient options for proto=fd
[   69.153247][ T5031] netlink: 'syz.4.530': attribute type 21 has an invalid length.
[   69.161264][ T5031] netlink: 'syz.4.530': attribute type 1 has an invalid length.
[   69.193843][ T5038] netlink: 'syz.1.531': attribute type 10 has an invalid length.
[   69.197335][ T5036] loop4: detected capacity change from 0 to 512
[   69.203973][ T5038] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   69.208918][ T5036] EXT4-fs: inline encryption not supported
[   69.222437][ T5038] netlink: 'syz.1.531': attribute type 10 has an invalid length.
[   69.231621][ T5038] netlink: 'syz.1.531': attribute type 10 has an invalid length.
[   69.232265][ T5040] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.239532][ T5038] netlink: 'syz.1.531': attribute type 10 has an invalid length.
[   69.248182][ T5037] bridge_slave_1: left allmulticast mode
[   69.260839][ T5040] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.261105][ T5037] bridge_slave_1: left promiscuous mode
[   69.273768][ T5036] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   69.274445][ T5037] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.285852][ T5036] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[   69.303283][ T5036] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.532: Corrupt directory, running e2fsck is recommended
[   69.317219][ T5037] bridge_slave_0: left allmulticast mode
[   69.317255][ T5036] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   69.322925][ T5037] bridge_slave_0: left promiscuous mode
[   69.332791][ T5036] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.532: corrupted in-inode xattr: invalid ea_ino
[   69.336780][ T5037] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.351401][ T5036] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.532: couldn't read orphan inode 15 (err -117)
[   69.375577][ T5036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.391354][ T5037] bond0: (slave bridge0): Releasing backup interface
[   69.395295][ T5036] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   69.409619][ T5036] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[   69.419757][ T5036] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.532: Corrupt directory, running e2fsck is recommended
[   69.432883][ T5036] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 3: comm syz.4.532: path /115/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   69.453269][ T5036] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 8: comm syz.4.532: path /115/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=33261, rec_len=1050, size=1024 fake=0
[   69.487777][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.525519][ T5048] pim6reg: entered allmulticast mode
[   69.534698][ T5048] pim6reg: left allmulticast mode
[   69.649191][ T5068] loop2: detected capacity change from 0 to 512
[   69.654128][ T5070] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   69.663748][ T5070] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   69.672052][ T5070] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   69.680377][ T5070] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   69.688860][ T5070] vxlan0: entered promiscuous mode
[   69.698797][ T5068] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.728062][ T5068] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.777083][ T5068] syz.2.544 (5068) used greatest stack depth: 9304 bytes left
[   69.796896][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.825539][ T5077] FAULT_INJECTION: forcing a failure.
[   69.825539][ T5077] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   69.839010][ T5077] CPU: 0 UID: 0 PID: 5077 Comm: syz.2.546 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   69.849610][ T5077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   69.859687][ T5077] Call Trace:
[   69.863063][ T5077]  <TASK>
[   69.866037][ T5077]  dump_stack_lvl+0xf2/0x150
[   69.870664][ T5077]  dump_stack+0x15/0x1a
[   69.874935][ T5077]  should_fail_ex+0x223/0x230
[   69.879725][ T5077]  should_fail_alloc_page+0xfd/0x110
[   69.885060][ T5077]  __alloc_pages_noprof+0x109/0x340
[   69.890344][ T5077]  alloc_pages_mpol_noprof+0xb8/0x260
[   69.895719][ T5077]  folio_alloc_mpol_noprof+0x36/0x70
[   69.901136][ T5077]  shmem_get_folio_gfp+0x3d1/0xd90
[   69.906317][ T5077]  shmem_write_begin+0xa2/0x180
[   69.911306][ T5077]  generic_perform_write+0x1a8/0x4a0
[   69.916626][ T5077]  shmem_file_write_iter+0xc2/0xe0
[   69.921833][ T5077]  vfs_write+0x77f/0x920
[   69.926154][ T5077]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   69.932042][ T5077]  ksys_write+0xe8/0x1b0
[   69.936328][ T5077]  __x64_sys_write+0x42/0x50
[   69.940953][ T5077]  x64_sys_call+0x287e/0x2dc0
[   69.945643][ T5077]  do_syscall_64+0xc9/0x1c0
[   69.950158][ T5077]  ? clear_bhb_loop+0x55/0xb0
[   69.954858][ T5077]  ? clear_bhb_loop+0x55/0xb0
[   69.959546][ T5077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.965463][ T5077] RIP: 0033:0x7f01eb8347df
[   69.969917][ T5077] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   69.989610][ T5077] RSP: 002b:00007f01e9ea6df0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   69.998033][ T5077] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f01eb8347df
[   70.006012][ T5077] RDX: 0000000000040000 RSI: 00007f01e1a87000 RDI: 0000000000000007
[   70.014022][ T5077] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000459
[   70.022008][ T5077] R10: 0000000020000442 R11: 0000000000000293 R12: 0000000000000007
[   70.030072][ T5077] R13: 00007f01e9ea6ef0 R14: 00007f01e9ea6eb0 R15: 00007f01e1a87000
[   70.038089][ T5077]  </TASK>
[   70.094957][ T5081] loop4: detected capacity change from 0 to 128
[   70.348558][ T5088] 9pnet_fd: Insufficient options for proto=fd
[   70.403380][ T5089] syzkaller0: entered promiscuous mode
[   70.408959][ T5089] syzkaller0: entered allmulticast mode
[   70.587524][ T5108] : port 1(team0) entered blocking state
[   70.593399][ T5108] : port 1(team0) entered disabled state
[   70.599786][ T5108] team0: entered allmulticast mode
[   70.604937][ T5108] team_slave_0: entered allmulticast mode
[   70.610791][ T5108] team_slave_1: entered allmulticast mode
[   70.666305][ T5108] team0: entered promiscuous mode
[   70.671806][ T5108] team_slave_0: entered promiscuous mode
[   70.677518][ T5108] team_slave_1: entered promiscuous mode
[   70.721087][ T5114] loop0: detected capacity change from 0 to 512
[   70.759764][ T5119] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[   70.769736][ T5114] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   70.852063][ T5126] loop3: detected capacity change from 0 to 128
[   71.126888][ T5114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.194726][ T5114] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.560: corrupted inode contents
[   71.208955][ T5114] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.560: mark_inode_dirty error
[   71.274086][ T5114] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.560: corrupted inode contents
[   71.304422][ T5145] IPv6: syztnl0: Disabled Multicast RS
[   71.330686][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.391975][ T5152] FAULT_INJECTION: forcing a failure.
[   71.391975][ T5152] name failslab, interval 1, probability 0, space 0, times 0
[   71.404727][ T5152] CPU: 0 UID: 0 PID: 5152 Comm: syz.4.572 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   71.415417][ T5152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.425554][ T5152] Call Trace:
[   71.428865][ T5152]  <TASK>
[   71.431851][ T5152]  dump_stack_lvl+0xf2/0x150
[   71.436530][ T5152]  dump_stack+0x15/0x1a
[   71.440704][ T5152]  should_fail_ex+0x223/0x230
[   71.445392][ T5152]  ? snd_seq_pool_new+0x32/0xd0
[   71.450251][ T5152]  should_failslab+0x8f/0xb0
[   71.454859][ T5152]  __kmalloc_cache_noprof+0x4e/0x320
[   71.460182][ T5152]  snd_seq_pool_new+0x32/0xd0
[   71.464956][ T5152]  snd_seq_fifo_resize+0x4c/0x1b0
[   71.470060][ T5152]  snd_seq_ioctl_set_client_pool+0x23f/0x4b0
[   71.476129][ T5152]  snd_seq_ioctl+0x169/0x2a0
[   71.480802][ T5152]  ? __pfx_snd_seq_ioctl+0x10/0x10
[   71.486027][ T5152]  __se_sys_ioctl+0xc9/0x140
[   71.490646][ T5152]  __x64_sys_ioctl+0x43/0x50
[   71.495303][ T5152]  x64_sys_call+0x1690/0x2dc0
[   71.500054][ T5152]  do_syscall_64+0xc9/0x1c0
[   71.504567][ T5152]  ? clear_bhb_loop+0x55/0xb0
[   71.509299][ T5152]  ? clear_bhb_loop+0x55/0xb0
[   71.514086][ T5152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.520072][ T5152] RIP: 0033:0x7f290a305d29
[   71.524493][ T5152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.544188][ T5152] RSP: 002b:00007f2908977038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   71.552732][ T5152] RAX: ffffffffffffffda RBX: 00007f290a4f5fa0 RCX: 00007f290a305d29
[   71.560737][ T5152] RDX: 0000000020000040 RSI: 000000004058534c RDI: 0000000000000003
[   71.568834][ T5152] RBP: 00007f2908977090 R08: 0000000000000000 R09: 0000000000000000
[   71.576856][ T5152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.584838][ T5152] R13: 0000000000000000 R14: 00007f290a4f5fa0 R15: 00007ffd63197bc8
[   71.592893][ T5152]  </TASK>
[   71.633438][ T5148] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[   71.694671][ T5164] vlan2: entered allmulticast mode
[   71.785908][ T5174] lo speed is unknown, defaulting to 1000
[   71.864189][ T5180] loop3: detected capacity change from 0 to 8192
[   71.941763][ T5187] __nla_validate_parse: 36 callbacks suppressed
[   71.941804][ T5187] netlink: 28 bytes leftover after parsing attributes in process `syz.0.584'.
[   71.957065][ T5187] tipc: Started in network mode
[   71.962007][ T5187] tipc: Node identity 7, cluster identity 5
[   71.968002][ T5187] tipc: Node number set to 7
[   72.040284][ T5199] lo speed is unknown, defaulting to 1000
[   72.288885][ T5213] uprobe: syz.3.593:5213 failed to unregister, leaking uprobe
[   72.306153][ T5216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.594'.
[   72.348180][ T5219] loop2: detected capacity change from 0 to 2048
[   72.354864][ T5219] EXT4-fs: Ignoring removed nomblk_io_submit option
[   72.369474][ T5219] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.427467][ T5224] loop3: detected capacity change from 0 to 128
[   72.441740][ T5225] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[   72.456464][ T5225] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[   72.469106][ T5225] EXT4-fs (loop2): This should not happen!! Data will be lost
[   72.469106][ T5225] 
[   72.478863][ T5225] EXT4-fs (loop2): Total free blocks count 0
[   72.484879][ T5225] EXT4-fs (loop2): Free/Dirty block details
[   72.490865][ T5225] EXT4-fs (loop2): free_blocks=4096
[   72.496113][ T5225] EXT4-fs (loop2): dirty_blocks=16
[   72.501292][ T5225] EXT4-fs (loop2): Block reservation details
[   72.507305][ T5225] EXT4-fs (loop2): i_reserved_data_blocks=1
[   72.537212][ T5231] loop3: detected capacity change from 0 to 512
[   72.544157][ T5231] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   72.580052][ T5231] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.597143][ T5231] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.599: corrupted inode contents
[   72.609615][ T5231] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.599: mark_inode_dirty error
[   72.621248][ T5231] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.599: corrupted inode contents
[   72.649585][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.672088][ T5237] netlink: 56 bytes leftover after parsing attributes in process `syz.3.601'.
[   72.681626][ T5237] netlink: 16 bytes leftover after parsing attributes in process `syz.3.601'.
[   72.696441][ T5237] netlink: 12 bytes leftover after parsing attributes in process `syz.3.601'.
[   72.814199][ T5249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.607'.
[   72.915345][ T5260] netlink: 96 bytes leftover after parsing attributes in process `syz.3.611'.
[   72.953473][ T5263] loop0: detected capacity change from 0 to 512
[   72.980209][ T5263] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   73.009826][ T5267] pim6reg1: entered promiscuous mode
[   73.015321][ T5267] pim6reg1: entered allmulticast mode
[   73.071129][ T5263] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.089358][ T5263] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.612: corrupted inode contents
[   73.101355][ T5263] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.612: mark_inode_dirty error
[   73.114140][ T5263] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.612: corrupted inode contents
[   73.221690][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.255638][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.288273][ T5276] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   73.296514][ T5276] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   73.311000][ T5280] loop2: detected capacity change from 0 to 512
[   73.376002][ T5285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.620'.
[   73.443082][ T5280] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.455794][ T5280] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.486827][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.587294][ T5299] loop4: detected capacity change from 0 to 512
[   73.659258][ T5299] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.697626][ T5299] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.863856][ T5310] syz.0.627: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   73.878422][ T5310] CPU: 1 UID: 0 PID: 5310 Comm: syz.0.627 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   73.889101][ T5310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   73.899194][ T5310] Call Trace:
[   73.902492][ T5310]  <TASK>
[   73.905441][ T5310]  dump_stack_lvl+0xf2/0x150
[   73.910080][ T5310]  dump_stack+0x15/0x1a
[   73.914273][ T5310]  warn_alloc+0x145/0x1b0
[   73.918625][ T5310]  ? __schedule+0x6fa/0x930
[   73.923227][ T5310]  ? __vmalloc_node_range_noprof+0x88/0xe80
[   73.929152][ T5310]  __vmalloc_node_range_noprof+0xaa/0xe80
[   73.934894][ T5310]  ? __pfx_futex_wake_mark+0x10/0x10
[   73.940214][ T5310]  ? __rcu_read_unlock+0x4e/0x70
[   73.945170][ T5310]  ? avc_has_perm_noaudit+0x1cc/0x210
[   73.950574][ T5310]  ? should_fail_ex+0x31/0x230
[   73.955363][ T5310]  ? xskq_create+0x36/0xd0
[   73.959790][ T5310]  ? should_failslab+0x8f/0xb0
[   73.964603][ T5310]  vmalloc_user_noprof+0x59/0x70
[   73.969660][ T5310]  ? xskq_create+0x79/0xd0
[   73.974101][ T5310]  xskq_create+0x79/0xd0
[   73.978419][ T5310]  xsk_init_queue+0x82/0xd0
[   73.983023][ T5310]  xsk_setsockopt+0x388/0x520
[   73.987720][ T5310]  ? __pfx_xsk_setsockopt+0x10/0x10
[   73.993023][ T5310]  __sys_setsockopt+0x187/0x200
[   73.997890][ T5310]  __x64_sys_setsockopt+0x66/0x80
[   74.003044][ T5310]  x64_sys_call+0x282e/0x2dc0
[   74.007743][ T5310]  do_syscall_64+0xc9/0x1c0
[   74.012310][ T5310]  ? clear_bhb_loop+0x55/0xb0
[   74.016999][ T5310]  ? clear_bhb_loop+0x55/0xb0
[   74.021706][ T5310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.027661][ T5310] RIP: 0033:0x7fd680b35d29
[   74.032215][ T5310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.051857][ T5310] RSP: 002b:00007fd67f1a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   74.060347][ T5310] RAX: ffffffffffffffda RBX: 00007fd680d25fa0 RCX: 00007fd680b35d29
[   74.068327][ T5310] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[   74.076356][ T5310] RBP: 00007fd680bb1b08 R08: 0000000000000004 R09: 0000000000000000
[   74.084507][ T5310] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[   74.092582][ T5310] R13: 0000000000000000 R14: 00007fd680d25fa0 R15: 00007ffd90a81bd8
[   74.100679][ T5310]  </TASK>
[   74.103768][ T5310] Mem-Info:
[   74.107068][ T5310] active_anon:26635 inactive_anon:0 isolated_anon:0
[   74.107068][ T5310]  active_file:16809 inactive_file:2015 isolated_file:0
[   74.107068][ T5310]  unevictable:0 dirty:472 writeback:0
[   74.107068][ T5310]  slab_reclaimable:2908 slab_unreclaimable:14863
[   74.107068][ T5310]  mapped:34486 shmem:22375 pagetables:863
[   74.107068][ T5310]  sec_pagetables:0 bounce:0
[   74.107068][ T5310]  kernel_misc_reclaimable:0
[   74.107068][ T5310]  free:1877254 free_pcp:1991 free_cma:0
[   74.152131][ T5310] Node 0 active_anon:106540kB inactive_anon:0kB active_file:67236kB inactive_file:8060kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:137944kB dirty:1888kB writeback:0kB shmem:89500kB writeback_tmp:0kB kernel_stack:3056kB pagetables:3452kB sec_pagetables:0kB all_unreclaimable? no
[   74.180175][ T5310] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   74.207057][ T5310] lowmem_reserve[]: 0 2866 7844 0
[   74.212232][ T5310] Node 0 DMA32 free:2950376kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953908kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[   74.229313][   T29] kauditd_printk_skb: 462 callbacks suppressed
[   74.229334][   T29] audit: type=1400 audit(2000000004.600:3571): avc:  denied  { watch watch_reads } for  pid=5308 comm="syz.0.627" path="/proc/254" dev="proc" ino=10857 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   74.240694][ T5310] lowmem_reserve[]: 0 0 4978 0
[   74.274573][ T5310] Node 0 Normal free:4543280kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:106540kB inactive_anon:0kB active_file:67236kB inactive_file:8060kB unevictable:0kB writepending:1888kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:4164kB local_pcp:1288kB free_cma:0kB
[   74.304864][ T5310] lowmem_reserve[]: 0 0 0 0
[   74.309611][ T5310] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   74.322358][ T5310] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 4*16kB (M) 6*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950376kB
[   74.338686][ T5310] Node 0 Normal: 130*4kB (UME) 9*8kB (U) 47*16kB (U) 42*32kB (UE) 22*64kB (UME) 6*128kB (UM) 16*256kB (UME) 10*512kB (UME) 17*1024kB (UME) 9*2048kB (UME) 1097*4096kB (UM) = 4543232kB
[   74.357103][ T5310] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   74.366506][ T5310] 41198 total pagecache pages
[   74.371210][ T5310] 0 pages in swap cache
[   74.375455][ T5310] Free swap  = 124596kB
[   74.379649][ T5310] Total swap = 124996kB
[   74.383885][ T5310] 2097051 pages RAM
[   74.387696][ T5310] 0 pages HighMem/MovableOnly
[   74.392430][ T5310] 80182 pages reserved
[   74.413024][ T5316] loop3: detected capacity change from 0 to 512
[   74.450783][ T5316] EXT4-fs (loop3): fragment/cluster size (2048) != block size (4096)
[   74.459260][ T5309] ==================================================================
[   74.467376][ T5309] BUG: KCSAN: data-race in rxrpc_input_call_event / rxrpc_send_data
[   74.475574][ T5309] 
[   74.477901][ T5309] write to 0xffff888114d64274 of 4 bytes by task 5319 on cpu 1:
[   74.485552][ T5309]  rxrpc_input_call_event+0x8ef/0x12e0
[   74.491043][ T5309]  rxrpc_io_thread+0x30e/0x1fb0
[   74.495950][ T5309]  kthread+0x1d1/0x210
[   74.500033][ T5309]  ret_from_fork+0x4b/0x60
[   74.504631][ T5309]  ret_from_fork_asm+0x1a/0x30
[   74.509417][ T5309] 
[   74.511749][ T5309] read to 0xffff888114d64274 of 4 bytes by task 5309 on cpu 0:
[   74.519305][ T5309]  rxrpc_send_data+0x889/0x1820
[   74.524210][ T5309]  rxrpc_do_sendmsg+0xb92/0xc30
[   74.529083][ T5309]  rxrpc_sendmsg+0x417/0x520
[   74.533812][ T5309]  __sock_sendmsg+0x140/0x180
[   74.538513][ T5309]  ____sys_sendmsg+0x312/0x410
[   74.543552][ T5309]  __sys_sendmsg+0x19d/0x230
[   74.548164][ T5309]  __x64_sys_sendmsg+0x46/0x50
[   74.552949][ T5309]  x64_sys_call+0x2734/0x2dc0
[   74.557663][ T5309]  do_syscall_64+0xc9/0x1c0
[   74.562183][ T5309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.568128][ T5309] 
[   74.570458][ T5309] value changed: 0x00000001 -> 0x00000002
[   74.576184][ T5309] 
[   74.578554][ T5309] Reported by Kernel Concurrency Sanitizer on:
[   74.584815][ T5309] CPU: 0 UID: 0 PID: 5309 Comm: syz.4.624 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   74.595421][ T5309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   74.605501][ T5309] ==================================================================
[   74.614354][   T29] audit: type=1400 audit(2000000004.940:3572): avc:  denied  { setattr } for  pid=5298 comm="syz.4.624" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   74.717499][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.