last executing test programs:

3.301769604s ago: executing program 0 (id=2239):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
chdir(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000001500)='generic_add_lease\x00'}, 0x18)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d)
close_range(r0, r1, 0x0)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x18000000000002a0, 0xb, 0x0, &(0x7f0000000240)="060043076003008cb89e08", 0x0, 0x5, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
ftruncate(r2, 0x2007ffc)
syz_clone3(&(0x7f00000016c0)={0x200000000, &(0x7f00000014c0), &(0x7f0000001540), &(0x7f00000015c0)=<r5=>0x0, {0x5}, &(0x7f0000001600)=""/8, 0x8, &(0x7f0000001640)=""/11, &(0x7f0000001680)=[0xffffffffffffffff, 0x0], 0x2, {r2}}, 0x58)
ptrace(0x8, r5)
sendfile(r2, r2, 0x0, 0x800000009) (fail_nth: 11)

3.118392997s ago: executing program 0 (id=2244):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="060000000400000099000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xf7}, 0x18)
mbind(&(0x7f0000bdf000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x2, 0x0)

3.026115159s ago: executing program 0 (id=2247):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lsm_list_modules(&(0x7f0000002600)=[0x0, 0x0], &(0x7f0000000000)=0x10, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
sendmmsg$inet(r0, &(0x7f0000001c00)=[{{&(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10, 0x0}}], 0x1, 0xf00)
r1 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f00000001c0)='.\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000100)={{}, {}, [{0x2, 0x2}], {0x4, 0x5}, [], {}, {0x20, 0x1}}, 0x2c, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xb00000, &(0x7f00000002c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@init_itable_val={'init_itable', 0x3d, 0x80}}, {@acl}], [{@pcr={'pcr', 0x3d, 0x34}}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@fowner_gt={'fowner>', 0xee01}}, {@uid_lt}, {@fowner_lt}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@uid_eq}, {@subj_type}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000480))
geteuid()
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=ANY=[@ANYRESOCT=r1, @ANYBLOB="2b3484d13cbc97f45b10dd7f8dcb476a0c0297b20f136731f39babaa7a379c43567d77d5db077c65e5d4552ba63bc57d0f16eaab0cbaeea3554d0a7c14f8accc074f6df9aa8dd139e2956c819b0b5fb17746fb96a2bed9167f174bdae399db263f4385332738764ddcbfe5eb75537628cc0e7f37377e93fb24d926465440b30ed97500e2cd86fca245410f7f23b74d09824b57ba9803b7fda2d2516f6cbcad0e453f3c7b3292be4c7c20481a13e9b39b8d8f8a3056e92f00e538a83a082c10b6b45a1776687d38877012b3de653a7e5f40765ffa79db4eff23ddbde3ea9796c64cdf0922880e244a6ae0ad9c8e35f8ba6815c734dc320066e15f4832fd7a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001280)=ANY=[@ANYBLOB="280000002100050100000000000000000200000000000000010001000c001400", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="98633c73eba3c8d2c6bd31d2750aa67829bea246fff6d6e74692b5ea0b4f187aa419eb0e8708a4528df196ec1a8da4c934b92e8f7be45e3e57ec174b1354671f2c516c9f8e825193013428f9400a79b58b43f3fd1646622e38342772ca46923594db3fdd9d34ecb9a1b7c430c6b4a5eb8af1474338265b97fc670b5191c6d57903631da0db3f5071f61246a0838a30d20a5fc44e288a5cd83800557f"], 0x28}}, 0x0)

2.749272963s ago: executing program 0 (id=2255):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x54000800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x6c, r1, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xfffffffb}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x14}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xb}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000cd5914b603ff80892c342b774ac8aead00000000004bc204964cb73ed5891c3b0b44bd317c6106de69b4d930b564d88bf3173deae1224c2bba9644a3a428ac462b77d5addd0175a70f9470a19492c8e4f8f0fdb9370de25088b5018f88916822f3c94f7638f3b4e44ba7d443335e1b2f7b167a7ea01193cc4ad4f379b113dde4ea498b1ef82ff6ec7aef7114f79ca519deef8cd11ad3a75d9cc33e6bea8007ed181f98f6efefa4c03efc21f4"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb}, {0x65}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0x4, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x7, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r4, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r4, 0x47f6, 0x0, 0x2, 0x0, 0x0) (fail_nth: 3)
r7 = openat$selinux_policy(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r7, 0x0)
truncate(0x0, 0xffffffffffffffff)
socket$can_bcm(0x1d, 0x2, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SCSI_IOCTL_GET_PCI(r2, 0x5393, &(0x7f0000000000))

2.431321039s ago: executing program 0 (id=2262):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000706000000080010000000000000002c000000000000dc0f8e4fef44826c4ad85f42388729b8989af844df4f56d433012dd5bbc9942376c79dad687aa2a1946c68967a5366c9c6122efe5658ba59a67d4b99296d04c392354646ab306ca9ce5ef23d08398b8a29794bb91b13ebf87e17991f0c86339fbe5a5840", @ANYRES32=0x1, @ANYBLOB="ff27070200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000080)='./control\x00', 0x2)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0d00000002000000040000000640000005000000", @ANYRES32=r0, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\b\x00'/28], 0x50)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000100)={'syztnl1\x00', <r2=>0x0, 0x2f, 0x0, 0x3, 0x2, 0x16, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote, 0x80, 0x1, 0xf8a, 0x7}})
r3 = creat(&(0x7f0000000180)='./file1\x00', 0x182)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r6, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000005c0)={0x14, 0x1, 0x2, 0x3, 0x0, 0x0, {0x0, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
move_mount(r3, &(0x7f0000000500)='./file0\x00', r5, &(0x7f0000000580)='./bus\x00', 0x0)
r7 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000240), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x5, 0x1cb4deac, 0x5, 0x50000, r0, 0x3, '\x00', r2, r3, 0x2, 0x3, 0x2, 0x0, @void, @value, @value=r7}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x1}}]}}, 0x0, 0x5a}, 0x28)
socket$packet(0x11, 0xa, 0x300)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (fail_nth: 4)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="0209fd020b00000028bd7000fbdbdf2709001800"], 0x58}}, 0x44804)

1.701691831s ago: executing program 0 (id=2268):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000001080)='./file1\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") (async, rerun: 32)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) (rerun: 32)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0x19, 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @b}})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) (async)
r2 = syz_io_uring_setup(0x6, &(0x7f0000000380)={0x0, 0xace5, 0x8, 0x0, 0x1b2}, &(0x7f0000000000), &(0x7f0000000400))
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f00000004c0), 0x1)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f00000000c0)={0x2, 0x2, 0x401, 0x401})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001600"], 0x20}}, 0x40816) (async)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4004) (async, rerun: 32)
dup(0xffffffffffffffff) (rerun: 32)
acct(&(0x7f0000000080)='./file1\x00')

1.523028294s ago: executing program 1 (id=2275):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x1, 0x803, 0x0)
r1 = accept4$packet(r0, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000001c0)=0x14, 0x80800)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
sched_setscheduler(0x0, 0x5, &(0x7f0000000480))
ioprio_set$pid(0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r4 = creat(0x0, 0x6)
r5 = shmget(0x0, 0x1000, 0x100, &(0x7f0000ffd000/0x1000)=nil)
shmctl$IPC_RMID(r5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x2c060000)
unshare(0x2c020400)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x141042, 0x0)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x11, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x0, 0x6, 0x62, &(0x7f0000000340)=""/98, 0x41000, 0x40, '\x00', r2, 0x25, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=[r3], 0x0, 0x10, 0x19}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
read$rfkill(r6, &(0x7f0000000040), 0x8)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r9 = socket(0x10, 0x3, 0x0)
write(r9, &(0x7f0000000580)="24ffa6001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)
bpf$MAP_CREATE(0x0, 0x0, 0x50)

1.433781566s ago: executing program 4 (id=2278):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vxcan1\x00', <r0=>0x0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000000)=@raw=[@map_idx, @map_idx={0x18, 0x5, 0x5, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}], &(0x7f0000000040)='syzkaller\x00', 0x8001, 0xfc, &(0x7f0000000080)=""/252, 0x41000, 0x14, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x8, 0x1}, 0x8, 0x10, &(0x7f00000001c0)={0x4, 0xd, 0x7f, 0x8}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)=[{0x5, 0x4, 0x6, 0x4}], 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0xfffffffffffffff9}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r3, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x30}, 0x0, 0x24040000})
io_uring_enter(r4, 0x3516, 0x0, 0x4, 0x0, 0x0)
r7 = getpid()
unshare(0x2c020400)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000640)=ANY=[], 0x0, 0x243, &(0x7f0000000840)="$eJzs3c9qE1scB/DfJGmb3rtIFnd1uXAHdOGqtH2CFKkgdqVkoS602BYkCQULgVYxdOUT+CQ+hxvfwAcQutNFYWQyadNC1Abzp9TPZ5MDM9/z+53khKzm5Pl/ndbO/sHe8ZvPUa0mUWpEIzmJqEcpcksBANw037IsTrLCeMlKaVo9AQDTdcXf/+UZtgQATNmjx08ebGxtbT5M02pE5123mUTxWlzf2IuX0Y7dWI1anEZk54rxvftbm1FJc/W43el1m3my8+zjYP6NLxH9/FrUoj46v5YWLuR73eZC/DWo38jz61GLf0bn10fko7kYd25d6H8lavHpRexHO3Yizw7zb9fS9G72/uvrp3nHeT7pdZtL/fuGsvLMPxwAAAAAAAAAAAAAAAAAAAAAAG6slTRN0yz7kGVZ1rt0/k75tH99JT1Tv3w+T5EfcT5QuT/XhfN1VvMSSXH/MF+JfytRmefaAQAAAAAAAAAAAAAAAAAA4Lo4ODxqbbfbu68mOjh7rH/yM//uIMqD1tpJxDXopz9YzvuZTa3/Y8xajTFLROnwqHW2u1rbSfwiVZ3SJslGbL/yD1OLE6q++PdkV5FExML5m/mzm0uxMOFvCgAAAAAAAAAAAAAAAAAAMGPDh35HXDyeQ0MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAfD//8fY9AbhK+YmvMSAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+AN8DwAA//8oAXoy")
r8 = syz_pidfd_open(r7, 0x0)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@ipv6_deladdrlabel={0x38, 0x49, 0x1, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x80, 0x0, r12, 0xfffffff9}, [@IFAL_LABEL={0x8}, @IFAL_ADDRESS={0x14, 0x1, @loopback}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008840}, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="100000001b1401", @ANYRESHEX=r6, @ANYRESHEX=r6, @ANYRESOCT=r9, @ANYRES8=r10], 0x10}}, 0x44090)
setns(r8, 0x8020000)

1.383366067s ago: executing program 2 (id=2279):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

1.379448997s ago: executing program 2 (id=2280):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1d, 0xa, 0x7)
socket(0x1d, 0x2, 0x6)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r2=>0x0})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/19], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sync()
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
io_setup(0x7, &(0x7f0000000280)=<r8=>0x0)
r9 = openat$sysfs(0xffffff9c, &(0x7f00000001c0)='/sys/power/pm_trace', 0x42, 0x0)
io_submit(r8, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r9, &(0x7f0000000000), 0xfffffc98}])
socket$packet(0x11, 0x3, 0x300)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000340)={@cgroup, r10, 0x2f, 0x10, 0x4}, 0x20)

1.230850099s ago: executing program 1 (id=2281):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000007000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="00b83c036300"/20, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xfffffffffffffdcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0xffffffffff600000, &(0x7f0000afaf0a)=""/246)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001140), 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000001c0)='cpu&00\t&&')
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0)
r5 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x700000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000180), &(0x7f0000000000)=r5}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_setup(0x24c, &(0x7f0000000840)={0x0, 0xaee7, 0x400, 0x3, 0xbfdffffc}, &(0x7f0000000000)=<r9=>0x0, &(0x7f00000000c0)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x3, r8, 0x0, 0x0, 0x0, 0x80000})

1.144195401s ago: executing program 4 (id=2282):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfcfa, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x0, 0x2d, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4}}}, 0x24}}, 0x50)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
r3 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)

1.122333031s ago: executing program 1 (id=2283):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000000)) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000007000000080000000500000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00\x00\x00\x00\x00\x00'], 0x50) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) (async)
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f0000000600)) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x63, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0xfff7, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3000007, 0x4082172, 0xffffffffffffffff, 0x0) (async, rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) (rerun: 32)

1.112284911s ago: executing program 3 (id=2284):
r0 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x800000001fe, 0x40802)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140)={0x0, r0}, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095ab8be74d11005d6c777a1d9aee7fa3b8912e6c766849af834b75552e68034dd6a53efdc153c2c2604a5de899e4d841888e9e17516ba01bc59aefb230f2f996b8a6b1ab157d6af3096d4e2c3ece251d0fe57a7c5e5e619d01002bedadb83f4ea9c60e39ab16a13874629f2b359f9fee41e980adea4b775582f7823416ba6782fb3d3bbecd8968fbe667940dc87e62c3bff6f0190d4ff021058df740b2cebff413bed6c3ba3f4f0983e2f1c3ae97a98af7b91ce87e862608344df6a73dba1a0f04838108eb6aba5f6362cd928052636a24aff666f110ff8ce5f604025bff0bfd1af20c41715df235766d10bfd2c6aa1a5ba41eb8e408042e83e449b413ff63114e79b6f138a64b2aa807bb8f8161909236b656bad9f087bc31e2c8eb1319056ce70fcc36f0ffa5f6004bb2d09f488c8d4920f04f5406c830d23508a206b45ad241a895fa06befed3c245b2afad4a88f83789c9f7d653506724bd2d7abaad4bd26a539c8422103fbc3b00"], &(0x7f00000000c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0xe1002)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYRES16=r3], 0x10)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r3, <r5=>0xffffffffffffffff}, &(0x7f0000000500), 0x0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
unshare(0x22020600)
clock_settime(0x5, &(0x7f0000000180)={0x0, 0x989680})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x10)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)
close_range(r7, 0xffffffffffffffff, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00')
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0xa, 0x27, &(0x7f0000000d00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_val={0x18, 0x4, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r10}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x9, 0x1000, &(0x7f0000001ec0)=""/4096, 0x41000, 0xe4f4884209e876dc, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x1, &(0x7f0000000f40)=[r3, r5, r6], &(0x7f0000000f80)=[{0x0, 0x3, 0x3, 0x4}], 0x10, 0x8}, 0x94)

1.067169132s ago: executing program 4 (id=2285):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000009c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r4 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000000))
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000001c0)=<r5=>0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0xfffffffffffffffd}, 0x18)
dup(0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000000201010300000000000000000500000314001980"], 0x28}, 0x1, 0x0, 0x0, 0x44080}, 0x4)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0}, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000040)=@sr0, r8, &(0x7f00000002c0)='./file0/file1\x00')
r10 = getegid()
r11 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r12}, 0x10)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in=@multicast2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in=@empty}, 0x0, @in=@remote}}, &(0x7f0000000340)=0xe8)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, <r14=>0x0}, 0x2000)
getresgid(&(0x7f00000005c0), &(0x7f0000000600), &(0x7f0000000640))
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0xa1400, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r12, @ANYRES64, @ANYRESHEX=r13, @ANYBLOB=',access=', @ANYRESDEC=r14, @ANYBLOB=',dfltgid=', @ANYRES64=r2, @ANYRES32=<r15=>0x0])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r16=>r2, {0xee01, <r17=>0x0}}, './file0\x00'})
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000600)={'\x00', 0x9, 0x8, 0x0, 0x81, 0xffffffffffffffa8, <r18=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}, 0x0)
r20 = accept$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000700))
sendmsg$unix(r4, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000140)=[{&(0x7f00000000c0)="ce9de01492ccd8c5c638ee19b17af5cf0adb7925dd574e19a4b9530f878bb7a039735398651bdda3c107772c1952f51f585995936b3367578fc04475057dde", 0x3f}, {&(0x7f0000000340)="747a45986ce377cf963efb78ff4dca7b4e2b7d3ec6d4ef07a97df2c7c5c9cfa52b452cfeb38173127030331ada172e5730c64b9bd049a59c16da4746224a4c677a159d6a402a8ddd85b18bf6f542a072c71137dd5978e331e639fa47e84f5b3cb30d11914a9f35", 0x67}], 0x2, &(0x7f0000000a00)=ANY=[@ANYBLOB="24000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=r2, @ANYRES32=r15, @ANYRES32=r3, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r5, @ANYRES32=r8, @ANYRES32=r10, @ANYRES8=r9, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r11, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=r13, @ANYRES32=r17, @ANYBLOB="00000000050000000000d0705693ab732a000081", @ANYRES32=r18, @ANYRES32=0x0, @ANYRES32=r19, @ANYRESOCT=r16, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r20], 0xe8, 0x20004001}, 0x8c0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r21 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r21, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

1.017697273s ago: executing program 1 (id=2286):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
flistxattr(0xffffffffffffffff, 0x0, 0x2)

993.781783ms ago: executing program 4 (id=2287):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000001c0)={[{@grpid}, {@auto_da_alloc}, {@minixdf}, {@noinit_itable}, {@init_itable}]}, 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ////8+wKHhUtID7hAOjFcXV2f8+nMsBIBLl3r/n+/A3mcLMBIKfY1AhAYZf/3/f9zpelDJQQAAAzcdGtKCqXs673pKBRKpYibrZ8FKCZrG9XKfEQ8ERG/nSlea9YXWlsm514zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAIy0iMKfkl+2n+U/N/P8dPf3AxPJv1o/CTwREW/98I3v311uNHYXmsv/drS88YNs+YvD+AYDAAAA6Na5Tm/N/znsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNe89eHulM/Xx8qlBxf3LFyJiNi/+eEy25pNRjIjrf09i/MR2SUSMDSD+4b2I+Ghe/KSZ1lHIvPiDeBPOiR+z2buQF//GAOLDVXa/efx5La//FeLZ1jy//41H/E/9g+p9/Iuj499Yj/5/s88YT73zs3LP+PcinhrPP/504ic94j/XZ/yvf+3goNe69EcRc53Pn9YR72SE41K5sbVTru8f3N7YWl6vrFe2FxcXXl56Zemlpfny2ka1kv2bG+M7T//8/bPafz338y/Jsund/udz9pf3mfSfd+4++HCncng6/q3ncuL/6sfZK07HL2RxPpWVm+vnOuXDdvmkZ376m2fOav/qcfuLD/P/f6vXTrud6ihP9/unAwBcgPr+weZytVrZHdlC8yr9EUhD4REsfGugO0zTNG32qZxV9yOin/0kMeCWFvLzOS70PAIM+8gEAAAM2vFJ/7AzAQAAAAAAAAAAAAAAAAAAgKvrMp6y1h3z+BHIySAeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/DQAA///dpdP7")

937.108354ms ago: executing program 1 (id=2288):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
statx(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x6a0, &(0x7f0000000080))
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9)
syz_open_dev$usbfs(&(0x7f0000000180), 0x2, 0x200000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004944)
sendmsg$NFT_BATCH(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
r4 = gettid()
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r5, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r6=>0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = syz_open_procfs(r7, &(0x7f0000000000)='map_files\x00')
timer_settime(r6, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r9 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r9, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
r10 = dup(0xffffffffffffffff)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f0000019240)='macvlan0\x00', 0x10)
write$P9_RLERRORu(r10, &(0x7f00000000c0)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00', @ANYBLOB="fe4cecb210"], 0x53)
memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x800000, &(0x7f0000019200)=ANY=[@ANYBLOB='{\x00\x00\x00\x00\x00\x00\x00,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno', @ANYBLOB])
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_read_part_table(0x104f, &(0x7f0000001dc0)="$eJzsz7sNwkAQBNA5/JEJ6IGm6AcHtEJACyR0RAcYnX0BDSCE9F6wq52b5MJP3fd1dkmpe0qGJY9Sr/6jdaitea1k17JlyJCpP16nrp6v7TVl3Paz1VqceZ3nfrx0pYUlp9u3/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/+AdAAD//zvjCaY=")
socket$inet_smc(0x2b, 0x1, 0x0)

916.230135ms ago: executing program 3 (id=2289):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x3, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0xc0}]}, &(0x7f0000001680)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000001c0)="9e36d449b388dd965f7ade1a96dd", 0x0, 0x10700, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESHEX=r2], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
r9 = socket(0x2, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x4, 0x6, 0x6}]}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000200)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd689a14400010212cfc010000000000000000000000000001ff0100000000000000000000000200014e234e2104319078b440d7350316f8b1"], 0x0)
connect$phonet_pipe(r8, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10)
ioctl$SIOCPNENABLEPIPE(r8, 0x89ed, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x4000054)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r12 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r12, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

897.511185ms ago: executing program 4 (id=2290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @b}})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c)
sendto$inet6(r2, &(0x7f0000000000)='\x00', 0x1, 0x8000, &(0x7f000005ffe4)={0xa, 0x4e23, 0x5, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000580)={0x41, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xe)
recvmmsg(r2, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000840)=""/150, 0x96}], 0x1}, 0x2}], 0x1, 0x40000040, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
gettid()
timer_create(0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

716.772858ms ago: executing program 3 (id=2291):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
r1 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000008c0))
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f00000001c0)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000400000000000010000000f1ff0000000000000000000000005069392a7d564fc7fd1c1e63e72ce96a8ef470fcf3413d630e434a685ed9107b535908be66faf7566c5cb1dd5b97ee57645e1be0552f6baaf0d206ed27b19028ab6212e8afe4fb3b0ee6b2c0af0ef84d1ca2bf0884006df5a086fa2855845066be5b68ad92701763ef7bffe99cf6feab83e3db"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, 0x0, 0x2, 0x0, 0x0, 0x0)

692.684738ms ago: executing program 3 (id=2292):
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/ipc\x00')
openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/ipc\x00')
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x0, 0x100c40, 0x5, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x28, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x7, 0x3})
socket$rds(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
memfd_create(&(0x7f0000000100)='GPL\x00', 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffb, 0x0, 0x4)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @multicast2}}, 0x5, 0x0, 0xffffffff, 0x0, 0x20, 0x0, 0x2}, 0x9c)
syz_io_uring_setup(0x466c, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000001340)=<r2=>0x0, &(0x7f0000000140))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x2, 0x0, 0x1, 0x20, 0x1})
io_uring_enter(0xffffffffffffffff, 0x47fb, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x40010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)

627.30468ms ago: executing program 3 (id=2293):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000ec0)={0x20, r1, 0x2586ad4018a3b31b, 0x1, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x20}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x78}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r3)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r6, 0x0, 0x4ab}, 0x18)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r7=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}], 0x1, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r7}}], 0x20, 0x2400e044}, 0x0)

583.19733ms ago: executing program 3 (id=2294):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
statx(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x6a0, &(0x7f0000000080))
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9)
syz_open_dev$usbfs(&(0x7f0000000180), 0x2, 0x200000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004944)
sendmsg$NFT_BATCH(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
r4 = gettid()
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r5, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r6=>0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = syz_open_procfs(r7, &(0x7f0000000000)='map_files\x00')
timer_settime(r6, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r9 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r9, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
r10 = dup(0xffffffffffffffff)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f0000019240)='macvlan0\x00', 0x10)
write$P9_RLERRORu(r10, &(0x7f00000000c0)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00', @ANYBLOB="fe4cecb210"], 0x53)
memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x800000, &(0x7f0000019200)=ANY=[@ANYBLOB='{\x00\x00\x00\x00\x00\x00\x00,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno', @ANYBLOB])
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_read_part_table(0x104f, &(0x7f0000001dc0)="$eJzsz7sNwkAQBNA5/JEJ6IGm6AcHtEJACyR0RAcYnX0BDSCE9F6wq52b5MJP3fd1dkmpe0qGJY9Sr/6jdaitea1k17JlyJCpP16nrp6v7TVl3Paz1VqceZ3nfrx0pYUlp9u3/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/+AdAAD//zvjCaY=")

407.440383ms ago: executing program 2 (id=2295):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfcfa, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x0, 0x2d, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4}}}, 0x24}}, 0x50)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
r3 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)

375.481814ms ago: executing program 2 (id=2296):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX, @ANYRESOCT, @ANYRES8=0x0, @ANYRESHEX], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r3 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r3, 0xf, &(0x7f00000024c0)={0x1, 0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000240)=""/191, 0xbf}, {&(0x7f0000000140)=""/39}], 0x0}, 0x81)
r4 = fcntl$getown(r2, 0x9)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYRESOCT=r4], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r6 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r7 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r7, 0x4000)
fallocate(r6, 0x0, 0x0, 0x1000f4)
io_setup(0x5ff, &(0x7f0000000400)=<r8=>0x0)
io_submit(r8, 0x1ffffff0, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r7, &(0x7f0000000000)="96", 0xffffff20}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r6, 0x0, 0x0, 0xffffffffffffffff}])
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="180800ec0c0000000000000000000000180100002020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r10 = socket$igmp6(0xa, 0x3, 0x2)
r11 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r10, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})
write$tun(r9, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)
r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='ext4_lazy_itable_init\x00'}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, r12, 0x0, 0x14, &(0x7f00000001c0)='\x00'}, 0x11)
kcmp(r4, 0x0, 0x5, r1, r0)

158.234178ms ago: executing program 2 (id=2297):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfcfa, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x0, 0x2d, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4}}}, 0x24}}, 0x50)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

120.571148ms ago: executing program 2 (id=2298):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000005c0)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x42}, 0x33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r0, 0x0, 0x3ffff)
sendfile(r2, r0, 0x0, 0x7ffff000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000680)={0x0, 0x9}, &(0x7f0000000740)=0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r4}, 0x18)
r5 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r6 = add_key$keyring(&(0x7f0000000000), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, r5)
r7 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, r6)
r8 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, r7)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x18)
r11 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r11, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r11, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {0x0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x0}, 0x0, 0x0, r8)

60.456989ms ago: executing program 1 (id=2299):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
chdir(&(0x7f0000000400)='./file0\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x1d, &(0x7f0000000000)=0xfffffffd, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000740)={@multicast1, @loopback}, 0xc)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a0101"], 0x57)
setsockopt$inet_mreqsrc(r4, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet6_buf(r2, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4)
sendto$inet6(r2, &(0x7f0000001380)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac655644e3b90b6632c513a82b234f5810f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6533b95f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f20200000000000000fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cd7a7d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a649f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa004d7bc09decde7d704246e5102fb35eb91e772aebf9718d7cfcaf26fd1900d8775ef373e8e2c5bf3685f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b5125d84e1d52447f393fbdf7e1278a257eb153d6b6cf62cce0abee3b0b36bfbfcc397821c30f154aa903c53df2794d02ba4bf788f4e85364243d71526bca768e73e291185d80a5ed99bb", 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x0, @mcast2}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000380)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x20, 0x30, 0x0, 0x0, 0x1, 0x2, 0x0, @dev, @local}, {0x14, 0x0, 0x0, @rand_addr=0x64010102, "2fd1e616d0ada887e40ae9898efd19c0e9f24099"}}}}}, 0x0)
recvmmsg(r2, &(0x7f0000001340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

0s ago: executing program 4 (id=2300):
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/ipc\x00')
openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/ipc\x00')
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x0, 0x100c40, 0x5, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x28, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x7, 0x3})
socket$rds(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
memfd_create(&(0x7f0000000100)='GPL\x00', 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x6, 0x224}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffb, 0x0, 0x4)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @multicast2}}, 0x5, 0x0, 0xffffffff, 0x0, 0x20, 0x0, 0x2}, 0x9c)
syz_io_uring_setup(0x466c, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000001340)=<r5=>0x0, &(0x7f0000000140))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r5, r4, &(0x7f0000000000)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x2, 0x0, 0x1, 0x20, 0x1})
io_uring_enter(r2, 0x47fb, 0x0, 0x0, 0x0, 0x0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x40010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)

kernel console output (not intermixed with test programs):

emoved bh option
[  117.823536][ T7843] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.832090][ T7843] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  117.846427][ T7843] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  117.878105][ T7843] hub 2-0:1.0: USB hub found
[  117.882859][ T7843] hub 2-0:1.0: 8 ports detected
[  118.012315][ T7848] loop2: detected capacity change from 0 to 128
[  118.024328][ T7848] ext4 filesystem being mounted at /310/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  118.103442][ T7851] loop2: detected capacity change from 0 to 512
[  118.151590][ T7851] ext4 filesystem being mounted at /311/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  118.165762][ T7851] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1485: corrupted inode contents
[  118.186586][ T7851] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.1485: mark_inode_dirty error
[  118.199239][ T7851] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1485: corrupted inode contents
[  118.349893][ T7868] loop0: detected capacity change from 0 to 512
[  118.378508][ T7868] ext4: Unknown parameter 'mblk_io_submit"errors'
[  118.454723][ T7873] unsupported nla_type 52263
[  118.509293][ T7882] loop2: detected capacity change from 0 to 128
[  118.529746][ T7882] ext4 filesystem being mounted at /315/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  118.552599][ T7889] loop4: detected capacity change from 0 to 128
[  118.586199][ T7889] ext4 filesystem being mounted at /296/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  118.659899][ T7895] loop2: detected capacity change from 0 to 512
[  118.692994][ T7895] ext4 filesystem being mounted at /316/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  118.725096][ T7895] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1500: corrupted inode contents
[  118.746533][ T7895] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.1500: mark_inode_dirty error
[  118.767796][ T7895] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1500: corrupted inode contents
[  118.885588][ T7917] loop0: detected capacity change from 0 to 256
[  119.066136][ T7922] FAULT_INJECTION: forcing a failure.
[  119.066136][ T7922] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.079599][ T7922] CPU: 1 UID: 0 PID: 7922 Comm: syz.0.1510 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  119.079704][ T7922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.079720][ T7922] Call Trace:
[  119.079726][ T7922]  <TASK>
[  119.079733][ T7922]  __dump_stack+0x1d/0x30
[  119.079754][ T7922]  dump_stack_lvl+0xe8/0x140
[  119.079778][ T7922]  dump_stack+0x15/0x1b
[  119.079876][ T7922]  should_fail_ex+0x265/0x280
[  119.079916][ T7922]  should_fail+0xb/0x20
[  119.079949][ T7922]  should_fail_usercopy+0x1a/0x20
[  119.079983][ T7922]  _copy_to_user+0x20/0xa0
[  119.080072][ T7922]  simple_read_from_buffer+0xb5/0x130
[  119.080129][ T7922]  proc_fail_nth_read+0x100/0x140
[  119.080168][ T7922]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  119.080211][ T7922]  vfs_read+0x1a0/0x6f0
[  119.080244][ T7922]  ? __rcu_read_unlock+0x4f/0x70
[  119.080271][ T7922]  ? __fget_files+0x184/0x1c0
[  119.080297][ T7922]  ksys_read+0xda/0x1a0
[  119.080397][ T7922]  __x64_sys_read+0x40/0x50
[  119.080432][ T7922]  x64_sys_call+0x2d77/0x2fb0
[  119.080458][ T7922]  do_syscall_64+0xd2/0x200
[  119.080482][ T7922]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.080517][ T7922]  ? clear_bhb_loop+0x40/0x90
[  119.080543][ T7922]  ? clear_bhb_loop+0x40/0x90
[  119.080570][ T7922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.080591][ T7922] RIP: 0033:0x7f61c4e5d3bc
[  119.080654][ T7922] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  119.080677][ T7922] RSP: 002b:00007f61c34bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  119.080701][ T7922] RAX: ffffffffffffffda RBX: 00007f61c5085fa0 RCX: 00007f61c4e5d3bc
[  119.080717][ T7922] RDX: 000000000000000f RSI: 00007f61c34bf0a0 RDI: 0000000000000007
[  119.080730][ T7922] RBP: 00007f61c34bf090 R08: 0000000000000000 R09: 0000000000000000
[  119.080741][ T7922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  119.080752][ T7922] R13: 0000000000000000 R14: 00007f61c5085fa0 R15: 00007ffc9e817118
[  119.080841][ T7922]  </TASK>
[  119.351504][ T7924] loop3: detected capacity change from 0 to 128
[  119.368142][ T7924] ext4 filesystem being mounted at /299/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  119.479006][ T7935] loop0: detected capacity change from 0 to 512
[  119.499452][ T7935] ext4 filesystem being mounted at /261/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  119.570188][ T7935] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.1515: corrupted inode contents
[  119.668629][ T7935] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.1515: mark_inode_dirty error
[  119.691222][ T7946] loop3: detected capacity change from 0 to 512
[  119.741729][ T7935] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.1515: corrupted inode contents
[  119.765360][ T7946] ext4: Unknown parameter 'mblk_io_submit"errors'
[  119.870266][ T7955] __nla_validate_parse: 5 callbacks suppressed
[  119.870286][ T7955] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  119.956764][ T7964] sd 0:0:1:0: device reset
[  120.016435][ T7968] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1528'.
[  120.246628][ T7974] loop3: detected capacity change from 0 to 256
[  120.645307][ T8001] loop0: detected capacity change from 0 to 512
[  120.655164][ T8001] ext4: Unknown parameter 'mblk_io_submit"errors'
[  120.751467][ T8003] x_tables: duplicate underflow at hook 4
[  120.774411][ T8003] loop4: detected capacity change from 0 to 512
[  120.804891][ T8003] ext4: Unknown parameter 'fowner>00000000000000000000'
[  120.860887][ T8009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1545'.
[  120.887965][ T8009] netlink: 'syz.4.1545': attribute type 10 has an invalid length.
[  120.905904][ T8009] $Hÿ: (slave dummy0): Releasing backup interface
[  120.924403][ T8009] dummy0: left promiscuous mode
[  120.931676][ T8009] team0: Port device dummy0 added
[  120.938035][ T8009] netlink: 'syz.4.1545': attribute type 10 has an invalid length.
[  120.947668][ T8009] team0: Port device dummy0 removed
[  120.954121][ T8009] dummy0: entered promiscuous mode
[  121.005537][ T8009] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link
[  121.099672][ T8020] loop0: detected capacity change from 0 to 128
[  121.122865][ T8024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1551'.
[  121.149088][ T8020] ext4 filesystem being mounted at /275/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  121.295609][ T8037] 9pnet_fd: Insufficient options for proto=fd
[  121.376967][ T8045] loop1: detected capacity change from 0 to 512
[  121.389870][ T8052] netlink: 360 bytes leftover after parsing attributes in process `syz.3.1564'.
[  121.401482][ T8052] 9pnet_fd: Insufficient options for proto=fd
[  121.409242][ T8051] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1562'.
[  121.421306][ T8051] netlink: 'syz.2.1562': attribute type 10 has an invalid length.
[  121.432743][ T8051] netlink: 'syz.2.1562': attribute type 10 has an invalid length.
[  121.452390][ T8051] team0: Port device dummy0 removed
[  121.458973][ T8045] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1561: Failed to acquire dquot type 1
[  121.473022][ T8045] EXT4-fs (loop1): 1 truncate cleaned up
[  121.473423][ T8051] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  121.479924][ T8045] ext4 filesystem being mounted at /340/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.489799][ T8055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1565'.
[  121.510179][ T8056] loop3: detected capacity change from 0 to 128
[  121.538040][ T8056] ext4 filesystem being mounted at /310/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  121.562449][ T8055] vlan2: entered allmulticast mode
[  121.591139][ T8063] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1568'.
[  121.705119][ T8076] loop4: detected capacity change from 0 to 512
[  121.731309][ T8079] loop3: detected capacity change from 0 to 512
[  121.739098][ T8079] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.762381][ T8079] EXT4-fs: inline encryption not supported
[  121.768344][ T8079] EXT4-fs: Ignoring removed bh option
[  121.775748][ T8076] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.782402][ T8076] EXT4-fs: inline encryption not supported
[  121.788345][ T8076] EXT4-fs: Ignoring removed bh option
[  121.819602][ T8076] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.838199][ T8079] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.858892][ T8075] loop0: detected capacity change from 0 to 512
[  121.878655][   T29] kauditd_printk_skb: 536 callbacks suppressed
[  121.878673][   T29] audit: type=1326 audit(1753526577.277:12895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  121.883980][ T8086] loop2: detected capacity change from 0 to 512
[  121.884905][   T29] audit: type=1326 audit(1753526577.277:12896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  121.922939][ T8079] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  121.938213][   T29] audit: type=1326 audit(1753526577.277:12897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  121.957836][ T8076] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  121.970556][   T29] audit: type=1326 audit(1753526577.277:12898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  121.970589][   T29] audit: type=1326 audit(1753526577.277:12899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  121.980608][ T8075] EXT4-fs: Ignoring removed bh option
[  122.002936][   T29] audit: type=1326 audit(1753526577.277:12900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  122.055409][   T29] audit: type=1326 audit(1753526577.277:12901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  122.079348][ T8076] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  122.109213][ T8079] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  122.111541][   T29] audit: type=1326 audit(1753526577.277:12902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  122.119477][ T8075] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  122.140613][   T29] audit: type=1326 audit(1753526577.277:12903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  122.149674][ T8075] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  122.173093][   T29] audit: type=1326 audit(1753526577.277:12904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8085 comm="syz.2.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff875fe9a9 code=0x7ffc0000
[  122.193710][ T8086] ext4 filesystem being mounted at /329/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  122.213542][ T8079] hub 2-0:1.0: USB hub found
[  122.220528][ T8079] hub 2-0:1.0: 8 ports detected
[  122.226974][ T8086] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1575: corrupted inode contents
[  122.234237][ T8075] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  122.240257][ T8086] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.1575: mark_inode_dirty error
[  122.248894][ T8075] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  122.261386][ T8086] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1575: corrupted inode contents
[  122.340606][ T8102] loop2: detected capacity change from 0 to 256
[  122.372410][ T8103] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  122.378993][ T8103] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  122.386734][ T8103] vhci_hcd vhci_hcd.0: Device attached
[  122.392796][ T8107] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1580'.
[  122.405906][ T8107] vlan2: entered allmulticast mode
[  122.469841][ T8116] loop2: detected capacity change from 0 to 512
[  122.477601][ T8116] ext4: Unknown parameter 'mblk_io_submit"errors'
[  122.549784][ T8120] loop3: detected capacity change from 0 to 128
[  122.570607][ T8120] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1585'.
[  122.574639][ T3365] vhci_hcd: vhci_device speed not set
[  122.644549][ T3365] usb 1-1: new full-speed USB device number 6 using vhci_hcd
[  122.657059][ T8127] netlink: 'syz.2.1588': attribute type 10 has an invalid length.
[  122.669451][ T8127] bond0: (slave dummy0): Releasing backup interface
[  122.683695][ T8127] team0: Port device dummy0 added
[  122.696154][ T8127] netlink: 'syz.2.1588': attribute type 10 has an invalid length.
[  122.709840][ T8127] team0: Port device dummy0 removed
[  122.718783][ T8127] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  122.820283][ T8136] vlan2: entered allmulticast mode
[  122.859221][ T8144] FAULT_INJECTION: forcing a failure.
[  122.859221][ T8144] name failslab, interval 1, probability 0, space 0, times 0
[  122.871943][ T8144] CPU: 0 UID: 0 PID: 8144 Comm: syz.3.1596 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  122.872042][ T8144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.872059][ T8144] Call Trace:
[  122.872067][ T8144]  <TASK>
[  122.872077][ T8144]  __dump_stack+0x1d/0x30
[  122.872104][ T8144]  dump_stack_lvl+0xe8/0x140
[  122.872199][ T8144]  dump_stack+0x15/0x1b
[  122.872221][ T8144]  should_fail_ex+0x265/0x280
[  122.872256][ T8144]  ? p9_client_create+0x59/0xbc0
[  122.872290][ T8144]  should_failslab+0x8c/0xb0
[  122.872318][ T8144]  __kmalloc_cache_noprof+0x4c/0x320
[  122.872398][ T8144]  p9_client_create+0x59/0xbc0
[  122.872436][ T8144]  ? should_failslab+0x8c/0xb0
[  122.872464][ T8144]  ? __kmalloc_node_track_caller_noprof+0x1e5/0x410
[  122.872544][ T8144]  ? v9fs_session_init+0x78/0xde0
[  122.872644][ T8144]  v9fs_session_init+0xf7/0xde0
[  122.872676][ T8144]  ? obj_cgroup_charge_account+0x122/0x1a0
[  122.872713][ T8144]  ? __rcu_read_unlock+0x4f/0x70
[  122.872797][ T8144]  ? v9fs_mount+0x51/0x590
[  122.872834][ T8144]  ? should_fail_ex+0xdb/0x280
[  122.872940][ T8144]  ? v9fs_mount+0x51/0x590
[  122.872977][ T8144]  ? __kmalloc_cache_noprof+0x189/0x320
[  122.873052][ T8144]  v9fs_mount+0x67/0x590
[  122.873149][ T8144]  ? __pfx_v9fs_mount+0x10/0x10
[  122.873186][ T8144]  legacy_get_tree+0x78/0xd0
[  122.873263][ T8144]  vfs_get_tree+0x54/0x1d0
[  122.873310][ T8144]  do_new_mount+0x207/0x680
[  122.873391][ T8144]  path_mount+0x4a4/0xb20
[  122.873427][ T8144]  ? user_path_at+0x109/0x130
[  122.873492][ T8144]  __se_sys_mount+0x28f/0x2e0
[  122.873537][ T8144]  ? fput+0x8f/0xc0
[  122.873570][ T8144]  __x64_sys_mount+0x67/0x80
[  122.873611][ T8144]  x64_sys_call+0xd36/0x2fb0
[  122.873639][ T8144]  do_syscall_64+0xd2/0x200
[  122.873663][ T8144]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.873727][ T8144]  ? clear_bhb_loop+0x40/0x90
[  122.873810][ T8144]  ? clear_bhb_loop+0x40/0x90
[  122.873838][ T8144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.873865][ T8144] RIP: 0033:0x7fae9b84e9a9
[  122.873913][ T8144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.873935][ T8144] RSP: 002b:00007fae99eb7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  122.873988][ T8144] RAX: ffffffffffffffda RBX: 00007fae9ba75fa0 RCX: 00007fae9b84e9a9
[  122.874000][ T8144] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  122.874010][ T8144] RBP: 00007fae99eb7090 R08: 0000200000000080 R09: 0000000000000000
[  122.874024][ T8144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  122.874038][ T8144] R13: 0000000000000000 R14: 00007fae9ba75fa0 R15: 00007ffc697c45f8
[  122.874061][ T8144]  </TASK>
[  123.159151][ T8150] loop2: detected capacity change from 0 to 512
[  123.166814][ T8104] vhci_hcd: connection reset by peer
[  123.173508][ T8150] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.186078][   T58] vhci_hcd: stop threads
[  123.190384][   T58] vhci_hcd: release socket
[  123.194309][ T8150] EXT4-fs: inline encryption not supported
[  123.194935][   T58] vhci_hcd: disconnect device
[  123.200707][ T8150] EXT4-fs: Ignoring removed bh option
[  123.213998][ T8155] loop3: detected capacity change from 0 to 512
[  123.215536][ T8150] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.228626][ T8155] ext4: Unknown parameter 'mblk_io_submit"errors'
[  123.244608][ T8150] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  123.261545][ T8150] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  123.383418][ T8150] hub 2-0:1.0: USB hub found
[  123.388860][ T8150] hub 2-0:1.0: 8 ports detected
[  123.455273][ T8182] loop1: detected capacity change from 0 to 256
[  123.583135][ T8197] netlink: 'syz.1.1603': attribute type 10 has an invalid length.
[  123.734016][ T8209] vlan2: entered allmulticast mode
[  123.855366][ T8221] loop2: detected capacity change from 0 to 2048
[  123.873662][ T8221] EXT4-fs: Ignoring removed nobh option
[  123.908508][ T8225] netlink: 'syz.4.1614': attribute type 10 has an invalid length.
[  124.007050][ T8223] loop3: detected capacity change from 0 to 1024
[  124.027276][ T8223] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.053980][ T8223] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1615: bg 0: block 393: padding at end of block bitmap is not set
[  124.076952][ T8223] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.084808][ T8223] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.095824][ T8223] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.103420][ T8223] batman_adv: batadv0: Removing interface: batadv_slave_1
[  124.168597][ T8236] loop4: detected capacity change from 0 to 512
[  124.176853][ T8236] EXT4-fs: Ignoring removed nomblk_io_submit option
[  124.184987][ T8236] EXT4-fs: inline encryption not supported
[  124.190876][ T8236] EXT4-fs: Ignoring removed bh option
[  124.202520][ T8236] EXT4-fs: Ignoring removed nomblk_io_submit option
[  124.263233][ T8236] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  124.297003][ T8236] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  124.313330][   T58] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[  124.326137][   T58] EXT4-fs (loop3): This should not happen!! Data will be lost
[  124.326137][   T58] 
[  124.336021][   T58] EXT4-fs (loop3): Total free blocks count 0
[  124.342028][   T58] EXT4-fs (loop3): Free/Dirty block details
[  124.347972][   T58] EXT4-fs (loop3): free_blocks=0
[  124.352947][   T58] EXT4-fs (loop3): dirty_blocks=16
[  124.358087][   T58] EXT4-fs (loop3): Block reservation details
[  124.364095][   T58] EXT4-fs (loop3): i_reserved_data_blocks=1
[  124.428188][ T8236] hub 2-0:1.0: USB hub found
[  124.438313][ T8236] hub 2-0:1.0: 8 ports detected
[  124.595366][ T8245] loop3: detected capacity change from 0 to 2048
[  124.608795][ T8245] EXT4-fs: Ignoring removed nobh option
[  124.652464][ T8253] vlan2: entered allmulticast mode
[  124.731171][ T8257] loop1: detected capacity change from 0 to 512
[  124.756716][ T8257] ext4 filesystem being mounted at /353/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  124.768444][ T8257] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1626: corrupted inode contents
[  124.780828][ T8257] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.1626: mark_inode_dirty error
[  124.800066][ T8257] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1626: corrupted inode contents
[  124.830361][ T8270] netlink: 'syz.2.1631': attribute type 10 has an invalid length.
[  124.879366][ T8274] netlink: 'syz.1.1632': attribute type 10 has an invalid length.
[  124.915661][ T8274] team0: Port device dummy0 added
[  124.935412][ T8274] netlink: 'syz.1.1632': attribute type 10 has an invalid length.
[  124.977895][ T8274] team0: Port device dummy0 removed
[  124.996882][ T8274] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  125.047567][ T8283] __nla_validate_parse: 9 callbacks suppressed
[  125.047584][ T8283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1636'.
[  125.057298][ T8285] loop1: detected capacity change from 0 to 2048
[  125.071844][ T8285] EXT4-fs: Ignoring removed nobh option
[  125.168551][ T8290] loop4: detected capacity change from 0 to 1024
[  125.177560][ T8290] EXT4-fs: Ignoring removed orlov option
[  125.623146][ T8308] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1643'.
[  125.638711][ T8308] netlink: 'syz.0.1643': attribute type 10 has an invalid length.
[  125.651519][ T8308] team0: Port device dummy0 added
[  125.664074][ T8310] loop4: detected capacity change from 0 to 128
[  125.679207][ T8310] ext4 filesystem being mounted at /324/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  125.717032][ T8308] team0: Port device dummy0 removed
[  125.733936][ T8308] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  125.852459][ T8321] hub 2-0:1.0: USB hub found
[  125.864773][ T8321] hub 2-0:1.0: 8 ports detected
[  125.905797][ T8326] loop4: detected capacity change from 0 to 128
[  125.915913][ T8328] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1652'.
[  125.941975][ T8326] ext4 filesystem being mounted at /327/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  126.155070][ T8356] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1662'.
[  126.198827][ T8356] bond0: (slave dummy0): Releasing backup interface
[  126.210692][ T8356] team0: Port device dummy0 added
[  126.267753][ T8356] team0: Port device dummy0 removed
[  126.277200][ T8356] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  126.311343][ T8363] loop0: detected capacity change from 0 to 128
[  126.331977][ T8367] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1677'.
[  126.332607][ T8363] ext4 filesystem being mounted at /293/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  126.377515][ T8367] $Hÿ: (slave dummy0): Releasing backup interface
[  126.384579][ T8367] dummy0: left promiscuous mode
[  126.392891][ T8367] team0: Port device dummy0 added
[  126.430569][ T8367] team0: Port device dummy0 removed
[  126.441947][ T8367] dummy0: entered promiscuous mode
[  126.448490][ T8367] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link
[  126.575635][ T8378] loop4: detected capacity change from 0 to 512
[  126.607425][ T8379] loop0: detected capacity change from 0 to 512
[  126.614286][ T8378] ext4: Unknown parameter 'mblk_io_submit"errors'
[  126.669341][ T8379] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1670: Failed to acquire dquot type 1
[  126.702710][ T8379] EXT4-fs (loop0): 1 truncate cleaned up
[  126.710003][ T8379] ext4 filesystem being mounted at /294/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.789693][ T8389] validate_nla: 7 callbacks suppressed
[  126.789727][ T8389] netlink: 'syz.1.1676': attribute type 10 has an invalid length.
[  126.859505][ T8394] loop3: detected capacity change from 0 to 1024
[  126.884705][ T8394] EXT4-fs: Ignoring removed orlov option
[  126.936858][   T29] kauditd_printk_skb: 1101 callbacks suppressed
[  126.936875][   T29] audit: type=1326 audit(1753526582.337:14004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  126.978983][   T29] audit: type=1326 audit(1753526582.337:14005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.002001][   T29] audit: type=1326 audit(1753526582.337:14006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.025146][   T29] audit: type=1326 audit(1753526582.337:14007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.048061][   T29] audit: type=1326 audit(1753526582.337:14008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.071350][   T29] audit: type=1326 audit(1753526582.337:14009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.094370][   T29] audit: type=1326 audit(1753526582.337:14010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.117412][   T29] audit: type=1326 audit(1753526582.337:14011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.140474][   T29] audit: type=1326 audit(1753526582.337:14012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.166105][   T29] audit: type=1326 audit(1753526582.567:14013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  127.172242][ T8408] $Hÿ: renamed from bond0 (while UP)
[  127.194765][ T8412] loop2: detected capacity change from 0 to 128
[  127.242783][ T8412] ext4 filesystem being mounted at /354/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  127.250153][ T8415] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8415 comm=syz.1.1684
[  127.265646][ T8415] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8415 comm=syz.1.1684
[  127.296262][ T8408] $Hÿ: entered promiscuous mode
[  127.301369][ T8408] bond_slave_0: entered promiscuous mode
[  127.307357][ T8408] bond_slave_1: entered promiscuous mode
[  127.314575][ T8408] dummy0: entered promiscuous mode
[  127.360991][ T8419] loop3: detected capacity change from 0 to 512
[  127.383156][ T8419] ext4: Unknown parameter 'mblk_io_submit"errors'
[  127.485439][ T8434] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1693'.
[  127.618017][ T8446] loop0: detected capacity change from 0 to 1024
[  127.636496][ T8446] EXT4-fs: Ignoring removed orlov option
[  127.694641][ T3365] usb 1-1: enqueue for inactive port 0
[  127.706977][ T3365] usb 1-1: enqueue for inactive port 0
[  127.852586][ T3365] vhci_hcd: vhci_device speed not set
[  127.934072][ T8464] loop1: detected capacity change from 0 to 512
[  127.952753][ T8465] loop3: detected capacity change from 0 to 2048
[  127.965593][ T8465] EXT4-fs: Ignoring removed nobh option
[  127.976251][ T8464] ext4 filesystem being mounted at /372/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  127.996112][ T8464] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1704: corrupted inode contents
[  128.017049][ T8462] bond0: (slave dummy0): Releasing backup interface
[  128.046776][ T8462] bridge_slave_0: left allmulticast mode
[  128.052484][ T8462] bridge_slave_0: left promiscuous mode
[  128.058446][ T8462] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.077561][ T8464] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.1704: mark_inode_dirty error
[  128.104501][ T8462] bridge_slave_1: left allmulticast mode
[  128.110295][ T8462] bridge_slave_1: left promiscuous mode
[  128.116060][ T8462] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.121967][ T8464] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1704: corrupted inode contents
[  128.140664][ T8462] bond0: (slave bond_slave_0): Releasing backup interface
[  128.167624][ T8462] bond0: (slave bond_slave_1): Releasing backup interface
[  128.180388][ T8462] team0: Port device team_slave_0 removed
[  128.191563][ T8477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1709'.
[  128.207985][ T8462] team0: Port device team_slave_1 removed
[  128.215452][ T8462] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.222950][ T8462] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.233651][ T8462] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.241174][ T8462] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.348892][ T8487] netlink: 'syz.0.1712': attribute type 10 has an invalid length.
[  128.423391][ T8493] loop0: detected capacity change from 0 to 512
[  128.447238][ T8493] ext4 filesystem being mounted at /303/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  128.482188][ T8483] loop1: detected capacity change from 0 to 8192
[  128.500682][ T8493] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.1715: corrupted inode contents
[  128.522811][ T8493] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.1715: mark_inode_dirty error
[  128.535699][ T7454]  loop1: p1 p4 < >
[  128.539839][ T7454] loop1: p1 start 4261412864 is beyond EOD, truncated
[  128.545683][ T8493] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.1715: corrupted inode contents
[  128.560375][ T8483]  loop1: p1 p4 < >
[  128.580599][ T8483] loop1: p1 start 4261412864 is beyond EOD, truncated
[  128.589145][ T8506] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1719'.
[  128.720325][ T8515] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1722'.
[  128.738355][ T8515] netlink: 'syz.2.1722': attribute type 10 has an invalid length.
[  128.750090][ T8515] team0: Port device dummy0 added
[  128.760801][ T8515] netlink: 'syz.2.1722': attribute type 10 has an invalid length.
[  128.788809][ T8515] team0: Port device dummy0 removed
[  128.810228][ T8515] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  128.929458][ T8525] loop4: detected capacity change from 0 to 512
[  128.973885][ T8525] EXT4-fs (loop4): orphan cleanup on readonly fs
[  128.982593][ T8525] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1724: bg 0: block 248: padding at end of block bitmap is not set
[  129.013146][ T8525] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1724: Failed to acquire dquot type 1
[  129.028396][ T8534] Cannot find add_set index 0 as target
[  129.028645][ T8525] EXT4-fs (loop4): 1 truncate cleaned up
[  129.187673][ T8543] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  129.194252][ T8543] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  129.201907][ T8543] vhci_hcd vhci_hcd.0: Device attached
[  129.279931][ T8525] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  129.296641][ T8525] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  129.362685][ T8552] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1732'.
[  129.394605][ T1036] vhci_hcd: vhci_device speed not set
[  129.428906][ T8554] loop1: detected capacity change from 0 to 2048
[  129.437658][ T8554] EXT4-fs: Ignoring removed nobh option
[  129.454641][ T1036] usb 7-1: new full-speed USB device number 3 using vhci_hcd
[  129.466168][ T8554] EXT4-fs mount: 93 callbacks suppressed
[  129.466184][ T8554] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.712889][ T8566] loop0: detected capacity change from 0 to 512
[  129.726449][ T8566] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1736: Failed to acquire dquot type 1
[  129.738600][ T8566] EXT4-fs (loop0): 1 truncate cleaned up
[  129.744759][ T8566] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.758103][ T8566] ext4 filesystem being mounted at /307/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.779706][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.838492][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.860995][ T8573] loop0: detected capacity change from 0 to 128
[  129.876823][ T8576] loop2: detected capacity change from 0 to 512
[  129.879514][ T8573] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  129.883998][ T8576] ext4: Unknown parameter 'mblk_io_submit"errors'
[  129.915515][ T8579] loop4: detected capacity change from 0 to 1024
[  129.922734][ T8579] EXT4-fs: Ignoring removed orlov option
[  129.931114][ T8573] ext4 filesystem being mounted at /309/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  129.950432][ T8579] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.960617][ T8544] vhci_hcd: connection reset by peer
[  129.978311][   T58] vhci_hcd: stop threads
[  129.982768][   T58] vhci_hcd: release socket
[  129.987279][   T58] vhci_hcd: disconnect device
[  129.994750][ T8573] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  130.156961][ T8594] loop0: detected capacity change from 0 to 512
[  130.184010][ T8594] EXT4-fs: Ignoring removed mblk_io_submit option
[  130.206212][ T8594] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  130.226100][ T8594] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  130.244454][ T8594] System zones: 1-12
[  130.261806][ T8594] EXT4-fs (loop0): 1 truncate cleaned up
[  130.274444][ T8594] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.295013][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.350811][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.364323][ T8598] __nla_validate_parse: 2 callbacks suppressed
[  130.364337][ T8598] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1747'.
[  130.388150][ T8598] netlink: 'syz.1.1747': attribute type 10 has an invalid length.
[  130.414264][ T8598] $Hÿ: (slave dummy0): Releasing backup interface
[  130.458227][ T8603] FAULT_INJECTION: forcing a failure.
[  130.458227][ T8603] name failslab, interval 1, probability 0, space 0, times 0
[  130.471035][ T8603] CPU: 0 UID: 0 PID: 8603 Comm: syz.4.1749 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  130.471131][ T8603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.471142][ T8603] Call Trace:
[  130.471149][ T8603]  <TASK>
[  130.471177][ T8603]  __dump_stack+0x1d/0x30
[  130.471202][ T8603]  dump_stack_lvl+0xe8/0x140
[  130.471286][ T8603]  dump_stack+0x15/0x1b
[  130.471301][ T8603]  should_fail_ex+0x265/0x280
[  130.471392][ T8603]  should_failslab+0x8c/0xb0
[  130.471416][ T8603]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  130.471528][ T8603]  ? sidtab_sid2str_get+0xa0/0x130
[  130.471558][ T8603]  kmemdup_noprof+0x2b/0x70
[  130.471582][ T8603]  sidtab_sid2str_get+0xa0/0x130
[  130.471628][ T8603]  security_sid_to_context_core+0x1eb/0x2e0
[  130.471699][ T8603]  security_sid_to_context+0x27/0x40
[  130.471724][ T8603]  selinux_lsmprop_to_secctx+0x67/0xf0
[  130.471754][ T8603]  security_lsmprop_to_secctx+0x43/0x80
[  130.471852][ T8603]  audit_log_task_context+0x77/0x190
[  130.471895][ T8603]  audit_log_task+0xf4/0x250
[  130.471946][ T8603]  audit_seccomp+0x61/0x100
[  130.471969][ T8603]  ? __seccomp_filter+0x68c/0x10d0
[  130.471997][ T8603]  __seccomp_filter+0x69d/0x10d0
[  130.472028][ T8603]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  130.472061][ T8603]  ? vfs_write+0x75e/0x8e0
[  130.472092][ T8603]  ? __rcu_read_unlock+0x4f/0x70
[  130.472197][ T8603]  ? __fget_files+0x184/0x1c0
[  130.472253][ T8603]  __secure_computing+0x82/0x150
[  130.472275][ T8603]  syscall_trace_enter+0xcf/0x1e0
[  130.472301][ T8603]  do_syscall_64+0xac/0x200
[  130.472364][ T8603]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.472393][ T8603]  ? clear_bhb_loop+0x40/0x90
[  130.472420][ T8603]  ? clear_bhb_loop+0x40/0x90
[  130.472446][ T8603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.472513][ T8603] RIP: 0033:0x7fb838fde9a9
[  130.472531][ T8603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.472554][ T8603] RSP: 002b:00007fb837647028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2
[  130.472628][ T8603] RAX: ffffffffffffffda RBX: 00007fb839205fa0 RCX: 00007fb838fde9a9
[  130.472645][ T8603] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000034e
[  130.472657][ T8603] RBP: 00007fb837647090 R08: 0000000000000000 R09: 0000000000000000
[  130.472668][ T8603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.472684][ T8603] R13: 0000000000000000 R14: 00007fb839205fa0 R15: 00007ffdfe0340a8
[  130.472726][ T8603]  </TASK>
[  130.725759][ T8598] dummy0: left promiscuous mode
[  130.733401][ T8598] team0: Port device dummy0 added
[  130.786045][ T8607] loop4: detected capacity change from 0 to 512
[  130.793729][ T8607] ext4: Unknown parameter 'mblk_io_submit"errors'
[  130.943709][ T8608] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1750'.
[  130.969816][ T8608] netlink: 'syz.3.1750': attribute type 10 has an invalid length.
[  130.983460][ T8608] team0: Port device dummy0 added
[  131.022245][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.036945][ T8608] netlink: 'syz.3.1750': attribute type 10 has an invalid length.
[  131.050365][ T8616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1755'.
[  131.064967][ T8608] team0: Port device dummy0 removed
[  131.073971][ T8608] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  131.087247][ T8616] netlink: 'syz.2.1755': attribute type 10 has an invalid length.
[  131.106924][ T8616] bond0: (slave dummy0): Releasing backup interface
[  131.128393][ T8616] team0: Port device dummy0 added
[  131.241317][ T8634] loop2: detected capacity change from 0 to 512
[  131.262327][ T8630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1761'.
[  131.294780][ T8641] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  131.342742][ T8634] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.361844][ T8634] ext4 filesystem being mounted at /374/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  131.379402][ T8653] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1770'.
[  131.384793][ T8634] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1763: corrupted inode contents
[  131.404943][ T8653] netlink: 'syz.3.1770': attribute type 10 has an invalid length.
[  131.427040][ T8634] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.1763: mark_inode_dirty error
[  131.493160][ T8634] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1763: corrupted inode contents
[  131.527316][ T8668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1776'.
[  131.541742][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.598873][ T8676] loop4: detected capacity change from 0 to 512
[  131.605958][ T8676] ext4: Unknown parameter 'mblk_io_submit"errors'
[  131.608079][ T8671] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  131.715128][ T8684] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  131.749790][ T8683] loop2: detected capacity change from 0 to 128
[  131.793709][ T8683] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  131.818834][ T8683] ext4 filesystem being mounted at /376/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  131.857599][ T8683] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  131.949534][ T8702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1789'.
[  131.978650][ T8701] loop4: detected capacity change from 0 to 512
[  131.988437][ T8701] EXT4-fs: Ignoring removed nomblk_io_submit option
[  131.989483][ T8707] loop2: detected capacity change from 0 to 1024
[  131.995407][ T8701] EXT4-fs: inline encryption not supported
[  132.007588][ T8701] EXT4-fs: Ignoring removed bh option
[  132.039751][ T8707] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.044296][ T8701] EXT4-fs: Ignoring removed nomblk_io_submit option
[  132.064992][ T8715] loop3: detected capacity change from 0 to 512
[  132.065684][ T8701] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  132.073954][ T8715] ext4: Unknown parameter 'mblk_io_submit"errors'
[  132.098598][ T8707] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.1791: Allocating blocks 385-513 which overlap fs metadata
[  132.117396][ T8701] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  132.128467][   T29] kauditd_printk_skb: 901 callbacks suppressed
[  132.128482][   T29] audit: type=1326 audit(1753526587.527:14910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.158669][   T29] audit: type=1326 audit(1753526587.527:14911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.182270][   T29] audit: type=1326 audit(1753526587.527:14912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.205863][   T29] audit: type=1326 audit(1753526587.527:14913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.229420][   T29] audit: type=1326 audit(1753526587.527:14914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.253054][   T29] audit: type=1326 audit(1753526587.527:14915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.255044][ T8707] FAULT_INJECTION: forcing a failure.
[  132.255044][ T8707] name failslab, interval 1, probability 0, space 0, times 0
[  132.276616][   T29] audit: type=1326 audit(1753526587.527:14916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.276643][   T29] audit: type=1326 audit(1753526587.527:14917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.289357][ T8707] CPU: 0 UID: 0 PID: 8707 Comm: syz.2.1791 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  132.289392][ T8707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.289410][ T8707] Call Trace:
[  132.289427][ T8707]  <TASK>
[  132.289440][ T8707]  __dump_stack+0x1d/0x30
[  132.289470][ T8707]  dump_stack_lvl+0xe8/0x140
[  132.289499][ T8707]  dump_stack+0x15/0x1b
[  132.289521][ T8707]  should_fail_ex+0x265/0x280
[  132.289620][ T8707]  ? alloc_pipe_info+0xae/0x350
[  132.289663][ T8707]  should_failslab+0x8c/0xb0
[  132.289716][ T8707]  __kmalloc_cache_noprof+0x4c/0x320
[  132.289757][ T8707]  alloc_pipe_info+0xae/0x350
[  132.289801][ T8707]  splice_direct_to_actor+0x592/0x680
[  132.289845][ T8707]  ? kstrtouint_from_user+0x9f/0xf0
[  132.289887][ T8707]  ? __pfx_direct_splice_actor+0x10/0x10
[  132.289928][ T8707]  ? __rcu_read_unlock+0x4f/0x70
[  132.289958][ T8707]  ? get_pid_task+0x96/0xd0
[  132.289984][ T8707]  ? avc_policy_seqno+0x15/0x30
[  132.290036][ T8707]  ? selinux_file_permission+0x1e4/0x320
[  132.290068][ T8707]  do_splice_direct+0xda/0x150
[  132.290200][ T8707]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  132.290273][ T8707]  do_sendfile+0x380/0x650
[  132.290308][ T8707]  __x64_sys_sendfile64+0x105/0x150
[  132.290348][ T8707]  x64_sys_call+0xb39/0x2fb0
[  132.290377][ T8707]  do_syscall_64+0xd2/0x200
[  132.290403][ T8707]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.290460][ T8707]  ? clear_bhb_loop+0x40/0x90
[  132.290490][ T8707]  ? clear_bhb_loop+0x40/0x90
[  132.290520][ T8707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.290550][ T8707] RIP: 0033:0x7eff875fe9a9
[  132.290591][ T8707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.290615][ T8707] RSP: 002b:00007eff85c5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  132.290692][ T8707] RAX: ffffffffffffffda RBX: 00007eff87825fa0 RCX: 00007eff875fe9a9
[  132.290710][ T8707] RDX: 0000000000000000 RSI: 000000000000000a RDI: 000000000000000a
[  132.290727][ T8707] RBP: 00007eff85c5f090 R08: 0000000000000000 R09: 0000000000000000
[  132.290744][ T8707] R10: 0100000800000009 R11: 0000000000000246 R12: 0000000000000001
[  132.290761][ T8707] R13: 0000000000000000 R14: 00007eff87825fa0 R15: 00007fff986944f8
[  132.290853][ T8707]  </TASK>
[  132.439676][ T8701] hub 2-0:1.0: USB hub found
[  132.443759][   T29] audit: type=1326 audit(1753526587.607:14918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.466834][ T8701] hub 2-0:1.0: 8 ports detected
[  132.468536][   T29] audit: type=1326 audit(1753526587.607:14919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz.1.1795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  132.626556][ T8706] EXT4-fs (loop2): pa ffff8881007971c0: logic 16, phys. 129, len 24
[  132.634679][ T8706] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  132.646966][ T8726] loop3: detected capacity change from 0 to 2048
[  132.647047][ T8722] netlink: 'syz.1.1797': attribute type 10 has an invalid length.
[  132.682822][ T8722] team0: Port device dummy0 removed
[  132.690522][ T8726] EXT4-fs: Ignoring removed nobh option
[  132.702690][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.702908][ T8722] dummy0: entered promiscuous mode
[  132.717653][ T8722] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link
[  132.758832][ T8726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.990706][ T8761] team0: Port device dummy0 removed
[  133.024971][ T8765] loop1: detected capacity change from 0 to 512
[  133.060668][ T8765] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.074221][ T8765] ext4 filesystem being mounted at /400/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  133.088902][ T8765] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1816: corrupted inode contents
[  133.101582][ T8765] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.1816: mark_inode_dirty error
[  133.116047][ T8765] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1816: corrupted inode contents
[  133.150747][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.195040][ T8777] FAULT_INJECTION: forcing a failure.
[  133.195040][ T8777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.208344][ T8777] CPU: 1 UID: 0 PID: 8777 Comm: syz.2.1821 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  133.208370][ T8777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.208450][ T8777] Call Trace:
[  133.208456][ T8777]  <TASK>
[  133.208463][ T8777]  __dump_stack+0x1d/0x30
[  133.208484][ T8777]  dump_stack_lvl+0xe8/0x140
[  133.208503][ T8777]  dump_stack+0x15/0x1b
[  133.208519][ T8777]  should_fail_ex+0x265/0x280
[  133.208574][ T8777]  should_fail+0xb/0x20
[  133.208599][ T8777]  should_fail_usercopy+0x1a/0x20
[  133.208694][ T8777]  _copy_to_iter+0xcf/0xe30
[  133.208747][ T8777]  ? avc_has_perm+0xd3/0x150
[  133.208775][ T8777]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  133.208796][ T8777]  __skb_datagram_iter+0xc6/0x690
[  133.208816][ T8777]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  133.208846][ T8777]  ? mntput_no_expire+0x6f/0x3c0
[  133.208871][ T8777]  ? _raw_spin_lock_irqsave+0x3a/0x90
[  133.208897][ T8777]  skb_copy_datagram_iter+0x3d/0x110
[  133.208917][ T8777]  ip_recv_error+0xc6/0x610
[  133.209017][ T8777]  ? __rcu_read_unlock+0x4f/0x70
[  133.209057][ T8777]  ? avc_has_perm_noaudit+0x1b1/0x200
[  133.209199][ T8777]  udp_recvmsg+0x439/0xb30
[  133.209224][ T8777]  ? selinux_socket_recvmsg+0x175/0x1b0
[  133.209258][ T8777]  ? __pfx_udp_recvmsg+0x10/0x10
[  133.209477][ T8777]  inet_recvmsg+0x143/0x290
[  133.209500][ T8777]  sock_recvmsg+0xf6/0x170
[  133.209588][ T8777]  __sys_recvfrom+0x122/0x1f0
[  133.209631][ T8777]  __x64_sys_recvfrom+0x76/0x90
[  133.209729][ T8777]  x64_sys_call+0x1a52/0x2fb0
[  133.209752][ T8777]  do_syscall_64+0xd2/0x200
[  133.209770][ T8777]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.209833][ T8777]  ? clear_bhb_loop+0x40/0x90
[  133.209855][ T8777]  ? clear_bhb_loop+0x40/0x90
[  133.209876][ T8777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.209974][ T8777] RIP: 0033:0x7eff875fe9a9
[  133.209989][ T8777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.210057][ T8777] RSP: 002b:00007eff85c5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  133.210077][ T8777] RAX: ffffffffffffffda RBX: 00007eff87825fa0 RCX: 00007eff875fe9a9
[  133.210090][ T8777] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000005
[  133.210109][ T8777] RBP: 00007eff85c5f090 R08: 0000000000000000 R09: 0000000000000000
[  133.210122][ T8777] R10: 0000000000002101 R11: 0000000000000246 R12: 0000000000000001
[  133.210135][ T8777] R13: 0000000000000000 R14: 00007eff87825fa0 R15: 00007fff986944f8
[  133.210156][ T8777]  </TASK>
[  133.511814][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.629212][ T8792] loop3: detected capacity change from 0 to 512
[  133.636778][ T8792] ext4: Unknown parameter 'mblk_io_submit"errors'
[  133.652540][ T8791] loop2: detected capacity change from 0 to 128
[  133.664135][ T8791] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.724676][ T8791] ext4 filesystem being mounted at /390/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  133.781686][ T8791] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  134.061753][ T8832] loop2: detected capacity change from 0 to 512
[  134.091688][ T8832] EXT4-fs: Ignoring removed nomblk_io_submit option
[  134.123807][ T8832] EXT4-fs: inline encryption not supported
[  134.129788][ T8832] EXT4-fs: Ignoring removed bh option
[  134.135492][ T8832] EXT4-fs: Ignoring removed nomblk_io_submit option
[  134.158161][ T8832] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  134.173905][ T8832] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  134.198316][ T8844] loop4: detected capacity change from 0 to 512
[  134.207955][ T8844] ext4: Unknown parameter 'mblk_io_submit"errors'
[  134.317155][ T8832] hub 2-0:1.0: USB hub found
[  134.321952][ T8832] hub 2-0:1.0: 8 ports detected
[  134.378136][ T8856] xt_hashlimit: size too large, truncated to 1048576
[  134.474197][ T8866] FAULT_INJECTION: forcing a failure.
[  134.474197][ T8866] name failslab, interval 1, probability 0, space 0, times 0
[  134.486949][ T8866] CPU: 1 UID: 0 PID: 8866 Comm: syz.0.1859 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  134.487019][ T8866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  134.487043][ T8866] Call Trace:
[  134.487051][ T8866]  <TASK>
[  134.487059][ T8866]  __dump_stack+0x1d/0x30
[  134.487139][ T8866]  dump_stack_lvl+0xe8/0x140
[  134.487164][ T8866]  dump_stack+0x15/0x1b
[  134.487184][ T8866]  should_fail_ex+0x265/0x280
[  134.487262][ T8866]  should_failslab+0x8c/0xb0
[  134.487298][ T8866]  kmem_cache_alloc_noprof+0x50/0x310
[  134.487392][ T8866]  ? getname_flags+0x80/0x3b0
[  134.487418][ T8866]  getname_flags+0x80/0x3b0
[  134.487445][ T8866]  do_sys_openat2+0x60/0x110
[  134.487485][ T8866]  __x64_sys_openat+0xf2/0x120
[  134.487519][ T8866]  x64_sys_call+0x1af/0x2fb0
[  134.487575][ T8866]  do_syscall_64+0xd2/0x200
[  134.487598][ T8866]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.487630][ T8866]  ? clear_bhb_loop+0x40/0x90
[  134.487653][ T8866]  ? clear_bhb_loop+0x40/0x90
[  134.487721][ T8866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.487748][ T8866] RIP: 0033:0x7f61c4e5e9a9
[  134.487764][ T8866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.487860][ T8866] RSP: 002b:00007f61c34bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  134.487912][ T8866] RAX: ffffffffffffffda RBX: 00007f61c5085fa0 RCX: 00007f61c4e5e9a9
[  134.487924][ T8866] RDX: 0000000000000000 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  134.487935][ T8866] RBP: 00007f61c34bf090 R08: 0000000000000000 R09: 0000000000000000
[  134.487948][ T8866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.487959][ T8866] R13: 0000000000000000 R14: 00007f61c5085fa0 R15: 00007ffc9e817118
[  134.488020][ T8866]  </TASK>
[  134.494927][ T1036] usb 7-1: enqueue for inactive port 0
[  134.686732][ T1036] usb 7-1: enqueue for inactive port 0
[  134.758711][ T1036] vhci_hcd: vhci_device speed not set
[  134.771387][ T8876] loop1: detected capacity change from 0 to 512
[  134.779778][ T8876] ext4: Unknown parameter 'mblk_io_submit"errors'
[  135.030121][ T8897] loop1: detected capacity change from 0 to 512
[  135.064416][ T8897] ext4: Unknown parameter 'mblk_io_submit"errors'
[  135.076391][ T8899] bond0: (slave dummy0): Releasing backup interface
[  135.092785][ T8899] bridge_slave_0: left allmulticast mode
[  135.098625][ T8899] bridge_slave_0: left promiscuous mode
[  135.104507][ T8899] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.117407][ T8899] bridge_slave_1: left allmulticast mode
[  135.123151][ T8899] bridge_slave_1: left promiscuous mode
[  135.129037][ T8899] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.144776][ T8899] bond0: (slave bond_slave_0): Releasing backup interface
[  135.168627][ T8899] bond0: (slave bond_slave_1): Releasing backup interface
[  135.181010][ T8899] team0: Port device team_slave_0 removed
[  135.191545][ T8899] team0: Port device team_slave_1 removed
[  135.198870][ T8899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.206420][ T8899] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.216595][ T8899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.224308][ T8899] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.431820][ T8923] loop2: detected capacity change from 0 to 512
[  135.516838][ T8921] team0: Port device $Hÿ removed
[  135.530871][ T8921] $Hÿ: (slave dummy0): Releasing backup interface
[  135.549277][ T8923] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1881: Failed to acquire dquot type 1
[  135.577330][ T8923] EXT4-fs (loop2): 1 truncate cleaned up
[  135.594011][ T8923] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.619401][ T8921] dummy0: left promiscuous mode
[  135.631371][ T8921] bridge_slave_0: left allmulticast mode
[  135.637239][ T8921] bridge_slave_0: left promiscuous mode
[  135.642985][ T8921] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.678134][ T8923] ext4 filesystem being mounted at /397/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.699410][ T8921] bridge_slave_1: left allmulticast mode
[  135.705200][ T8921] bridge_slave_1: left promiscuous mode
[  135.710949][ T8921] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.739623][ T8921] $Hÿ: (slave bond_slave_0): Releasing backup interface
[  135.747156][ T8921] bond_slave_0: left promiscuous mode
[  135.756741][ T8921] $Hÿ: (slave bond_slave_1): Releasing backup interface
[  135.767706][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.777200][ T8921] bond_slave_1: left promiscuous mode
[  135.812298][ T8921] team0: Port device team_slave_0 removed
[  135.827515][ T8921] team0: Port device team_slave_1 removed
[  135.834188][ T8921] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.841785][ T8921] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.866669][ T8921] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.874186][ T8921] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.137382][ T8968] loop1: detected capacity change from 0 to 512
[  136.178196][ T8975] loop2: detected capacity change from 0 to 512
[  136.179479][ T8973] loop3: detected capacity change from 0 to 128
[  136.201600][ T8975] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1898: Failed to acquire dquot type 1
[  136.218697][ T8980] loop4: detected capacity change from 0 to 1024
[  136.244003][ T8968] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.258843][ T8973] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  136.276138][ T8968] ext4 filesystem being mounted at /417/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.287476][ T8980] ext4: Bad value for 'max_dir_size_kb'
[  136.293406][ T8973] ext4 filesystem being mounted at /361/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  136.310109][ T8975] EXT4-fs (loop2): 1 truncate cleaned up
[  136.314646][ T8968] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1893: corrupted inode contents
[  136.316968][ T8975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.347227][ T8968] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.1893: mark_inode_dirty error
[  136.359048][ T8968] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1893: corrupted inode contents
[  136.380147][ T8973] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  136.382725][ T8975] ext4 filesystem being mounted at /402/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.453448][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.465673][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.477453][ T8991] loop3: detected capacity change from 0 to 512
[  136.484063][ T8991] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.535251][ T8991] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  136.571199][ T8991] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  136.585338][ T8991] System zones: 1-12
[  136.603128][ T8991] EXT4-fs (loop3): 1 truncate cleaned up
[  136.611804][ T8991] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.641481][ T9011] __nla_validate_parse: 17 callbacks suppressed
[  136.641501][ T9011] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1909'.
[  136.663478][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1903'.
[  136.674894][ T8998] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1905'.
[  136.676455][ T9014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1910'.
[  136.737042][ T9017] loop4: detected capacity change from 0 to 512
[  136.747096][ T8991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1903'.
[  136.756340][ T9019] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  136.778879][ T9016] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1908'.
[  136.781349][ T9017] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.801140][ T9017] ext4 filesystem being mounted at /382/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.815132][ T9017] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.1911: corrupted inode contents
[  136.827929][ T9017] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.1911: mark_inode_dirty error
[  136.855223][ T9017] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.1911: corrupted inode contents
[  136.886324][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.922799][ T9019] netlink: 'syz.0.1912': attribute type 10 has an invalid length.
[  136.930750][ T9019] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1912'.
[  136.940800][ T9019] dummy0: entered promiscuous mode
[  136.949697][ T9019] bridge0: port 1(dummy0) entered blocking state
[  136.956169][ T9019] bridge0: port 1(dummy0) entered disabled state
[  136.957087][ T9030] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1914'.
[  136.964448][ T9019] bridge0: port 1(dummy0) entered blocking state
[  136.977928][ T9019] bridge0: port 1(dummy0) entered forwarding state
[  136.987595][ T9032] loop3: detected capacity change from 0 to 128
[  137.000143][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.012375][ T9032] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.029759][ T9032] ext4 filesystem being mounted at /363/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  137.060153][ T9032] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  137.090860][ T9040] loop0: detected capacity change from 0 to 1024
[  137.097687][ T9040] EXT4-fs: Ignoring removed orlov option
[  137.110980][ T9040] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.203643][   T29] kauditd_printk_skb: 587 callbacks suppressed
[  137.203659][   T29] audit: type=1326 audit(1753526592.597:15503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9050 comm="syz.3.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  137.258009][   T29] audit: type=1326 audit(1753526592.657:15504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9050 comm="syz.3.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  137.281564][   T29] audit: type=1326 audit(1753526592.657:15505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9050 comm="syz.3.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  137.339546][   T29] audit: type=1326 audit(1753526592.657:15506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9050 comm="syz.3.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  137.363287][   T29] audit: type=1326 audit(1753526592.657:15507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9050 comm="syz.3.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  137.419839][ T9060] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1922'.
[  137.532846][   T29] audit: type=1326 audit(1753526592.927:15508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.1.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  137.556526][   T29] audit: type=1326 audit(1753526592.927:15509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.1.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  137.631205][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.646167][   T29] audit: type=1326 audit(1753526592.957:15510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9061 comm="syz.3.1923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  137.669995][   T29] audit: type=1326 audit(1753526592.957:15511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9061 comm="syz.3.1923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  137.670347][ T9071] FAULT_INJECTION: forcing a failure.
[  137.670347][ T9071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.693623][   T29] audit: type=1326 audit(1753526592.987:15512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.1.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  137.706804][ T9071] CPU: 0 UID: 0 PID: 9071 Comm: syz.4.1927 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  137.706892][ T9071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.706910][ T9071] Call Trace:
[  137.706920][ T9071]  <TASK>
[  137.706932][ T9071]  __dump_stack+0x1d/0x30
[  137.707046][ T9071]  dump_stack_lvl+0xe8/0x140
[  137.707071][ T9071]  dump_stack+0x15/0x1b
[  137.707095][ T9071]  should_fail_ex+0x265/0x280
[  137.707153][ T9071]  should_fail+0xb/0x20
[  137.707190][ T9071]  should_fail_usercopy+0x1a/0x20
[  137.707234][ T9071]  strncpy_from_user+0x25/0x230
[  137.707271][ T9071]  strncpy_from_user_nofault+0x68/0xf0
[  137.707397][ T9071]  bpf_probe_read_compat_str+0xb4/0x130
[  137.707431][ T9071]  bpf_prog_597e1462992804d8+0x46/0x4c
[  137.707552][ T9071]  bpf_trace_run2+0x107/0x1c0
[  137.707585][ T9071]  ? public_key_free+0x39/0x60
[  137.707624][ T9071]  ? public_key_free+0x39/0x60
[  137.707682][ T9071]  kfree+0x27b/0x320
[  137.707711][ T9071]  ? x509_cert_parse+0x3d3/0x430
[  137.707761][ T9071]  public_key_free+0x39/0x60
[  137.707849][ T9071]  x509_free_certificate+0x2d/0xb0
[  137.707888][ T9071]  x509_cert_parse+0x3f0/0x430
[  137.707927][ T9071]  x509_key_preparse+0x3c/0x420
[  137.708018][ T9071]  ? selinux_key_permission+0x161/0x190
[  137.708049][ T9071]  asymmetric_key_preparse+0x68/0xb0
[  137.708083][ T9071]  __key_create_or_update+0x28b/0x750
[  137.708192][ T9071]  ? key_validate+0xad/0xd0
[  137.708237][ T9071]  key_create_or_update+0x42/0x60
[  137.708284][ T9071]  __se_sys_add_key+0x296/0x350
[  137.708322][ T9071]  __x64_sys_add_key+0x67/0x80
[  137.708410][ T9071]  x64_sys_call+0x1d0d/0x2fb0
[  137.708440][ T9071]  do_syscall_64+0xd2/0x200
[  137.708496][ T9071]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  137.708534][ T9071]  ? clear_bhb_loop+0x40/0x90
[  137.708563][ T9071]  ? clear_bhb_loop+0x40/0x90
[  137.708593][ T9071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.708695][ T9071] RIP: 0033:0x7fb838fde9a9
[  137.708715][ T9071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.708782][ T9071] RSP: 002b:00007fb837647038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  137.708807][ T9071] RAX: ffffffffffffffda RBX: 00007fb839205fa0 RCX: 00007fb838fde9a9
[  137.708824][ T9071] RDX: 0000200000000ac0 RSI: 0000000000000000 RDI: 0000200000000a80
[  137.708841][ T9071] RBP: 00007fb837647090 R08: 000000002a29a752 R09: 0000000000000000
[  137.708858][ T9071] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000002
[  137.708874][ T9071] R13: 0000000000000000 R14: 00007fb839205fa0 R15: 00007ffdfe0340a8
[  137.708899][ T9071]  </TASK>
[  137.766247][ T9075] loop2: detected capacity change from 0 to 512
[  137.897972][ T9079] loop4: detected capacity change from 0 to 128
[  137.936126][ T9075] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.956835][ T9079] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.992625][ T9075] ext4 filesystem being mounted at /405/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  138.043053][ T9079] ext4 filesystem being mounted at /385/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  138.068635][ T9073] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1925: corrupted inode contents
[  138.099332][ T9093] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1934'.
[  138.102343][ T9079] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  138.117736][ T9073] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.1925: mark_inode_dirty error
[  138.133167][ T9073] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1925: corrupted inode contents
[  138.168302][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.177755][ T9096] loop4: detected capacity change from 0 to 512
[  138.225058][ T9100] loop0: detected capacity change from 0 to 2048
[  138.237321][ T9096] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1935: Failed to acquire dquot type 1
[  138.242588][ T9100] EXT4-fs: Ignoring removed nobh option
[  138.258761][ T9105] loop2: detected capacity change from 0 to 1024
[  138.261150][ T9096] EXT4-fs (loop4): 1 truncate cleaned up
[  138.272551][ T9096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.285783][ T9105] EXT4-fs: Ignoring removed orlov option
[  138.293020][ T9106] loop1: detected capacity change from 0 to 1024
[  138.300433][ T9096] ext4 filesystem being mounted at /386/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.301257][ T9106] EXT4-fs: Ignoring removed orlov option
[  138.329069][ T9106] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.334623][ T9105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.343505][ T9100] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.381238][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.393733][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.441491][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.512883][ T9123] FAULT_INJECTION: forcing a failure.
[  138.512883][ T9123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.526096][ T9123] CPU: 0 UID: 0 PID: 9123 Comm: syz.3.1944 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  138.526122][ T9123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.526153][ T9123] Call Trace:
[  138.526162][ T9123]  <TASK>
[  138.526171][ T9123]  __dump_stack+0x1d/0x30
[  138.526196][ T9123]  dump_stack_lvl+0xe8/0x140
[  138.526222][ T9123]  dump_stack+0x15/0x1b
[  138.526238][ T9123]  should_fail_ex+0x265/0x280
[  138.526277][ T9123]  should_fail+0xb/0x20
[  138.526323][ T9123]  should_fail_usercopy+0x1a/0x20
[  138.526416][ T9123]  _copy_from_user+0x1c/0xb0
[  138.526444][ T9123]  ___sys_sendmsg+0xc1/0x1d0
[  138.526483][ T9123]  __sys_sendmmsg+0x178/0x300
[  138.526512][ T9123]  __x64_sys_sendmmsg+0x57/0x70
[  138.526536][ T9123]  x64_sys_call+0x2f2f/0x2fb0
[  138.526563][ T9123]  do_syscall_64+0xd2/0x200
[  138.526642][ T9123]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  138.526674][ T9123]  ? clear_bhb_loop+0x40/0x90
[  138.526701][ T9123]  ? clear_bhb_loop+0x40/0x90
[  138.526723][ T9123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.526742][ T9123] RIP: 0033:0x7fae9b84e9a9
[  138.526836][ T9123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.526854][ T9123] RSP: 002b:00007fae99eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  138.526880][ T9123] RAX: ffffffffffffffda RBX: 00007fae9ba75fa0 RCX: 00007fae9b84e9a9
[  138.526896][ T9123] RDX: 0000000000000001 RSI: 00002000000041c0 RDI: 0000000000000003
[  138.526912][ T9123] RBP: 00007fae99eb7090 R08: 0000000000000000 R09: 0000000000000000
[  138.526927][ T9123] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  138.526943][ T9123] R13: 0000000000000000 R14: 00007fae9ba75fa0 R15: 00007ffc697c45f8
[  138.527000][ T9123]  </TASK>
[  138.539815][ T9125] loop4: detected capacity change from 0 to 1024
[  138.774818][ T9133] loop1: detected capacity change from 0 to 512
[  138.775069][ T9125] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.819410][ T9138] loop3: detected capacity change from 0 to 512
[  138.823286][ T9133] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1950: Failed to acquire dquot type 1
[  138.839039][ T9133] EXT4-fs (loop1): 1 truncate cleaned up
[  138.845822][ T9133] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.848362][ T9138] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1951: Failed to acquire dquot type 1
[  138.861968][ T9133] ext4 filesystem being mounted at /431/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.870527][ T9138] EXT4-fs (loop3): 1 truncate cleaned up
[  138.886605][ T9138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.916757][ T9138] ext4 filesystem being mounted at /373/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.928840][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.972824][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.026204][ T9150] loop2: detected capacity change from 0 to 512
[  139.054412][ T9150] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.065082][ T9150] EXT4-fs: inline encryption not supported
[  139.070981][ T9150] EXT4-fs: Ignoring removed bh option
[  139.077792][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.087765][ T9150] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.096133][ T9150] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  139.105353][ T9150] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  139.159342][ T9156] loop3: detected capacity change from 0 to 512
[  139.169928][ T9156] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.177866][ T9156] EXT4-fs: inline encryption not supported
[  139.183909][ T9156] EXT4-fs: Ignoring removed bh option
[  139.192695][ T9156] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.199991][ T9156] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  139.203628][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.210360][ T9156] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  139.252372][ T9156] hub 2-0:1.0: USB hub found
[  139.259020][ T9156] hub 2-0:1.0: 8 ports detected
[  139.527879][ T9181] netlink: 'syz.1.1963': attribute type 10 has an invalid length.
[  139.538334][ T9181] dummy0: entered promiscuous mode
[  139.543751][ T9181] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link
[  140.085620][ T9201] loop3: detected capacity change from 0 to 128
[  140.191488][ T9210] bio_check_eod: 101 callbacks suppressed
[  140.191519][ T9210] syz.3.1970: attempt to access beyond end of device
[  140.191519][ T9210] loop3: rw=0, sector=121, nr_sectors = 896 limit=128
[  140.222863][ T9208] netlink: 'syz.0.1973': attribute type 10 has an invalid length.
[  140.227183][ T9211] loop2: detected capacity change from 0 to 128
[  140.235899][ T9208] bridge0: port 1(dummy0) entered disabled state
[  140.245057][ T9208] dummy0: left promiscuous mode
[  140.250108][ T9208] bridge0: port 1(dummy0) entered disabled state
[  140.257982][ T9211] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.275765][ T9213] loop4: detected capacity change from 0 to 512
[  140.295030][ T9213] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  140.332758][ T9208] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  140.377028][ T9211] ext4 filesystem being mounted at /413/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.397031][ T9211] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.500673][ T9224] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  140.507302][ T9224] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  140.515093][ T9224] vhci_hcd vhci_hcd.0: Device attached
[  140.523706][ T9223] loop1: detected capacity change from 0 to 128
[  140.541207][ T9223] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.565587][ T9223] ext4 filesystem being mounted at /438/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.591837][ T1632] kworker/u8:6: attempt to access beyond end of device
[  140.591837][ T1632] loop3: rw=1, sector=145, nr_sectors = 896 limit=128
[  140.609907][ T9223] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.641141][ T9236] loop3: detected capacity change from 0 to 512
[  140.648071][ T9232] bond0: (slave dummy0): Releasing backup interface
[  140.676198][ T9236] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1983: Failed to acquire dquot type 1
[  140.704565][   T36] vhci_hcd: vhci_device speed not set
[  140.718200][ T9236] EXT4-fs (loop3): 1 truncate cleaned up
[  140.747776][ T9236] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.784895][   T36] usb 9-1: new full-speed USB device number 5 using vhci_hcd
[  140.800825][ T9236] ext4 filesystem being mounted at /380/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.840843][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.059834][ T9269] loop0: detected capacity change from 0 to 128
[  141.076817][ T9269] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  141.091078][ T9269] ext4 filesystem being mounted at /360/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  141.122576][ T9273] loop2: detected capacity change from 0 to 512
[  141.191415][ T9273] ext4 filesystem being mounted at /416/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  141.226359][ T9273] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1996: corrupted inode contents
[  141.250959][ T9273] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.1996: mark_inode_dirty error
[  141.264672][ T9273] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.1996: corrupted inode contents
[  141.281865][ T9225] vhci_hcd: connection reset by peer
[  141.288901][ T1757] vhci_hcd: stop threads
[  141.293184][ T1757] vhci_hcd: release socket
[  141.297907][ T1757] vhci_hcd: disconnect device
[  141.393344][ T9286] loop1: detected capacity change from 0 to 1024
[  141.422129][ T9286] EXT4-fs: Ignoring removed orlov option
[  141.639454][ T9305] loop1: detected capacity change from 0 to 764
[  141.731497][ T9311] loop0: detected capacity change from 0 to 1024
[  141.766788][ T9311] EXT4-fs: Ignoring removed orlov option
[  141.788939][ T9317] capability: warning: `syz.3.2014' uses 32-bit capabilities (legacy support in use)
[  141.878400][ T9329] __nla_validate_parse: 21 callbacks suppressed
[  141.878458][ T9329] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  141.888563][ T9331] FAULT_INJECTION: forcing a failure.
[  141.888563][ T9331] name failslab, interval 1, probability 0, space 0, times 0
[  141.905365][ T9332] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  141.905923][ T9331] CPU: 0 UID: 0 PID: 9331 Comm: syz.2.2017 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  141.905980][ T9331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.905999][ T9331] Call Trace:
[  141.906005][ T9331]  <TASK>
[  141.906014][ T9331]  __dump_stack+0x1d/0x30
[  141.906049][ T9331]  dump_stack_lvl+0xe8/0x140
[  141.906078][ T9331]  dump_stack+0x15/0x1b
[  141.906101][ T9331]  should_fail_ex+0x265/0x280
[  141.906143][ T9331]  ? p9_client_create+0x59/0xbc0
[  141.906241][ T9331]  should_failslab+0x8c/0xb0
[  141.906270][ T9331]  __kmalloc_cache_noprof+0x4c/0x320
[  141.906312][ T9331]  p9_client_create+0x59/0xbc0
[  141.906352][ T9331]  ? should_failslab+0x8c/0xb0
[  141.906383][ T9331]  ? __kmalloc_node_track_caller_noprof+0x1e5/0x410
[  141.906421][ T9331]  ? v9fs_session_init+0x78/0xde0
[  141.906526][ T9331]  v9fs_session_init+0xf7/0xde0
[  141.906589][ T9331]  ? obj_cgroup_charge_account+0x122/0x1a0
[  141.906630][ T9331]  ? __rcu_read_unlock+0x4f/0x70
[  141.906659][ T9331]  ? should_fail_ex+0xdb/0x280
[  141.906766][ T9331]  ? v9fs_mount+0x51/0x590
[  141.906803][ T9331]  ? should_failslab+0x8c/0xb0
[  141.906831][ T9331]  ? __kmalloc_cache_noprof+0x189/0x320
[  141.906868][ T9331]  v9fs_mount+0x67/0x590
[  141.906917][ T9331]  ? __pfx_v9fs_mount+0x10/0x10
[  141.906955][ T9331]  legacy_get_tree+0x78/0xd0
[  141.907062][ T9331]  vfs_get_tree+0x54/0x1d0
[  141.907104][ T9331]  do_new_mount+0x207/0x680
[  141.907147][ T9331]  path_mount+0x4a4/0xb20
[  141.907189][ T9331]  ? user_path_at+0x109/0x130
[  141.907224][ T9331]  __se_sys_mount+0x28f/0x2e0
[  141.907264][ T9331]  ? fput+0x8f/0xc0
[  141.907358][ T9331]  __x64_sys_mount+0x67/0x80
[  141.907405][ T9331]  x64_sys_call+0xd36/0x2fb0
[  141.907434][ T9331]  do_syscall_64+0xd2/0x200
[  141.907523][ T9331]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.907557][ T9331]  ? clear_bhb_loop+0x40/0x90
[  141.907585][ T9331]  ? clear_bhb_loop+0x40/0x90
[  141.907662][ T9331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.907690][ T9331] RIP: 0033:0x7eff875fe9a9
[  141.907710][ T9331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.907735][ T9331] RSP: 002b:00007eff85c5f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  141.907759][ T9331] RAX: ffffffffffffffda RBX: 00007eff87825fa0 RCX: 00007eff875fe9a9
[  141.907833][ T9331] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  141.907848][ T9331] RBP: 00007eff85c5f090 R08: 0000200000000080 R09: 0000000000000000
[  141.907864][ T9331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.907881][ T9331] R13: 0000000000000000 R14: 00007eff87825fa0 R15: 00007fff986944f8
[  141.907908][ T9331]  </TASK>
[  142.189468][ T9332] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  142.275204][   T29] kauditd_printk_skb: 923 callbacks suppressed
[  142.275303][   T29] audit: type=1326 audit(1753526597.667:16428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.305479][   T29] audit: type=1326 audit(1753526597.677:16429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.343131][ T9353] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  142.349706][ T9353] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  142.352100][   T29] audit: type=1326 audit(1753526597.727:16430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.357377][ T9353] vhci_hcd vhci_hcd.0: Device attached
[  142.380799][   T29] audit: type=1326 audit(1753526597.727:16431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.409945][   T29] audit: type=1326 audit(1753526597.727:16432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.433549][   T29] audit: type=1326 audit(1753526597.727:16433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.457094][   T29] audit: type=1326 audit(1753526597.727:16434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.480651][   T29] audit: type=1326 audit(1753526597.727:16435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.504363][   T29] audit: type=1326 audit(1753526597.727:16436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.527910][   T29] audit: type=1326 audit(1753526597.727:16437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9b84e9a9 code=0x7ffc0000
[  142.556471][ T9350] bond0: (slave dummy0): Releasing backup interface
[  142.572481][ T9350] bridge_slave_0: left allmulticast mode
[  142.578219][ T9350] bridge_slave_0: left promiscuous mode
[  142.583888][ T9350] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.605696][ T9350] bridge_slave_1: left allmulticast mode
[  142.611469][ T9350] bridge_slave_1: left promiscuous mode
[  142.617220][ T9350] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.628219][ T9350] bond0: (slave bond_slave_0): Releasing backup interface
[  142.639707][ T9350] bond0: (slave bond_slave_1): Releasing backup interface
[  142.661352][ T9360] loop2: detected capacity change from 0 to 512
[  142.670995][ T9350] team0: Port device team_slave_0 removed
[  142.680488][ T9350] team0: Port device team_slave_1 removed
[  142.689702][ T9360] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.714663][ T9360] EXT4-fs: inline encryption not supported
[  142.720835][ T9360] EXT4-fs: Ignoring removed bh option
[  142.726438][ T9360] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.733683][ T9360] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  142.770705][ T9360] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  142.807798][ T9363] loop3: detected capacity change from 0 to 1024
[  142.823580][ T9363] EXT4-fs: Ignoring removed orlov option
[  142.872738][ T9360] hub 2-0:1.0: USB hub found
[  142.880295][ T9360] hub 2-0:1.0: 8 ports detected
[  143.091021][ T9354] vhci_hcd: connection closed
[  143.091370][   T31] vhci_hcd: stop threads
[  143.100420][   T31] vhci_hcd: release socket
[  143.104919][   T31] vhci_hcd: disconnect device
[  143.281124][ T9378] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  143.328805][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2036'.
[  143.346579][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2036'.
[  143.363055][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2036'.
[  143.373949][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2036'.
[  143.388722][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2036'.
[  143.405204][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2036'.
[  143.415759][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2036'.
[  143.425457][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2036'.
[  143.442262][ T9385] loop2: detected capacity change from 0 to 1024
[  143.467023][ T9385] EXT4-fs: Ignoring removed nomblk_io_submit option
[  143.590288][ T9393] No control pipe specified
[  143.647415][ T9396] loop4: detected capacity change from 0 to 1024
[  143.664936][ T9396] EXT4-fs: Ignoring removed orlov option
[  143.782492][ T9404] No control pipe specified
[  144.006515][ T9429] loop2: detected capacity change from 0 to 512
[  144.048823][ T9429] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  144.069276][ T9429] EXT4-fs (loop2): mount failed
[  144.170764][ T9436] loop0: detected capacity change from 0 to 1024
[  144.204141][ T9436] loop0: detected capacity change from 0 to 128
[  144.213138][ T9436] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  144.242894][ T9439] loop2: detected capacity change from 0 to 128
[  144.256026][ T9439] ext4 filesystem being mounted at /431/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  144.310926][ T9436] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  144.381701][ T9446] loop3: detected capacity change from 0 to 128
[  144.419187][ T9454] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (255)
[  144.443676][ T9446] ext4 filesystem being mounted at /386/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  144.493425][ T9459] loop0: detected capacity change from 0 to 2048
[  144.827797][ T9483] $Hÿ: (slave dummy0): Releasing backup interface
[  144.848832][ T9483] dummy0: left promiscuous mode
[  144.866206][ T9483] bridge_slave_0: left allmulticast mode
[  144.871939][ T9483] bridge_slave_0: left promiscuous mode
[  144.877721][ T9483] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.950315][ T9500] loop2: detected capacity change from 0 to 512
[  144.959416][ T9483] bridge_slave_1: left allmulticast mode
[  144.965489][ T9483] bridge_slave_1: left promiscuous mode
[  144.971263][ T9483] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.986914][ T9483] $Hÿ: (slave bond_slave_0): Releasing backup interface
[  144.994794][ T9483] bond_slave_0: left promiscuous mode
[  145.001257][ T9483] $Hÿ: (slave bond_slave_1): Releasing backup interface
[  145.009966][ T9483] bond_slave_1: left promiscuous mode
[  145.010704][ T9500] ext4 filesystem being mounted at /438/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  145.026135][ T9483] team0: Port device team_slave_0 removed
[  145.033380][ T9483] team0: Port device team_slave_1 removed
[  145.040255][ T9500] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2077: corrupted inode contents
[  145.040547][ T9483] batman_adv: batadv0: Removing interface: batadv_slave_0
[  145.054208][ T9500] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.2077: mark_inode_dirty error
[  145.071211][ T9483] batman_adv: batadv0: Removing interface: batadv_slave_1
[  145.071346][ T9500] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2077: corrupted inode contents
[  145.358043][ T9527] veth1_to_bond: entered allmulticast mode
[  145.369721][ T9527] veth1_to_bond (unregistering): left allmulticast mode
[  145.426458][ T9527] cgroup: Unknown subsys name 'cpuset'
[  145.451079][ T9532] loop0: detected capacity change from 0 to 512
[  145.513303][ T9532] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2088: Failed to acquire dquot type 1
[  145.619424][ T9532] EXT4-fs (loop0): 1 truncate cleaned up
[  145.640975][ T9532] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.678517][ T9548] ref_ctr_offset mismatch. inode: 0x98b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[  145.702438][ T9546] loop3: detected capacity change from 0 to 2048
[  145.754931][ T7454] Alternate GPT is invalid, using primary GPT.
[  145.761373][ T7454]  loop3: p2 p3 p7
[  145.799080][ T9546] Alternate GPT is invalid, using primary GPT.
[  145.805627][ T9546]  loop3: p2 p3 p7
[  145.828223][ T9551] infiniband syz!: set down
[  145.832786][ T9551] infiniband syz!: added team_slave_0
[  145.856985][   T36] usb 9-1: enqueue for inactive port 0
[  145.862888][ T9551] RDS/IB: syz!: added
[  145.869481][   T36] usb 9-1: enqueue for inactive port 0
[  145.875249][ T9551] smc: adding ib device syz! with port count 1
[  145.883510][ T9551] smc:    ib device syz! port 1 has pnetid 
[  145.924445][ T9557] netlink: 'syz.0.2097': attribute type 10 has an invalid length.
[  145.944533][   T36] vhci_hcd: vhci_device speed not set
[  145.959159][ T9557] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  146.127442][ T4310] udevd[4310]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[  146.147053][ T7454] udevd[7454]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  146.159350][ T3611] udevd[3611]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  146.173556][ T9564] loop4: detected capacity change from 0 to 1024
[  146.199818][ T9571] loop0: detected capacity change from 0 to 2048
[  146.236228][ T9564] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.292050][ T9564] loop4: detected capacity change from 0 to 1024
[  146.345369][ T9564] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.370334][ T9589] netlink: 'syz.2.2109': attribute type 10 has an invalid length.
[  146.381421][ T9589] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  146.460736][ T9592] bond0: (slave dummy0): Releasing backup interface
[  146.512139][ T9564] loop4: detected capacity change from 0 to 1024
[  146.539007][ T9564] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.570198][ T9564] loop4: detected capacity change from 0 to 1024
[  146.649830][ T9564] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.713864][ T9564] loop4: detected capacity change from 0 to 1024
[  146.765964][ T9564] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.806269][ T9564] loop4: detected capacity change from 0 to 1024
[  146.828608][ T9564] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.863741][ T9564] loop4: detected capacity change from 0 to 1024
[  146.880676][ T9564] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.941119][ T9627] loop1: detected capacity change from 0 to 2048
[  147.086994][ T9627] $Hÿ: left promiscuous mode
[  147.098020][ T9627] dummy0: left promiscuous mode
[  147.125977][ T9627] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  147.150275][ T9637] loop4: detected capacity change from 0 to 128
[  147.200071][ T9637] ext4 filesystem being mounted at /403/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  147.308693][   T29] kauditd_printk_skb: 486 callbacks suppressed
[  147.308711][   T29] audit: type=1326 audit(1753526602.707:16922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.341344][ T9652] __nla_validate_parse: 77 callbacks suppressed
[  147.341387][ T9652] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  147.368903][   T29] audit: type=1326 audit(1753526602.707:16923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.392626][   T29] audit: type=1326 audit(1753526602.707:16924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.416370][   T29] audit: type=1326 audit(1753526602.707:16925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.439944][   T29] audit: type=1326 audit(1753526602.707:16926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.463573][   T29] audit: type=1326 audit(1753526602.707:16927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.487226][   T29] audit: type=1326 audit(1753526602.707:16928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.511005][   T29] audit: type=1326 audit(1753526602.707:16929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.535020][   T29] audit: type=1326 audit(1753526602.707:16930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.543377][ T9658] loop0: detected capacity change from 0 to 512
[  147.558544][   T29] audit: type=1326 audit(1753526602.757:16931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9648 comm="syz.0.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c4e5e9a9 code=0x7ffc0000
[  147.623911][ T9658] ext4 filesystem being mounted at /395/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  147.648382][ T9658] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.2132: corrupted inode contents
[  147.663327][ T9658] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.2132: mark_inode_dirty error
[  147.691443][ T9658] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.2132: corrupted inode contents
[  147.842325][ T9693] loop3: detected capacity change from 0 to 128
[  147.934571][ T9693] ext4 filesystem being mounted at /405/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  147.949673][ T9704] loop4: detected capacity change from 0 to 1024
[  148.019288][ T9704] EXT4-fs: Ignoring removed orlov option
[  148.139506][ T9722] loop0: detected capacity change from 0 to 512
[  148.265514][ T9722] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.2152: corrupted in-inode xattr: invalid ea_ino
[  148.300956][ T9722] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2152: couldn't read orphan inode 15 (err -117)
[  148.372074][ T9731] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  148.398933][ T9722] netlink: 'syz.0.2152': attribute type 4 has an invalid length.
[  148.452805][ T9722] netlink: 'syz.0.2152': attribute type 4 has an invalid length.
[  148.515529][ T9745] loop0: detected capacity change from 0 to 1024
[  148.526337][ T9745] EXT4-fs: Ignoring removed orlov option
[  148.532315][ T9745] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  148.538140][ T9743] loop4: detected capacity change from 0 to 128
[  148.558221][ T9746] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  148.564798][ T9746] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  148.572528][ T9746] vhci_hcd vhci_hcd.0: Device attached
[  148.586253][ T9743] ext4 filesystem being mounted at /410/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  148.655033][ T9755] loop0: detected capacity change from 0 to 512
[  148.662770][ T9757] FAULT_INJECTION: forcing a failure.
[  148.662770][ T9757] name failslab, interval 1, probability 0, space 0, times 0
[  148.675492][ T9757] CPU: 1 UID: 0 PID: 9757 Comm: syz.4.2167 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  148.675522][ T9757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  148.675534][ T9757] Call Trace:
[  148.675541][ T9757]  <TASK>
[  148.675550][ T9757]  __dump_stack+0x1d/0x30
[  148.675613][ T9757]  dump_stack_lvl+0xe8/0x140
[  148.675654][ T9758] loop2: detected capacity change from 0 to 1024
[  148.675636][ T9757]  dump_stack+0x15/0x1b
[  148.675679][ T9757]  should_fail_ex+0x265/0x280
[  148.675709][ T9757]  should_failslab+0x8c/0xb0
[  148.675815][ T9757]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  148.675855][ T9757]  ? __d_alloc+0x3d/0x350
[  148.675891][ T9757]  __d_alloc+0x3d/0x350
[  148.675922][ T9757]  ? mpol_shared_policy_init+0xbd/0x4c0
[  148.676025][ T9757]  d_alloc_pseudo+0x1e/0x80
[  148.676074][ T9757]  alloc_file_pseudo+0x71/0x160
[  148.676111][ T9757]  __shmem_file_setup+0x1de/0x210
[  148.676235][ T9757]  shmem_file_setup+0x3b/0x50
[  148.676274][ T9757]  __se_sys_memfd_create+0x2c3/0x590
[  148.676318][ T9757]  __x64_sys_memfd_create+0x31/0x40
[  148.676485][ T9757]  x64_sys_call+0x122f/0x2fb0
[  148.676513][ T9757]  do_syscall_64+0xd2/0x200
[  148.676540][ T9757]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  148.676576][ T9757]  ? clear_bhb_loop+0x40/0x90
[  148.676632][ T9757]  ? clear_bhb_loop+0x40/0x90
[  148.676661][ T9757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.676714][ T9757] RIP: 0033:0x7fb838fde9a9
[  148.676735][ T9757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.676816][ T9757] RSP: 002b:00007fb837646e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  148.676840][ T9757] RAX: ffffffffffffffda RBX: 0000000000000617 RCX: 00007fb838fde9a9
[  148.676858][ T9757] RDX: 00007fb837646ef0 RSI: 0000000000000000 RDI: 00007fb8390616fc
[  148.676875][ T9757] RBP: 0000200000001100 R08: 00007fb837646bb7 R09: 00007fb837646e40
[  148.676892][ T9757] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  148.676909][ T9757] R13: 00007fb837646ef0 R14: 00007fb837646eb0 R15: 0000200000001a80
[  148.676936][ T9757]  </TASK>
[  148.763007][ T9755] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2166: Failed to acquire dquot type 1
[  148.764951][ T9758] EXT4-fs: Ignoring removed orlov option
[  148.784013][ T9755] EXT4-fs (loop0): 1 truncate cleaned up
[  148.844555][    T9] vhci_hcd: vhci_device speed not set
[  148.852007][ T9755] ext4 filesystem being mounted at /401/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.929480][    T9] usb 3-1: new full-speed USB device number 4 using vhci_hcd
[  149.029425][ T9772] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  149.140069][ T9780] loop0: detected capacity change from 0 to 128
[  149.181399][ T9780] syz.0.2175: attempt to access beyond end of device
[  149.181399][ T9780] loop0: rw=0, sector=121, nr_sectors = 896 limit=128
[  149.199381][ T9785] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  149.318962][ T9747] vhci_hcd: connection reset by peer
[  149.329065][  T372] vhci_hcd: stop threads
[  149.333436][  T372] vhci_hcd: release socket
[  149.337926][  T372] vhci_hcd: disconnect device
[  149.357963][ T9791] loop3: detected capacity change from 0 to 1024
[  149.388020][  T372] kworker/u8:5: attempt to access beyond end of device
[  149.388020][  T372] loop0: rw=1, sector=145, nr_sectors = 896 limit=128
[  149.473267][ T9800] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2181'.
[  149.581775][ T9806] loop3: detected capacity change from 0 to 512
[  149.588313][ T9804] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2183'.
[  149.616801][ T9806] ext4 filesystem being mounted at /413/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  149.636302][ T9806] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.2184: corrupted inode contents
[  149.650867][ T9806] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.2184: mark_inode_dirty error
[  149.671015][ T9806] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.2184: corrupted inode contents
[  149.833672][ T9817] loop0: detected capacity change from 0 to 2048
[  149.916051][ T3298]  loop0: p1 < > p2 < > p3 p4 < >
[  149.921167][ T3298] loop0: partition table partially beyond EOD, truncated
[  149.979365][ T3298] loop0: p1 start 2305 is beyond EOD, truncated
[  149.985737][ T3298] loop0: p2 start 4294902784 is beyond EOD, truncated
[  149.992653][ T3298] loop0: p3 start 3724543488 is beyond EOD, truncated
[  150.011121][ T9828] loop1: detected capacity change from 0 to 128
[  150.025900][ T9828] ext4 filesystem being mounted at /487/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  150.050271][ T9817]  loop0: p1 < > p2 < > p3 p4 < >
[  150.053171][ T9833] loop4: detected capacity change from 0 to 1024
[  150.055408][ T9817] loop0: partition table partially beyond EOD, truncated
[  150.062171][ T9833] EXT4-fs: Ignoring removed orlov option
[  150.080455][ T9831] netlink: 148 bytes leftover after parsing attributes in process `syz.3.2193'.
[  150.081046][ T9817] loop0: p1 start 2305 is beyond EOD, truncated
[  150.095974][ T9817] loop0: p2 start 4294902784 is beyond EOD, truncated
[  150.102811][ T9817] loop0: p3 start 3724543488 is beyond EOD, truncated
[  150.134220][ T9837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2195'.
[  150.254975][ T7454] udevd[7454]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  150.307702][ T9851] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2198'.
[  150.551208][ T9843] loop2: detected capacity change from 0 to 8192
[  150.624813][ T9871] syzkaller1: entered promiscuous mode
[  150.630350][ T9871] syzkaller1: entered allmulticast mode
[  150.648438][ T9843]  loop2: p1 p4 < >
[  150.683551][ T9843] loop2: p1 start 4261412864 is beyond EOD, truncated
[  150.715685][ T2997]  loop2: p1 p4 < >
[  150.719601][ T2997] loop2: p1 start 4261412864 is beyond EOD, truncated
[  150.786271][ T9882] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2207'.
[  150.834103][ T9888] loop4: detected capacity change from 0 to 512
[  150.867862][ T9888] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2206: Failed to acquire dquot type 1
[  150.922725][ T9888] EXT4-fs (loop4): 1 truncate cleaned up
[  150.936123][ T9888] ext4 filesystem being mounted at /419/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.019687][ T9904] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2218'.
[  151.072372][ T9909] loop1: detected capacity change from 0 to 512
[  151.086201][ T9909] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  151.140062][ T9909] ext4 filesystem being mounted at /493/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.172463][ T9917] netlink: 'syz.3.2221': attribute type 10 has an invalid length.
[  151.188058][ T9909] IPv6: NLM_F_CREATE should be specified when creating new route
[  151.198942][ T9922] loop4: detected capacity change from 0 to 128
[  151.205594][ T9926] random: crng reseeded on system resumption
[  151.216663][ T9925] loop2: detected capacity change from 0 to 128
[  151.231018][ T9925] ext4 filesystem being mounted at /460/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  151.276185][ T9917] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  151.289999][ T9922] syz.4.2224: attempt to access beyond end of device
[  151.289999][ T9922] loop4: rw=0, sector=121, nr_sectors = 896 limit=128
[  151.380389][ T9930] netlink: 'syz.1.2225': attribute type 10 has an invalid length.
[  151.396826][ T9936] loop3: detected capacity change from 0 to 512
[  151.488010][ T9936] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2228: Failed to acquire dquot type 1
[  151.519788][ T9936] EXT4-fs (loop3): 1 truncate cleaned up
[  151.525921][ T9936] ext4 filesystem being mounted at /431/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.537734][ T1632] kworker/u8:6: attempt to access beyond end of device
[  151.537734][ T1632] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  151.594166][ T9946] loop1: detected capacity change from 0 to 2048
[  151.613296][ T9952] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  151.634165][ T9956] loop2: detected capacity change from 0 to 1024
[  151.636939][ T9954] loop3: detected capacity change from 0 to 512
[  151.641714][ T9956] EXT4-fs: Ignoring removed orlov option
[  151.682151][ T3365] kernel write not supported for file /input/event2 (pid: 3365 comm: kworker/1:2)
[  151.710738][ T9962] loop0: detected capacity change from 0 to 1024
[  151.721169][ T9962] EXT4-fs: Ignoring removed orlov option
[  151.749072][ T9954] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  151.769428][ T9954] EXT4-fs (loop3): mount failed
[  151.778939][ T9972] serio: Serial port ttyS3
[  151.859733][ T9975] netlink: 'syz.4.2243': attribute type 10 has an invalid length.
[  151.871012][ T9975] dummy0: entered promiscuous mode
[  151.876908][ T9975] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link
[  151.894795][ T9980] veth1_to_bond: entered allmulticast mode
[  151.923928][ T9980] cgroup: Unknown subsys name 'cpuset'
[  151.941677][ T9979] veth1_to_bond: left allmulticast mode
[  151.965977][ T9987] loop4: detected capacity change from 0 to 128
[  152.006233][ T9992] loop0: detected capacity change from 0 to 512
[  152.042078][ T9987] syz.4.2246: attempt to access beyond end of device
[  152.042078][ T9987] loop4: rw=0, sector=121, nr_sectors = 896 limit=128
[  152.099757][ T9992] ext4 filesystem being mounted at /421/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  152.121537][ T9992] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.2247: corrupted inode contents
[  152.146119][ T9992] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.2247: mark_inode_dirty error
[  152.178068][ T9992] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.2247: corrupted inode contents
[  152.204863][T10004] lo: entered allmulticast mode
[  152.280249][ T1757] kworker/u8:7: attempt to access beyond end of device
[  152.280249][ T1757] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  152.327025][ T9997] lo: left allmulticast mode
[  152.350511][T10018] __nla_validate_parse: 11 callbacks suppressed
[  152.350529][T10018] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2256'.
[  152.377922][T10018] netlink: 'syz.4.2256': attribute type 10 has an invalid length.
[  152.407845][T10007] loop3: detected capacity change from 0 to 128
[  152.464192][   T29] kauditd_printk_skb: 364 callbacks suppressed
[  152.464207][   T29] audit: type=1326 audit(1753526607.857:17290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.532858][T10007] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  152.537790][T10031] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  152.543270][T10007] FAT-fs (loop3): Filesystem has been set read-only
[  152.590226][T10031] FAULT_INJECTION: forcing a failure.
[  152.590226][T10031] name failslab, interval 1, probability 0, space 0, times 0
[  152.603013][T10031] CPU: 1 UID: 0 PID: 10031 Comm: syz.0.2262 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  152.603048][T10031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  152.603159][T10031] Call Trace:
[  152.603169][T10031]  <TASK>
[  152.603178][T10031]  __dump_stack+0x1d/0x30
[  152.603205][T10031]  dump_stack_lvl+0xe8/0x140
[  152.603230][T10031]  dump_stack+0x15/0x1b
[  152.603250][T10031]  should_fail_ex+0x265/0x280
[  152.603295][T10031]  should_failslab+0x8c/0xb0
[  152.603322][T10031]  __kvmalloc_node_noprof+0x123/0x4e0
[  152.603368][T10031]  ? bpf_test_run_xdp_live+0xed/0xfe0
[  152.603415][T10031]  bpf_test_run_xdp_live+0xed/0xfe0
[  152.603449][T10031]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  152.603500][T10031]  ? cpus_read_unlock+0x6e/0xc0
[  152.603527][T10031]  ? __static_call_update+0x37c/0x3b0
[  152.603571][T10031]  ? bpf_dispatcher_xdp+0x800/0x1000
[  152.603598][T10031]  ? synchronize_rcu+0x45/0x320
[  152.603688][T10031]  ? bpf_dispatcher_xdp+0x800/0x1000
[  152.603708][T10031]  ? bpf_dispatcher_xdp+0x800/0x1000
[  152.603728][T10031]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[  152.603763][T10031]  ? 0xffffffffa02019cc
[  152.603779][T10031]  ? 0xffffffffa0203954
[  152.603808][T10031]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  152.603969][T10031]  bpf_prog_test_run_xdp+0x4f5/0x910
[  152.604009][T10031]  ? __rcu_read_unlock+0x4f/0x70
[  152.604042][T10031]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.604131][T10031]  bpf_prog_test_run+0x227/0x390
[  152.604173][T10031]  __sys_bpf+0x3dc/0x790
[  152.604208][T10031]  __x64_sys_bpf+0x41/0x50
[  152.604234][T10031]  x64_sys_call+0x2478/0x2fb0
[  152.604306][T10031]  do_syscall_64+0xd2/0x200
[  152.604330][T10031]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  152.604368][T10031]  ? clear_bhb_loop+0x40/0x90
[  152.604389][T10031]  ? clear_bhb_loop+0x40/0x90
[  152.604412][T10031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.604496][T10031] RIP: 0033:0x7f61c4e5e9a9
[  152.604516][T10031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.604548][T10031] RSP: 002b:00007f61c34bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  152.604572][T10031] RAX: ffffffffffffffda RBX: 00007f61c5085fa0 RCX: 00007f61c4e5e9a9
[  152.604585][T10031] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  152.604596][T10031] RBP: 00007f61c34bf090 R08: 0000000000000000 R09: 0000000000000000
[  152.604681][T10031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.604698][T10031] R13: 0000000000000000 R14: 00007f61c5085fa0 R15: 00007ffc9e817118
[  152.604723][T10031]  </TASK>
[  152.614606][   T29] audit: type=1326 audit(1753526607.857:17291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.686499][T10007] syz.3.2253: attempt to access beyond end of device
[  152.686499][T10007] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  152.688321][   T29] audit: type=1326 audit(1753526607.867:17292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.688358][   T29] audit: type=1326 audit(1753526607.867:17293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.688393][   T29] audit: type=1326 audit(1753526607.867:17294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.688472][   T29] audit: type=1326 audit(1753526607.867:17295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.688512][   T29] audit: type=1326 audit(1753526607.867:17296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.688547][   T29] audit: type=1326 audit(1753526607.867:17297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.688577][   T29] audit: type=1326 audit(1753526607.867:17298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.688612][   T29] audit: type=1326 audit(1753526607.867:17299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fec67afe9a9 code=0x7ffc0000
[  152.710945][T10007] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  152.761348][T10043] loop4: detected capacity change from 0 to 512
[  152.798286][T10043] ext4 filesystem being mounted at /432/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  152.800203][T10043] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2265: corrupted inode contents
[  152.804967][T10007] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  152.811038][T10043] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.2265: mark_inode_dirty error
[  152.833514][T10007] syz.3.2253: attempt to access beyond end of device
[  152.833514][T10007] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  152.859760][T10043] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2265: corrupted inode contents
[  152.869943][T10007] syz.3.2253: attempt to access beyond end of device
[  152.869943][T10007] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  153.145619][T10049] loop1: detected capacity change from 0 to 128
[  153.157452][T10007] syz.3.2253: attempt to access beyond end of device
[  153.157452][T10007] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  153.201614][T10049] ext4 filesystem being mounted at /504/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  153.281062][T10053] loop0: detected capacity change from 0 to 512
[  153.335814][T10058] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  153.369307][T10062] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2270'.
[  153.403557][T10062] netlink: 'syz.2.2270': attribute type 10 has an invalid length.
[  153.458495][T10070] loop3: detected capacity change from 0 to 512
[  153.486827][T10070] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2274: Failed to acquire dquot type 1
[  153.502528][T10070] EXT4-fs (loop3): 1 truncate cleaned up
[  153.508810][T10070] ext4 filesystem being mounted at /437/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.528462][T10072] $Hÿ: (slave dummy0): Releasing backup interface
[  153.594311][T10078] loop3: detected capacity change from 0 to 512
[  153.633468][T10078] ext4 filesystem being mounted at /438/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  153.718320][T10082] loop4: detected capacity change from 0 to 256
[  153.720679][T10078] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.2277: corrupted inode contents
[  153.725445][T10082] FAT-fs (loop4): bogus number of FAT sectors
[  153.742708][T10082] FAT-fs (loop4): Can't find a valid FAT filesystem
[  153.773738][T10078] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.2277: mark_inode_dirty error
[  153.813945][T10078] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.2277: corrupted inode contents
[  153.883971][T10095] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2280'.
[  153.922789][T10102] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2285'.
[  153.968625][T10101] loop3: detected capacity change from 0 to 128
[  153.989029][T10101] ext4 filesystem being mounted at /439/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  154.009094][T10107] loop4: detected capacity change from 0 to 512
[  154.015674][    T9] usb 3-1: enqueue for inactive port 0
[  154.023312][    T9] usb 3-1: enqueue for inactive port 0
[  154.042265][T10107] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2287: Failed to acquire dquot type 1
[  154.057465][T10107] EXT4-fs (loop4): 1 truncate cleaned up
[  154.064025][T10107] ext4 filesystem being mounted at /438/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.081882][T10111] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2288'.
[  154.096345][    T9] vhci_hcd: vhci_device speed not set
[  154.130689][T10115] loop4: detected capacity change from 0 to 1024
[  154.141589][T10115] EXT4-fs: Ignoring removed orlov option
[  154.156195][T10118] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2289'.
[  154.273159][T10116] loop1: detected capacity change from 0 to 8192
[  154.326491][T10116]  loop1: p1 p4 < >
[  154.336928][T10116] loop1: p1 start 4261412864 is beyond EOD, truncated
[  154.418775][T10131] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2294'.
[  154.558737][T10132] loop3: detected capacity change from 0 to 8192
[  154.606084][ T7454]  loop3: p1 p4 < >
[  154.610564][ T7454] loop3: p1 start 4261412864 is beyond EOD, truncated
[  154.620764][T10132]  loop3: p1 p4 < >
[  154.625213][T10132] loop3: p1 start 4261412864 is beyond EOD, truncated
[  154.636926][T10138] loop2: detected capacity change from 0 to 128
[  154.682698][T10138] bio_check_eod: 271 callbacks suppressed
[  154.682717][T10138] syz.2.2296: attempt to access beyond end of device
[  154.682717][T10138] loop2: rw=0, sector=121, nr_sectors = 896 limit=128
[  154.835464][   T12] kworker/u8:0: attempt to access beyond end of device
[  154.835464][   T12] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[  154.882697][T10143] loop2: detected capacity change from 0 to 1024
[  154.889613][T10143] EXT4-fs: Ignoring removed orlov option
[  154.961206][T10147] loop1: detected capacity change from 0 to 512
[  154.977769][T10147] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.2299: corrupted in-inode xattr: invalid ea_ino
[  154.999907][T10147] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2299: couldn't read orphan inode 15 (err -117)
[  155.017290][T10146] ==================================================================
[  155.025426][T10146] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  155.033810][T10146] 
[  155.036237][T10146] write to 0xffff888106b9e8b8 of 4 bytes by task 10143 on cpu 1:
[  155.043997][T10146]  writeback_single_inode+0x14a/0x3e0
[  155.049395][T10146]  sync_inode_metadata+0x5b/0x90
[  155.054353][T10146]  generic_buffers_fsync_noflush+0xd9/0x120
[  155.060275][T10146]  ext4_sync_file+0x1ab/0x690
[  155.064973][T10146]  vfs_fsync_range+0x10a/0x130
[  155.069791][T10146]  ext4_buffered_write_iter+0x34f/0x3c0
[  155.075443][T10146]  ext4_file_write_iter+0x383/0xf00
[  155.080658][T10146]  iter_file_splice_write+0x5ef/0x970
[  155.086103][T10146]  direct_splice_actor+0x153/0x2a0
[  155.091239][T10146]  splice_direct_to_actor+0x30f/0x680
[  155.096635][T10146]  do_splice_direct+0xda/0x150
[  155.101446][T10146]  do_sendfile+0x380/0x650
[  155.105898][T10146]  __x64_sys_sendfile64+0x105/0x150
[  155.111116][T10146]  x64_sys_call+0xb39/0x2fb0
[  155.115721][T10146]  do_syscall_64+0xd2/0x200
[  155.120235][T10146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.126158][T10146] 
[  155.128492][T10146] read to 0xffff888106b9e8b8 of 4 bytes by task 10146 on cpu 0:
[  155.136143][T10146]  __mark_inode_dirty+0x18e/0x760
[  155.141198][T10146]  ext4_write_inline_data_end+0x3e5/0x5f0
[  155.146945][T10146]  ext4_write_end+0x4cd/0x730
[  155.151644][T10146]  generic_perform_write+0x312/0x490
[  155.156942][T10146]  ext4_buffered_write_iter+0x1ee/0x3c0
[  155.162507][T10146]  ext4_file_write_iter+0x383/0xf00
[  155.167721][T10146]  iter_file_splice_write+0x5ef/0x970
[  155.173113][T10146]  direct_splice_actor+0x153/0x2a0
[  155.178247][T10146]  splice_direct_to_actor+0x30f/0x680
[  155.183640][T10146]  do_splice_direct+0xda/0x150
[  155.188427][T10146]  do_sendfile+0x380/0x650
[  155.192856][T10146]  __x64_sys_sendfile64+0x105/0x150
[  155.198067][T10146]  x64_sys_call+0xb39/0x2fb0
[  155.202672][T10146]  do_syscall_64+0xd2/0x200
[  155.207187][T10146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.213095][T10146] 
[  155.215448][T10146] value changed: 0x00000038 -> 0x00000002
[  155.221173][T10146] 
[  155.223510][T10146] Reported by Kernel Concurrency Sanitizer on:
[  155.229684][T10146] CPU: 0 UID: 0 PID: 10146 Comm: syz.2.2298 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(voluntary) 
[  155.242216][T10146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  155.252294][T10146] ==================================================================
[  155.269153][T10147] netlink: 'syz.1.2299': attribute type 4 has an invalid length.
[  155.306745][T10147] netlink: 'syz.1.2299': attribute type 4 has an invalid length.