last executing test programs:

4m52.957067586s ago: executing program 3 (id=4):
mknod$loop(&(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, 0x1)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x175)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2b1245d, 0x0, 0xfd, 0x0, &(0x7f00000000c0))

4m51.593647396s ago: executing program 3 (id=13):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, r2}, 0x18)
r3 = socket$inet6(0xa, 0x3, 0x8)
setsockopt$inet6_int(r3, 0x29, 0x4b, &(0x7f0000000000)=0x2, 0x4)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000640)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x1d, 0x14, "fee8a2ab78fcffffffffffffff2000b8785d960000000000000000000000000f0000000000010000861c5d5200000000000000000200", "2809e897bdb2128bfc82525edd665240f45f819e01982861ac0000000000000000001100", "90be8b00000041140002000000007f00", [0x23]}})
sendmmsg$inet6(r3, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002\x00\x00\x00'], 0x28}}], 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
close(r1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x6, 0x0, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x4, 0xffffffff}, 0x1320, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x100001f, &(0x7f0000000240)={[{@errors_remount}, {@grpquota}, {@i_version}, {@data_err_ignore}]}, 0x21, 0x44b, &(0x7f0000000dc0)="$eJzs281vG0UbAPBn7aR9274lKSof/YAGCqICkTRpgR44tAgkDiAhwaEcQ5JWoW6DmiDRKoKAUDmiShy4IY5I/AWc4IKAExJXuKNKFcqlhZPR2ruJ49hJnNh1iH8/aZWZ3XFmHu+OPbPjDaBnDUXEpxHx/4j4PSIGIiKpLzBU/XN3cX7i78X5iSTK5Tf/Sirl7izOT+RF89ftyzML1fyRBvXOXrt+abxUmrqa5UfmLr83Mnvt+rPTl8cvTl2cujJ25szpU6MvPD/2XFviTNt05/CHM0cPvfr2zdcnzt985+dvkyy8qIujTYbWOvhkmyvrtv016aSviw2hJcWISE9Xf6X/D0Qxlk/eQLzySVcbB3RUuVwu725+eKEM7GBJdLsFQHfkX/Tp/Dff7tHQY1u4fa46AUrjvptt1SN9UcjK9NfNb9spnW2dX/jnq3SLztyHAABY4ftz1b+rx3+FeLCm3NlsbWgwIg7ULG4cjIgHIiplH4qIh1usv36RZPX4p3CrxX/ZknT892K2trVy/JeP/mKwmOX2V+LvTy5Ml6ZORsR9EXEi+nen+dE16vjh5d8+b3ZsqGb8l25p/flYMGvHrb66G3ST43PjW4m51u2PIw73NYo/WVoJSCLiUEQcPra5Oqaf/uZos2Prx7+GNqwzlb+OeKp6/heiLv5csvb65Mj/ojR1ciS/Klb75dcbbzSrv9X4D3y5PGdrh/T87214/S/FP1gu1qzXzrZex40/Pms6p9ns9b8reauS3pXt+2B8bu7qaMSu5LVs/9nl/WPLr83zefk0/hPHG/f/+2P5nTgSEelF/EhEPBoRx7K2PxYRj0fE8TXi/+mlJ97dfPydlcY/uc75T2rX6zeRKF768bsVlQ62En96/k9XUieyPRv5/NtoA7f6/gEAAMB/QaHy2/+kMLyULhSGh6u/lz8Yewulmdm5Zy7MvH9lsvqMwGD0F/I7XQM190NHs2l9nh+ry5/K7ht/UdxTyQ9PzJQmux089Lh9Tfp/6s9it1sHdJzntaB36f/Qu/R/6F36P/SsRs//79lAGWAHaPT9/1EX2gHce8b/0Lta7f/VyYEpAewEvv+hd+n/0JO28lx/JxP5+sN2ac+KRLm8Xpm+7dLUziWisC2aIdGhRJc/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrk3wAAAP//+TvoKw==")
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
ptrace$pokeuser(0x6, r6, 0x358, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

4m51.30339267s ago: executing program 3 (id=16):
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
syz_io_uring_setup(0x4ee6, &(0x7f0000000180)={0x0, 0xd294, 0x20, 0x3, 0x314, 0x0, r0}, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket(0x11, 0x2, 0xdaac)
sched_setscheduler(0x0, 0x0, &(0x7f0000000240)=0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
setsockopt(0xffffffffffffffff, 0x84, 0x80, &(0x7f0000000000), 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

4m48.476745452s ago: executing program 3 (id=29):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x80)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)

4m48.441335233s ago: executing program 32 (id=29):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x80)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)

3.205979722s ago: executing program 4 (id=4013):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r1, 0x0)
syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x6}, 0x18)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
accept(r1, 0x0, 0x0)

3.162969643s ago: executing program 1 (id=4015):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3.044541925s ago: executing program 1 (id=4017):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0xfffffffc, @empty, 0x2}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0x2}, 0x18)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf2501000000080002000000000005000500000000000800030001000000480001800500020020000000060001000200000008000600030000000800"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="01002cbd7000ffdbdf2504"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

2.981686436s ago: executing program 1 (id=4018):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)

2.796518619s ago: executing program 1 (id=4020):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYBLOB="8115b31ac017b6cdeb8b0783b9ac10488a21fbb431c7c96077030ce111291daf11ef066561eb808b2d98e0187310c3a0f88c5fab75c5aa5d5b5f4871a26dcdca350457908629912d333f6235655df3b0432258471914ea09958e5cb85ae3c748b950fa9558", @ANYRES32, @ANYRES16, @ANYRESDEC, @ANYRES8, @ANYRESHEX, @ANYRESDEC=r0], 0xf9, 0x1205, &(0x7f0000002100)="$eJzs3E9rHGUcB/Bf1tSkqfmj1mp70Ae8eBqaHDwJEiQFyYJSG6EVhKmZ6JJxN2SWwIoYe/Lq6/DsTfAd5OJr8NaLxx7Ekc4kmm23iodmsfl8Djs/nuf58tvnMjDLPHv/ne+/3N2psp18eC9mZqKzF5EepEjRiROvb7bX23c217vdjZsp3Vi/tfp2SmnpjZ8/+XouIi59/OPST3NxtPLp4W9rvx5dObp6/49bX/Sq1KtSfzBMebo7GAzzu2WRtnvVbpbSh2WRV0Xq9atif2x+pxzs7Y1S3t9eXNjbL6oq5f1R2i1GaThIw/1Ryj/Pe/2UZVlaXAie6MK/L9n64UFd1xF1fSGej7qu64uxEJfihViMpfg2Il6Ml+LluByvxJV4NV6Lq82qs/j6AAAAAAAAAAAAAAAAAAAAcH780/n/5Vhx/h8AAAAAAAAAAAAAAAAAAADOwEe372yud7sbN1Oajyi/O9g62Gqv7fz6TvSijCKux3L8Hs3p/1Zb33i/u3E9NVbiXnl4nD882HquzT/8eJhfbf5O4Dg/28yd5FfbfBrPz8XC6f5rsRyXJ/dfm5ifj7fePJXPYjl++SwGUcZ20/vv/DerKb33QfeR/LVmHQAAADwLsvSXic/vWfak+Tb/H34feOT5ejauzU5370RUo692805Z7DdFeVLMPzZyXMw8NnJcxITF56aYGx/pPKVenZj6ThXPanExxkemfWfiLJy6gQMAAAAAAAAAAPA/8pTfK5yNCW+WvTudrQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+yA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAAAD//4mOx/c=")
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000400)="6a6f8e5e", 0x4}], 0x2}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1}, 0x0)

2.504513273s ago: executing program 1 (id=4024):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x11)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

2.503707023s ago: executing program 0 (id=4025):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}])

2.431025604s ago: executing program 1 (id=4029):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x80)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)

2.421452524s ago: executing program 0 (id=4030):
io_setup(0x1, &(0x7f00000004c0))
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd231, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000340)='sched_switch\x00', r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="120000000c00000004000000b47c000000000000", @ANYRES32, @ANYRESDEC], 0x50)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000080), 0x208e24b)
lseek(r3, 0x0, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
finit_module(r5, 0x0, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000300)={&(0x7f0000000780)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWFLOWTABLE={0xd0, 0x16, 0xa, 0x883, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x84, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x401}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'erspan0\x00'}, {0x14, 0x1, 'macvlan0\x00'}, {0x14, 0x1, 'veth0_to_bridge\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'pimreg\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSET={0x78, 0x9, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x35}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x4}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_EXPR={0x44, 0x11, 0x0, 0x1, @redir={{0xa}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x6}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_REDIR_FLAGS={0x8}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}, @NFT_MSG_DELSET={0x20, 0xb, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELFLOWTABLE={0xe4, 0x18, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_FLOWTABLE_HOOK={0x4c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'team_slave_0\x00'}, {0x14, 0x1, 'macvlan0\x00'}, {0x14, 0x1, 'bridge_slave_1\x00'}]}]}, @NFTA_FLOWTABLE_HOOK={0x84, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x25}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'batadv0\x00'}, {0x14, 0x1, 'pimreg1\x00'}, {0x14, 0x1, 'ipvlan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xfffffffa}]}]}, @NFT_MSG_NEWSET={0x7b0, 0x9, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @tproxy={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x17}]}}}, @NFTA_SET_USERDATA={0x8e, 0xd, 0x1, 0x0, "a4dfd7fe6a5bd5cd44519eac90625178da5659047543b91b26866d0cf4819387a84b63178c39947075ac485c18dfae67c69f2c315bc9493b3e4f1d797feb2f0679676b28b176e8251d9a5c4094f0af373da64ef280e8f13eea9c37fdbfa63f4e83c2c33f2e37ecd8095231f7859bcb99c032fd432d7c9b2f3966c45c1dddab6e76311d0d58557f64c84a"}, @NFTA_SET_ID={0x8}, @NFTA_SET_EXPR={0x1ac, 0x11, 0x0, 0x1, @target={{0xb}, @val={0x19c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x8b, 0x3, "8260186074b87b5e827b30825ae7309f8043643146bf901af47ffb7eca1d64eb2d298b0997e4d89725f2ea1f41d7e5e06db19397871bc72ae0bbb14fbaab816f426cf5a6378417cef91f865f7bb7e8b3b71bc59804ed20e9c7e9c088b15f12a9fb33a4df278c527e0e9001f0a5cc58f95dc1d46d79d576f76ca86cfd90e761fd75acfc55ad30b6"}, @NFTA_TARGET_INFO={0x53, 0x3, "a3349776582503cdae3056b7f4189dcd33857595208f20c8d85621a41097584846eb7f207bdf8b283ea8577fb509aa0dfee1307cdf4232b51a8d0947dff34bc8cf23e57a5d5f990a27a4bf73b32ebb"}, @NFTA_TARGET_NAME={0xd, 0x1, 'CHECKSUM\x00'}, @NFTA_TARGET_NAME={0x7, 0x1, 'CT\x00'}, @NFTA_TARGET_INFO={0x29, 0x3, "4a3d895232ea50f8a73b8b68bdbee8b459430152bd82ee3ed13f9ab9c7a9eb22f41615e15b"}, @NFTA_TARGET_INFO={0x5a, 0x3, "081c2df3e718bdf23294bf7db637f250b6e66217ce83ee4f24b3252c2f58d3e9340c4e5880cd1a0c47cba50fb691679d11f263a14e9955c43ff84d6a49cf9930814c688b051e0c577072f29bbcaedb938b1d0dd93417"}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}, @NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, @NFTA_SET_EXPRESSIONS={0x128, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}, {0x3c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1a}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xe}]}}}, {0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x14, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}, {0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}, {0x50, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x19}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xe}]}}}, {0x38, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_PROTO_MAX={0x8, 0x6, 0x1, 0x0, 0x17}, @NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0xe}, @NFTA_NAT_REG_ADDR_MAX={0x8, 0x4, 0x1, 0x0, 0xe}]}}}]}, @NFTA_SET_EXPRESSIONS={0xc4, 0x12, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8}]}}}, {0x40, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_SYNPROXY_WSCALE={0x5}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x101}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x7f}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x16}]}}}, {0x10, 0x1, 0x0, 0x1, @range={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @hash={{0x9}, @void}}, {0x18, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @void}}]}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_EXPRESSIONS={0x324, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @meta={{0x9}, @void}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @reject={{0xb}, @void}}, {0x2e4, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2d4, 0x2, 0x0, 0x1, [@NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_RANGE_FROM_DATA={0x2a0, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0xd9, 0x1, "90b7a5d18741da453f1c96885ea6cab93ae73d199028a7788899920230c57edbc681d329455e42b972860844cca761ade59dcad71d14cafdaf41cc4b3700c466b0ce0e7cffcb83ff977315cc0347196a26934be95ce79a981aeb9d60a1f0e9ec25b7bbdf6e4e2717c0c262d7a9c7fe34335f2a3d9ddb420f5f356789646444d031c4bc49a238be33ac2407e1cf6e267e26b404eb640dd9d681f04af5779a3f6382d98481e2c283866c33f6fca9a47f18a4ff307085e8ab57223a896ebab0e6b08f4a1a6a85b10b0ee8f3f9d9b94b03fbf27da24296"}, @NFTA_DATA_VALUE={0x93, 0x1, "d9423c58a46b355c73ab391a635821b2673cbadfd834197122554e0d511322e63d4f76a424ead0aaa79116a5ba29d6d491fd3bd7cb8c8490c4987df019f467a11f0997cf4724ebd70c625665dc1771e17f6cadafcbb40552a98d876693c0297f26d69af7151c9d8c779f713504d45e0bd8d23609557f54e6bde0c1c4d6bdee533d9ac2137ccf9f96bb7404800ac512"}, @NFTA_DATA_VALUE={0xb9, 0x1, "b083bf00f109d29dc1fb721a9691f0dff62150aa2143ea4bd014122a16abd0bc05b77c64efdbe5f88ea8fa6af9d3926357d91682ccda0142e907299e4838d84600537afe63a6ff894a23c2c89f917f0e531ec1d601f537149377a1c826d57b70a3bddde495b5e210bc5ccd41a4903b36c42f21d7406431677375a0bb34ef67ed0fa55d08942c6372b66d02a3cb3f5dbf5974afa3b0b021da46ef0b08255f0946c422cc66385b487d53ec12736381af35280f1f799a"}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x5}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xa24}}, 0x41)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
write$binfmt_misc(r5, &(0x7f00000006c0)="c15b834339612ebbcc45f6db03af4a675a3fe9cb2b1659414e00173ec551323a33afa5cb19a114c7c389cb1a9a70862babed90615842c394232218ce5374d4ac7ffa2402303f99cffb51bcb2698b37dcc7e5239c4b4518", 0x57)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r8, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
sendto$inet6(r6, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)

2.329286326s ago: executing program 4 (id=4032):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000001c0)={[{@nodioread_nolock}, {@nodiscard}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@inlinecrypt}, {@i_version}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
umount2(&(0x7f00000002c0)='./file0\x00', 0x2)

1.982823311s ago: executing program 2 (id=4034):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYBLOB="8115b31ac017b6cdeb8b0783b9ac10488a21fbb431c7c96077030ce111291daf11ef066561eb808b2d98e0187310c3a0f88c5fab75c5aa5d5b5f4871a26dcdca350457908629912d333f6235655df3b0432258471914ea09958e5cb85ae3c748b950fa9558", @ANYRES32, @ANYRES16, @ANYRESDEC, @ANYRES8, @ANYRESHEX, @ANYRESDEC=r0], 0xf9, 0x1205, &(0x7f0000002100)="$eJzs3E9rHGUcB/Bf1tSkqfmj1mp70Ae8eBqaHDwJEiQFyYJSG6EVhKmZ6JJxN2SWwIoYe/Lq6/DsTfAd5OJr8NaLxx7Ekc4kmm23iodmsfl8Djs/nuf58tvnMjDLPHv/ne+/3N2psp18eC9mZqKzF5EepEjRiROvb7bX23c217vdjZsp3Vi/tfp2SmnpjZ8/+XouIi59/OPST3NxtPLp4W9rvx5dObp6/49bX/Sq1KtSfzBMebo7GAzzu2WRtnvVbpbSh2WRV0Xq9atif2x+pxzs7Y1S3t9eXNjbL6oq5f1R2i1GaThIw/1Ryj/Pe/2UZVlaXAie6MK/L9n64UFd1xF1fSGej7qu64uxEJfihViMpfg2Il6Ml+LluByvxJV4NV6Lq82qs/j6AAAAAAAAAAAAAAAAAAAAcH780/n/5Vhx/h8AAAAAAAAAAAAAAAAAAADOwEe372yud7sbN1Oajyi/O9g62Gqv7fz6TvSijCKux3L8Hs3p/1Zb33i/u3E9NVbiXnl4nD882HquzT/8eJhfbf5O4Dg/28yd5FfbfBrPz8XC6f5rsRyXJ/dfm5ifj7fePJXPYjl++SwGUcZ20/vv/DerKb33QfeR/LVmHQAAADwLsvSXic/vWfak+Tb/H34feOT5ejauzU5370RUo692805Z7DdFeVLMPzZyXMw8NnJcxITF56aYGx/pPKVenZj6ThXPanExxkemfWfiLJy6gQMAAAAAAAAAAPA/8pTfK5yNCW+WvTudrQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+yA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAAAD//4mOx/c=")
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000400)="6a6f8e5e", 0x4}], 0x2}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1}, 0x0)

1.886725322s ago: executing program 4 (id=4035):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x11)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x40)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x3000c085)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f0000000100)=r4, 0x4)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

1.708418175s ago: executing program 2 (id=4036):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, r3}])

1.679484525s ago: executing program 0 (id=4037):
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000100)={0x1a, 0x7, 0x1, {{0xd, '/dev/net/tun\x00'}, 0x1}}, 0x1a)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000200)={[{@inlinecrypt}, {@jqfmt_vfsv1}, {@quota}, {@init_itable_val={'init_itable', 0x3d, 0x8}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@sysvgroups}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}], [{@appraise}]}, 0x1, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8)
unshare(0x8000000)
r1 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='asymmetric\x00', 0x0, &(0x7f00000002c0)="9fcc", 0x2, r1)
semget$private(0x0, 0x4000, 0x555)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f00000012c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r3, &(0x7f0000004200)='t', 0x1)
fsopen(&(0x7f0000000000)='cpuset\x00', 0x0)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7ffff000)
semtimedop(0x0, &(0x7f0000000440)=[{0x0, 0x0, 0x1000}], 0xf, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'pimreg1\x00', 0x1})

1.645655826s ago: executing program 4 (id=4038):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="2100000000000000000000000000100000040000", @ANYRES32, @ANYBLOB="0000000000000000000baa010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000002"], 0x50)

1.602082387s ago: executing program 4 (id=4039):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000430, &(0x7f0000000100)={[{@grpid}, {@dioread_lock}]}, 0x8, 0x508, &(0x7f0000000a40)="$eJzs3c9vG1kdAPDvOHGSzbqbLOwBELDZZaGgKs6P7kar5UD3AkKrlRCrnji0IXGjKHYdxUlpQg/pkTsSlTjBn8CNA1JPHLhxgxuXckAqUIEaJA5GM54mbhI3Cfnh1v58pPHMezPu9z277z3PS5wXQN+aiHcG0v1QRNyMiLE8P8m3uNbaJiLi6ZN7CztP7i0k0Wx+9o8kO5/mRdtzUq9HxHZEjETED78X8ePkYNzG5tbKfLVaWcvTU+u11anG5tbkciHPmZ2bmZv+8OoHs2dW17drv3n83eVPrv/ut1959Mftb/00LVbpZ5eyc+31OEutqhej1JY3GBGfnEewLhnM///w6klb2+ci4t2s/Y/FQPZuAgC9rNkci+ZYexoA6HXp/X8pkkI5nwsoRaFQLrfm8N6K0UK13li/MlbfuL0Y2RzWeBQLt5arlel8rnA8ikmansmO99Kz+9JXI+LNiPj58GtZurxQry5284MPAPSx1/eN//8ebo3/AECPGznR1ePnVg4A4OKcbPwHAHqB8R8A+s8Jxn/fDgSAHuH+HwD6j/EfAPrPkeP//YspBwBwIX7w6afp1tzJ//714p3NjW+X7kwuVhor5drGQnmhvrZaXqrXl6qV8kKzedS/V63XV2fe3002Nrdu1Oobt9dvLNfmlyo3KsVzrg8AcLQ333745yQitj96LduibS0HYzX0tkK3CwB0zUC3CwB0je/zQP86xj2+aQDocYcs0fucjr8i9MDir/CquvxF8//Qr8z/Q//6/+b/v3Pm5QAunvl/6F/NZmLNfwDoM+b4gVP9/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6VCnbkkI5Wwt8O30slMsRlyJiPIrJreVqZToi3oiIPw0Xh9P0TLcLDQCcUuFvSb7+1+Wx90r7zw4l/xnO9hHxk19+9ou78+vrazNp/j9389cf5PmzQ92oAADQ7trBrNY4ne/bbuSfPrm38Gy7yCI+/ri1uGgadyffWmcGYzDbj0QxIkb/leTplvTzysAZxN++HxFf2Kv/3bYIpWwOpLXy6f74aexL5xB/7/XfH7/wXPxCdi7dF7PX4vNnUBboNw8/bvWTedtLm1je/goxke0Pb/8jWQ91es/6v50D/V9ht/8bOBA/ydr8xG76xSV5/P7vv38gsznWOnc/4kuDh8VPduMnHfrf945Zx798+avvdjrX/FXE5Tg8fkst62an1murU43Nrcnl2vxSZalye3Z2bmZu+sOrH8xOZXPUrcc/HBbj7x9deaNT/LT+ox3ijxxR/68fs/6//u/NH73zgvjf/Nrh7/9bL4ifjonfOGb8+dFrHZfvTuMvdqj/Ue//lWPGf/TXrcVjXgoAXIDG5tbKfLVaWTviIP2sedQ1Dl7Ng9iOOMbFky9BUS/2YDhvJC9LearXT/P0oZM14S53TMC522v03S4JAAAAAAAAAAAAAADQSWNza2U4zverS92uIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3rfwEAAP//3tLJQA==")
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x42)
socket$kcm(0x10, 0x2, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
io_pgetevents(r3, 0x3, 0x3, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
munlockall()
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_clone3(&(0x7f00000007c0)={0x40120000, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1.585156696s ago: executing program 2 (id=4040):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x11)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000000000", @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

1.440838798s ago: executing program 5 (id=4041):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r1}])

1.39750067s ago: executing program 2 (id=4042):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
io_setup(0x7d, &(0x7f0000000600)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])

1.32931831s ago: executing program 5 (id=4043):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(0x0, r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fbdbdf25020000000a000900aaaaaaaaaa44000008000300", @ANYRES32=r5, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)

1.290011271s ago: executing program 2 (id=4044):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000001c0)={[{@nodioread_nolock}, {@nodiscard}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@inlinecrypt}, {@i_version}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
umount2(&(0x7f00000002c0)='./file0\x00', 0x2)

1.205858722s ago: executing program 5 (id=4045):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000001c0)={[{@nodioread_nolock}, {@nodiscard}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@inlinecrypt}, {@i_version}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
umount2(&(0x7f00000002c0)='./file0\x00', 0x2)

717.09451ms ago: executing program 5 (id=4046):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYBLOB="8115b31ac017b6cdeb8b0783b9ac10488a21fbb431c7c96077030ce111291daf11ef066561eb808b2d98e0187310c3a0f88c5fab75c5aa5d5b5f4871a26dcdca350457908629912d333f6235655df3b0432258471914ea09958e5cb85ae3c748b950fa9558", @ANYRES32, @ANYRES16, @ANYRESDEC, @ANYRES8, @ANYRESHEX, @ANYRESDEC=r0], 0xf9, 0x1205, &(0x7f0000002100)="$eJzs3E9rHGUcB/Bf1tSkqfmj1mp70Ae8eBqaHDwJEiQFyYJSG6EVhKmZ6JJxN2SWwIoYe/Lq6/DsTfAd5OJr8NaLxx7Ekc4kmm23iodmsfl8Djs/nuf58tvnMjDLPHv/ne+/3N2psp18eC9mZqKzF5EepEjRiROvb7bX23c217vdjZsp3Vi/tfp2SmnpjZ8/+XouIi59/OPST3NxtPLp4W9rvx5dObp6/49bX/Sq1KtSfzBMebo7GAzzu2WRtnvVbpbSh2WRV0Xq9atif2x+pxzs7Y1S3t9eXNjbL6oq5f1R2i1GaThIw/1Ryj/Pe/2UZVlaXAie6MK/L9n64UFd1xF1fSGej7qu64uxEJfihViMpfg2Il6Ml+LluByvxJV4NV6Lq82qs/j6AAAAAAAAAAAAAAAAAAAAcH780/n/5Vhx/h8AAAAAAAAAAAAAAAAAAADOwEe372yud7sbN1Oajyi/O9g62Gqv7fz6TvSijCKux3L8Hs3p/1Zb33i/u3E9NVbiXnl4nD882HquzT/8eJhfbf5O4Dg/28yd5FfbfBrPz8XC6f5rsRyXJ/dfm5ifj7fePJXPYjl++SwGUcZ20/vv/DerKb33QfeR/LVmHQAAADwLsvSXic/vWfak+Tb/H34feOT5ejauzU5370RUo692805Z7DdFeVLMPzZyXMw8NnJcxITF56aYGx/pPKVenZj6ThXPanExxkemfWfiLJy6gQMAAAAAAAAAAPA/8pTfK5yNCW+WvTudrQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+yA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAAAD//4mOx/c=")
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000400)="6a6f8e5e", 0x4}], 0x2}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1}, 0x0)

713.48919ms ago: executing program 0 (id=4047):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
pwritev(r1, 0x0, 0x0, 0x803, 0x0)

668.67561ms ago: executing program 2 (id=4048):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000430, &(0x7f0000000100)={[{@grpid}, {@dioread_lock}]}, 0x8, 0x508, &(0x7f0000000a40)="$eJzs3c9vG1kdAPDvOHGSzbqbLOwBELDZZaGgKs6P7kar5UD3AkKrlRCrnji0IXGjKHYdxUlpQg/pkTsSlTjBn8CNA1JPHLhxgxuXckAqUIEaJA5GM54mbhI3Cfnh1v58pPHMezPu9z277z3PS5wXQN+aiHcG0v1QRNyMiLE8P8m3uNbaJiLi6ZN7CztP7i0k0Wx+9o8kO5/mRdtzUq9HxHZEjETED78X8ePkYNzG5tbKfLVaWcvTU+u11anG5tbkciHPmZ2bmZv+8OoHs2dW17drv3n83eVPrv/ut1959Mftb/00LVbpZ5eyc+31OEutqhej1JY3GBGfnEewLhnM///w6klb2+ci4t2s/Y/FQPZuAgC9rNkci+ZYexoA6HXp/X8pkkI5nwsoRaFQLrfm8N6K0UK13li/MlbfuL0Y2RzWeBQLt5arlel8rnA8ikmansmO99Kz+9JXI+LNiPj58GtZurxQry5284MPAPSx1/eN//8ebo3/AECPGznR1ePnVg4A4OKcbPwHAHqB8R8A+s8Jxn/fDgSAHuH+HwD6j/EfAPrPkeP//YspBwBwIX7w6afp1tzJ//714p3NjW+X7kwuVhor5drGQnmhvrZaXqrXl6qV8kKzedS/V63XV2fe3002Nrdu1Oobt9dvLNfmlyo3KsVzrg8AcLQ333745yQitj96LduibS0HYzX0tkK3CwB0zUC3CwB0je/zQP86xj2+aQDocYcs0fucjr8i9MDir/CquvxF8//Qr8z/Q//6/+b/v3Pm5QAunvl/6F/NZmLNfwDoM+b4gVP9/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6VCnbkkI5Wwt8O30slMsRlyJiPIrJreVqZToi3oiIPw0Xh9P0TLcLDQCcUuFvSb7+1+Wx90r7zw4l/xnO9hHxk19+9ou78+vrazNp/j9389cf5PmzQ92oAADQ7trBrNY4ne/bbuSfPrm38Gy7yCI+/ri1uGgadyffWmcGYzDbj0QxIkb/leTplvTzysAZxN++HxFf2Kv/3bYIpWwOpLXy6f74aexL5xB/7/XfH7/wXPxCdi7dF7PX4vNnUBboNw8/bvWTedtLm1je/goxke0Pb/8jWQ91es/6v50D/V9ht/8bOBA/ydr8xG76xSV5/P7vv38gsznWOnc/4kuDh8VPduMnHfrf945Zx798+avvdjrX/FXE5Tg8fkst62an1murU43Nrcnl2vxSZalye3Z2bmZu+sOrH8xOZXPUrcc/HBbj7x9deaNT/LT+ox3ijxxR/68fs/6//u/NH73zgvjf/Nrh7/9bL4ifjonfOGb8+dFrHZfvTuMvdqj/Ue//lWPGf/TXrcVjXgoAXIDG5tbKfLVaWTviIP2sedQ1Dl7Ng9iOOMbFky9BUS/2YDhvJC9LearXT/P0oZM14S53TMC522v03S4JAAAAAAAAAAAAAADQSWNza2U4zverS92uIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3rfwEAAP//3tLJQA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_clone3(&(0x7f00000007c0)={0x40120000, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)

592.495721ms ago: executing program 0 (id=4049):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x11)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x40)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x3000c085)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f0000000100)=r4, 0x4)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

521.897142ms ago: executing program 5 (id=4050):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
close(r0)

476.297723ms ago: executing program 5 (id=4051):
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000100)={0x1a, 0x7, 0x1, {{0xd, '/dev/net/tun\x00'}, 0x1}}, 0x1a)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000001c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000200)={[{@inlinecrypt}, {@jqfmt_vfsv1}, {@quota}, {@init_itable_val={'init_itable', 0x3d, 0x8}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@sysvgroups}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}], [{@appraise}]}, 0x1, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r1, 0x20, 0x0, 0x8)
unshare(0x8000000)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='asymmetric\x00', 0x0, &(0x7f00000002c0)="9fcc", 0x2, r2)
semget$private(0x0, 0x4000, 0x555)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f00000012c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r4, &(0x7f0000004200)='t', 0x1)
fsopen(&(0x7f0000000000)='cpuset\x00', 0x0)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)
semtimedop(0x0, &(0x7f0000000440)=[{0x0, 0x0, 0x1000}], 0xf, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'pimreg1\x00', 0x1})
writev(r5, &(0x7f0000000000)=[{&(0x7f00000006c0)="89e7ee2c78dad9b4b473fe", 0xb}, {0x0}], 0x2)

470.696663ms ago: executing program 0 (id=4052):
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000100)={0x1a, 0x7, 0x1, {{0xd, '/dev/net/tun\x00'}, 0x1}}, 0x1a)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000001c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000200)={[{@inlinecrypt}, {@jqfmt_vfsv1}, {@quota}, {@init_itable_val={'init_itable', 0x3d, 0x8}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@sysvgroups}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}], [{@appraise}]}, 0x1, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r1, 0x20, 0x0, 0x8)
unshare(0x8000000)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='asymmetric\x00', 0x0, &(0x7f00000002c0)="9f", 0x1, r2)
semget$private(0x0, 0x4000, 0x555)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f00000012c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)
semtimedop(0x0, &(0x7f0000000440)=[{0x0, 0x0, 0x1000}], 0xf, 0x0)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'pimreg1\x00', 0x1})
writev(r5, &(0x7f0000000000)=[{&(0x7f00000006c0)="89e7ee2c78dad9b4b473fec988cafbe863cac50580", 0x15}, {0x0}], 0x2)

0s ago: executing program 4 (id=4053):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r1}])

kernel console output (not intermixed with test programs):

02e
[  298.932192][T14550] RAX: ffffffffffffffda RBX: 00007f1152e35fa0 RCX: 00007f1152c0e969
[  298.932208][T14550] RDX: 0000000004000800 RSI: 00002000000002c0 RDI: 0000000000000005
[  298.932224][T14550] RBP: 00007f1151277090 R08: 0000000000000000 R09: 0000000000000000
[  298.932240][T14550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.932316][T14550] R13: 0000000000000000 R14: 00007f1152e35fa0 R15: 00007ffcbabb3d88
[  298.932342][T14550]  </TASK>
[  299.276205][T14553] loop5: detected capacity change from 0 to 512
[  299.375175][T14573] loop0: detected capacity change from 0 to 512
[  299.397206][T14575] can0: slcan on ttyS3.
[  299.444715][T14573] EXT4-fs (loop0): 1 orphan inode deleted
[  299.462405][ T4315] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 1
[  299.522789][T14575] can0 (unregistered): slcan off ttyS3.
[  299.538662][T14575] Falling back ldisc for ttyS3.
[  299.660506][T14589] loop4: detected capacity change from 0 to 1024
[  299.677821][T14589] EXT4-fs: inline encryption not supported
[  299.708624][T14589] EXT4-fs: Ignoring removed orlov option
[  299.714374][T14589] ext4: Unknown parameter 'appraise'
[  299.774693][T14589] loop4: detected capacity change from 0 to 1024
[  299.781304][T14589] EXT4-fs: Ignoring removed orlov option
[  300.051520][   T29] kauditd_printk_skb: 294 callbacks suppressed
[  300.051539][   T29] audit: type=1400 audit(300.026:14009): avc:  denied  { create } for  pid=14586 comm="syz.0.3542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  300.123369][   T29] audit: type=1400 audit(300.106:14010): avc:  denied  { create } for  pid=14600 comm="syz.5.3548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  300.183984][   T29] audit: type=1326 audit(300.116:14011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14586 comm="syz.0.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  300.207159][   T29] audit: type=1326 audit(300.116:14012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14586 comm="syz.0.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  300.230677][   T29] audit: type=1326 audit(300.116:14013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14586 comm="syz.0.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  300.254047][   T29] audit: type=1326 audit(300.116:14014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14586 comm="syz.0.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  300.277437][   T29] audit: type=1326 audit(300.116:14015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14586 comm="syz.0.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  300.300517][   T29] audit: type=1326 audit(300.116:14016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14586 comm="syz.0.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  300.323789][   T29] audit: type=1326 audit(300.116:14017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14586 comm="syz.0.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  300.347034][   T29] audit: type=1326 audit(300.116:14018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14586 comm="syz.0.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  300.376927][T14607] can0: slcan on ttyS3.
[  300.441677][T14601] loop5: detected capacity change from 0 to 512
[  300.453276][T14607] can0 (unregistered): slcan off ttyS3.
[  300.459502][T14607] Falling back ldisc for ttyS3.
[  300.508881][T14614] loop0: detected capacity change from 0 to 512
[  300.634990][T14624] loop4: detected capacity change from 0 to 1024
[  300.641761][T14621] loop1: detected capacity change from 0 to 512
[  300.642378][T14621] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  300.659638][T14624] EXT4-fs: Ignoring removed nobh option
[  300.665530][T14624] EXT4-fs: Ignoring removed bh option
[  300.667167][T14621] EXT4-fs (loop1): 1 truncate cleaned up
[  300.679039][T14624] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  300.704066][T14622] lo speed is unknown, defaulting to 1000
[  300.736839][T14621] hub 9-0:1.0: USB hub found
[  300.741618][T14621] hub 9-0:1.0: 8 ports detected
[  300.787937][T14638] loop4: detected capacity change from 0 to 512
[  300.826752][T14641] can0: slcan on ttyS3.
[  300.851246][T14644] FAULT_INJECTION: forcing a failure.
[  300.851246][T14644] name failslab, interval 1, probability 0, space 0, times 0
[  300.864091][T14644] CPU: 0 UID: 0 PID: 14644 Comm: syz.1.3564 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  300.864129][T14644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  300.864147][T14644] Call Trace:
[  300.864157][T14644]  <TASK>
[  300.864241][T14644]  __dump_stack+0x1d/0x30
[  300.864269][T14644]  dump_stack_lvl+0xe8/0x140
[  300.864293][T14644]  dump_stack+0x15/0x1b
[  300.864311][T14644]  should_fail_ex+0x265/0x280
[  300.864397][T14644]  should_failslab+0x8c/0xb0
[  300.864470][T14644]  kmem_cache_alloc_node_noprof+0x57/0x320
[  300.864507][T14644]  ? __alloc_skb+0x101/0x320
[  300.864534][T14644]  __alloc_skb+0x101/0x320
[  300.864562][T14644]  ? audit_log_start+0x365/0x6c0
[  300.864687][T14644]  audit_log_start+0x380/0x6c0
[  300.864725][T14644]  audit_seccomp+0x48/0x100
[  300.864825][T14644]  ? __seccomp_filter+0x68c/0x10d0
[  300.864852][T14644]  __seccomp_filter+0x69d/0x10d0
[  300.864945][T14644]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  300.865150][T14644]  ? vfs_write+0x75e/0x8e0
[  300.865178][T14644]  ? __rcu_read_unlock+0x4f/0x70
[  300.865222][T14644]  ? __fget_files+0x184/0x1c0
[  300.865261][T14644]  __secure_computing+0x82/0x150
[  300.865294][T14644]  syscall_trace_enter+0xcf/0x1e0
[  300.865323][T14644]  do_syscall_64+0xac/0x200
[  300.865447][T14644]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  300.865516][T14644]  ? clear_bhb_loop+0x40/0x90
[  300.865603][T14644]  ? clear_bhb_loop+0x40/0x90
[  300.865647][T14644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.865676][T14644] RIP: 0033:0x7fc3c13fe969
[  300.865697][T14644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.865721][T14644] RSP: 002b:00007fc3bfa67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  300.865746][T14644] RAX: ffffffffffffffda RBX: 00007fc3c1625fa0 RCX: 00007fc3c13fe969
[  300.865762][T14644] RDX: 000000000000006f RSI: 0000000000000084 RDI: ffffffffffffffff
[  300.865778][T14644] RBP: 00007fc3bfa67090 R08: 0000000000000000 R09: 0000000000000000
[  300.865821][T14644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.865844][T14644] R13: 0000000000000000 R14: 00007fc3c1625fa0 R15: 00007ffe4a53f478
[  300.865867][T14644]  </TASK>
[  301.145496][T14647] loop1: detected capacity change from 0 to 1024
[  301.153470][T14641] can0 (unregistered): slcan off ttyS3.
[  301.165774][T14641] Falling back ldisc for ttyS3.
[  301.172639][T14647] EXT4-fs: inline encryption not supported
[  301.178703][T14647] EXT4-fs: Ignoring removed orlov option
[  301.184418][T14647] ext4: Unknown parameter 'appraise'
[  301.221316][T14647] loop1: detected capacity change from 0 to 1024
[  301.226278][T14655] lo speed is unknown, defaulting to 1000
[  301.228182][T14647] EXT4-fs: Ignoring removed orlov option
[  301.408550][T14498] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.431995][T14498] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.444319][T14498] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.460135][T14498] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.480135][T14666] loop0: detected capacity change from 0 to 1024
[  301.491245][T14666] EXT4-fs: inline encryption not supported
[  301.522698][T14658] loop5: detected capacity change from 0 to 512
[  301.530354][T14666] EXT4-fs: Ignoring removed orlov option
[  301.536193][T14666] ext4: Unknown parameter 'appraise'
[  301.559882][T14666] loop0: detected capacity change from 0 to 1024
[  301.569949][T14666] EXT4-fs: Ignoring removed orlov option
[  301.622463][T14676] loop2: detected capacity change from 0 to 1024
[  301.629552][T14676] EXT4-fs: inline encryption not supported
[  301.638250][T14676] EXT4-fs: Ignoring removed orlov option
[  301.644053][T14676] ext4: Unknown parameter 'appraise'
[  301.661403][T14676] loop2: detected capacity change from 0 to 1024
[  301.668414][T14676] EXT4-fs: Ignoring removed orlov option
[  301.780966][T14680] SELinux: failed to load policy
[  301.938137][T14690] loop4: detected capacity change from 0 to 1024
[  301.962491][T14690] EXT4-fs: inline encryption not supported
[  301.969368][T14690] EXT4-fs: Ignoring removed orlov option
[  301.975152][T14690] ext4: Unknown parameter 'appraise'
[  302.047301][T14690] loop4: detected capacity change from 0 to 1024
[  302.063996][T14690] EXT4-fs: Ignoring removed orlov option
[  302.073828][T14693] loop5: detected capacity change from 0 to 512
[  302.098082][T14693] EXT4-fs (loop5): 1 orphan inode deleted
[  302.113072][ T4315] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 1
[  302.291456][T14705] loop5: detected capacity change from 0 to 512
[  302.446746][T14711] loop1: detected capacity change from 0 to 1024
[  302.460445][T14709] loop5: detected capacity change from 0 to 1024
[  302.470119][T14711] EXT4-fs: Ignoring removed nobh option
[  302.475800][T14711] EXT4-fs: Ignoring removed bh option
[  302.492073][T14709] EXT4-fs: Ignoring removed nobh option
[  302.497804][T14709] EXT4-fs: Ignoring removed bh option
[  302.520215][T14714] FAULT_INJECTION: forcing a failure.
[  302.520215][T14714] name failslab, interval 1, probability 0, space 0, times 0
[  302.533203][T14714] CPU: 1 UID: 0 PID: 14714 Comm: syz.0.3582 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  302.533238][T14714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.533254][T14714] Call Trace:
[  302.533263][T14714]  <TASK>
[  302.533274][T14714]  __dump_stack+0x1d/0x30
[  302.533300][T14714]  dump_stack_lvl+0xe8/0x140
[  302.533384][T14714]  dump_stack+0x15/0x1b
[  302.533404][T14714]  should_fail_ex+0x265/0x280
[  302.533430][T14714]  should_failslab+0x8c/0xb0
[  302.533462][T14714]  kmem_cache_alloc_node_noprof+0x57/0x320
[  302.533573][T14714]  ? __alloc_skb+0x101/0x320
[  302.533608][T14714]  __alloc_skb+0x101/0x320
[  302.533637][T14714]  ? audit_log_start+0x365/0x6c0
[  302.533679][T14714]  audit_log_start+0x380/0x6c0
[  302.533730][T14714]  audit_seccomp+0x48/0x100
[  302.533764][T14714]  ? __seccomp_filter+0x68c/0x10d0
[  302.533794][T14714]  __seccomp_filter+0x69d/0x10d0
[  302.533825][T14714]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  302.533858][T14714]  ? vfs_write+0x75e/0x8e0
[  302.533950][T14714]  ? __rcu_read_unlock+0x4f/0x70
[  302.533979][T14714]  ? __fget_files+0x184/0x1c0
[  302.534022][T14714]  __secure_computing+0x82/0x150
[  302.534132][T14714]  syscall_trace_enter+0xcf/0x1e0
[  302.534165][T14714]  do_syscall_64+0xac/0x200
[  302.534200][T14714]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.534323][T14714]  ? clear_bhb_loop+0x40/0x90
[  302.534350][T14714]  ? clear_bhb_loop+0x40/0x90
[  302.534403][T14714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.534430][T14714] RIP: 0033:0x7f1152c0e969
[  302.534505][T14714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.534528][T14714] RSP: 002b:00007f1151277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  302.534552][T14714] RAX: ffffffffffffffda RBX: 00007f1152e35fa0 RCX: 00007f1152c0e969
[  302.534568][T14714] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  302.534583][T14714] RBP: 00007f1151277090 R08: 0000000000000000 R09: 0000000000000000
[  302.534652][T14714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.534667][T14714] R13: 0000000000000000 R14: 00007f1152e35fa0 R15: 00007ffcbabb3d88
[  302.534693][T14714]  </TASK>
[  302.786628][T14711] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  302.849761][T14720] netlink: 'syz.0.3583': attribute type 12 has an invalid length.
[  302.855528][T14709] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  302.909590][T14720] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3583'.
[  302.922610][T14721] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3583'.
[  302.938143][T14727] can0: slcan on ttyS3.
[  302.949138][T14730] FAULT_INJECTION: forcing a failure.
[  302.949138][T14730] name failslab, interval 1, probability 0, space 0, times 0
[  302.961918][T14730] CPU: 0 UID: 0 PID: 14730 Comm: syz.2.3586 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  302.962019][T14730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.962036][T14730] Call Trace:
[  302.962083][T14730]  <TASK>
[  302.962092][T14730]  __dump_stack+0x1d/0x30
[  302.962115][T14730]  dump_stack_lvl+0xe8/0x140
[  302.962145][T14730]  dump_stack+0x15/0x1b
[  302.962168][T14730]  should_fail_ex+0x265/0x280
[  302.962291][T14730]  ? proc_cgroup_show+0x3f/0x600
[  302.962316][T14730]  should_failslab+0x8c/0xb0
[  302.962342][T14730]  __kmalloc_cache_noprof+0x4c/0x320
[  302.962408][T14730]  proc_cgroup_show+0x3f/0x600
[  302.962430][T14730]  ? __rcu_read_unlock+0x4f/0x70
[  302.962458][T14730]  proc_single_show+0x89/0x110
[  302.962485][T14730]  traverse+0x141/0x3a0
[  302.962610][T14730]  seq_read_iter+0x853/0x940
[  302.962650][T14730]  ? _parse_integer+0x27/0x40
[  302.962765][T14730]  seq_read+0x1f7/0x240
[  302.962811][T14730]  ? __pfx_seq_read+0x10/0x10
[  302.962873][T14730]  vfs_readv+0x3fb/0x690
[  302.962914][T14730]  __x64_sys_preadv+0xfd/0x1c0
[  302.962963][T14730]  x64_sys_call+0x1503/0x2fb0
[  302.963069][T14730]  do_syscall_64+0xd2/0x200
[  302.963099][T14730]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.963128][T14730]  ? clear_bhb_loop+0x40/0x90
[  302.963169][T14730]  ? clear_bhb_loop+0x40/0x90
[  302.963196][T14730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.963224][T14730] RIP: 0033:0x7fa0c8fce969
[  302.963242][T14730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.963267][T14730] RSP: 002b:00007fa0c7637038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  302.963285][T14730] RAX: ffffffffffffffda RBX: 00007fa0c91f5fa0 RCX: 00007fa0c8fce969
[  302.963298][T14730] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  302.963312][T14730] RBP: 00007fa0c7637090 R08: 0000000000000000 R09: 0000000000000000
[  302.963327][T14730] R10: 000000000000012e R11: 0000000000000246 R12: 0000000000000001
[  302.963367][T14730] R13: 0000000000000000 R14: 00007fa0c91f5fa0 R15: 00007ffe1c462e48
[  302.963392][T14730]  </TASK>
[  302.967434][T14721] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  303.098156][T14740] loop4: detected capacity change from 0 to 1024
[  303.103877][T14721] batman_adv: batadv0: Removing interface: batadv_slave_0
[  303.201906][T14721] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  303.202682][T14727] can0 (unregistered): slcan off ttyS3.
[  303.209545][T14721] batman_adv: batadv0: Removing interface: batadv_slave_1
[  303.215167][T14727] Falling back ldisc for ttyS3.
[  303.252571][T14728] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  303.272581][T14745] loop2: detected capacity change from 0 to 512
[  303.330525][T14753] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  303.346363][T14757] loop2: detected capacity change from 0 to 1024
[  303.355295][T14757] EXT4-fs: inline encryption not supported
[  303.361380][T14757] EXT4-fs: Ignoring removed orlov option
[  303.367198][T14757] ext4: Unknown parameter 'appraise'
[  303.383946][T14757] loop2: detected capacity change from 0 to 1024
[  303.393185][T14761] FAULT_INJECTION: forcing a failure.
[  303.393185][T14761] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.396885][T14757] EXT4-fs: Ignoring removed orlov option
[  303.406396][T14761] CPU: 1 UID: 0 PID: 14761 Comm: syz.5.3597 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  303.406434][T14761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  303.406449][T14761] Call Trace:
[  303.406539][T14761]  <TASK>
[  303.406552][T14761]  __dump_stack+0x1d/0x30
[  303.406585][T14761]  dump_stack_lvl+0xe8/0x140
[  303.406613][T14761]  dump_stack+0x15/0x1b
[  303.406637][T14761]  should_fail_ex+0x265/0x280
[  303.406730][T14761]  should_fail+0xb/0x20
[  303.406755][T14761]  should_fail_usercopy+0x1a/0x20
[  303.406815][T14761]  _copy_to_user+0x20/0xa0
[  303.406852][T14761]  simple_read_from_buffer+0xb5/0x130
[  303.406893][T14761]  proc_fail_nth_read+0x100/0x140
[  303.406940][T14761]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  303.406972][T14761]  vfs_read+0x1a0/0x6f0
[  303.407011][T14761]  ksys_read+0xda/0x1a0
[  303.407067][T14761]  __x64_sys_read+0x40/0x50
[  303.407098][T14761]  x64_sys_call+0x2d77/0x2fb0
[  303.407129][T14761]  do_syscall_64+0xd2/0x200
[  303.407170][T14761]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  303.407261][T14761]  ? clear_bhb_loop+0x40/0x90
[  303.407291][T14761]  ? clear_bhb_loop+0x40/0x90
[  303.407322][T14761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.407352][T14761] RIP: 0033:0x7fbab530d37c
[  303.407439][T14761] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  303.407466][T14761] RSP: 002b:00007fbab3977030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  303.407492][T14761] RAX: ffffffffffffffda RBX: 00007fbab5535fa0 RCX: 00007fbab530d37c
[  303.407509][T14761] RDX: 000000000000000f RSI: 00007fbab39770a0 RDI: 0000000000000004
[  303.407527][T14761] RBP: 00007fbab3977090 R08: 0000000000000000 R09: 0000000000000000
[  303.407545][T14761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.407562][T14761] R13: 0000000000000000 R14: 00007fbab5535fa0 R15: 00007ffc261006a8
[  303.407672][T14761]  </TASK>
[  303.542679][T14770] loop0: detected capacity change from 0 to 1024
[  303.619578][T14770] EXT4-fs: inline encryption not supported
[  303.625641][T14770] EXT4-fs: Ignoring removed orlov option
[  303.631321][T14770] ext4: Unknown parameter 'appraise'
[  303.702119][T14782] loop4: detected capacity change from 0 to 512
[  303.719014][T14770] loop0: detected capacity change from 0 to 1024
[  303.726487][T14770] EXT4-fs: Ignoring removed orlov option
[  303.787247][T14789] netlink: 116 bytes leftover after parsing attributes in process `syz.5.3607'.
[  303.881568][T14795] loop5: detected capacity change from 0 to 512
[  303.897190][T14795] EXT4-fs (loop5): 1 orphan inode deleted
[  303.915039][  T386] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  303.975403][T14802] FAULT_INJECTION: forcing a failure.
[  303.975403][T14802] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.988538][T14802] CPU: 0 UID: 0 PID: 14802 Comm: syz.5.3611 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  303.988598][T14802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  303.988615][T14802] Call Trace:
[  303.988670][T14802]  <TASK>
[  303.988686][T14802]  __dump_stack+0x1d/0x30
[  303.988711][T14802]  dump_stack_lvl+0xe8/0x140
[  303.988735][T14802]  dump_stack+0x15/0x1b
[  303.988783][T14802]  should_fail_ex+0x265/0x280
[  303.988813][T14802]  should_fail+0xb/0x20
[  303.988836][T14802]  should_fail_usercopy+0x1a/0x20
[  303.988866][T14802]  _copy_from_user+0x1c/0xb0
[  303.988944][T14802]  ___sys_sendmsg+0xc1/0x1d0
[  303.989056][T14802]  __x64_sys_sendmsg+0xd4/0x160
[  303.989171][T14802]  x64_sys_call+0x2999/0x2fb0
[  303.989200][T14802]  do_syscall_64+0xd2/0x200
[  303.989240][T14802]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  303.989296][T14802]  ? clear_bhb_loop+0x40/0x90
[  303.989354][T14802]  ? clear_bhb_loop+0x40/0x90
[  303.989385][T14802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.989450][T14802] RIP: 0033:0x7fbab530e969
[  303.989466][T14802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.989485][T14802] RSP: 002b:00007fbab3977038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.989504][T14802] RAX: ffffffffffffffda RBX: 00007fbab5535fa0 RCX: 00007fbab530e969
[  303.989583][T14802] RDX: 0000000020004090 RSI: 0000200000000180 RDI: 0000000000000003
[  303.989669][T14802] RBP: 00007fbab3977090 R08: 0000000000000000 R09: 0000000000000000
[  303.989689][T14802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.989702][T14802] R13: 0000000000000000 R14: 00007fbab5535fa0 R15: 00007ffc261006a8
[  303.989737][T14802]  </TASK>
[  304.236426][T14810] loop5: detected capacity change from 0 to 512
[  304.251760][T14812] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.252921][T14810] EXT4-fs: Ignoring removed bh option
[  304.267210][T14810] EXT4-fs: Ignoring removed mblk_io_submit option
[  304.314170][T14812] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.386824][T14812] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.474333][T14812] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.580543][T14812] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.651946][T14846] loop5: detected capacity change from 0 to 512
[  304.656615][T14812] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.686970][T14847] loop0: detected capacity change from 0 to 1024
[  304.693838][T14847] EXT4-fs: Ignoring removed orlov option
[  304.705604][T14812] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.734983][T14812] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  305.022668][T14858] lo speed is unknown, defaulting to 1000
[  305.136504][   T29] kauditd_printk_skb: 331 callbacks suppressed
[  305.136584][   T29] audit: type=1326 audit(305.116:14344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.260552][   T29] audit: type=1326 audit(305.146:14345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.283817][   T29] audit: type=1326 audit(305.146:14346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.286317][T14863] loop4: detected capacity change from 0 to 1024
[  305.307028][   T29] audit: type=1326 audit(305.146:14347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.336498][   T29] audit: type=1326 audit(305.146:14348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.360014][   T29] audit: type=1326 audit(305.146:14349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.383049][   T29] audit: type=1326 audit(305.146:14350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.406697][   T29] audit: type=1326 audit(305.156:14351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.429964][   T29] audit: type=1326 audit(305.156:14352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.442261][T14863] EXT4-fs: inline encryption not supported
[  305.453156][   T29] audit: type=1326 audit(305.156:14353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14828 comm="syz.2.3622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  305.482814][T14863] EXT4-fs: Ignoring removed orlov option
[  305.488523][T14863] ext4: Unknown parameter 'appraise'
[  305.553746][T14875] netlink: 'syz.5.3639': attribute type 3 has an invalid length.
[  305.566106][T14875] loop5: detected capacity change from 0 to 512
[  305.638748][T14863] loop4: detected capacity change from 0 to 1024
[  305.646016][T14863] EXT4-fs: Ignoring removed orlov option
[  305.666863][T14875] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3639'.
[  305.698004][T14885] can0: slcan on ttyS3.
[  305.772950][T14885] can0 (unregistered): slcan off ttyS3.
[  305.778617][T14885] Falling back ldisc for ttyS3.
[  305.831762][T14896] loop2: detected capacity change from 0 to 1024
[  305.838553][T14896] EXT4-fs: Ignoring removed orlov option
[  305.867693][T14899] batadv0: entered promiscuous mode
[  305.920398][T14904] SET target dimension over the limit!
[  305.925224][T14906] loop5: detected capacity change from 0 to 512
[  305.928177][T14904] netlink: 116 bytes leftover after parsing attributes in process `syz.1.3647'.
[  305.962177][T14904] ip6gre0: entered promiscuous mode
[  306.131201][T14917] loop1: detected capacity change from 0 to 1024
[  306.138323][T14917] EXT4-fs: Ignoring removed nobh option
[  306.144001][T14917] EXT4-fs: Ignoring removed bh option
[  306.227935][T14922] lo speed is unknown, defaulting to 1000
[  306.339632][T14917] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  306.555920][T14936] loop4: detected capacity change from 0 to 512
[  306.613149][T14936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  306.621830][T14936] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  306.673602][T14949] loop1: detected capacity change from 0 to 1024
[  306.680883][T14949] EXT4-fs: inline encryption not supported
[  306.687912][T14949] EXT4-fs: Ignoring removed orlov option
[  306.693886][T14949] ext4: Unknown parameter 'appraise'
[  306.711572][T14949] loop1: detected capacity change from 0 to 1024
[  306.719465][T14949] EXT4-fs: Ignoring removed orlov option
[  306.830145][T14954] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3666'.
[  306.863998][T14958] loop5: detected capacity change from 0 to 1024
[  306.870825][T14958] EXT4-fs: Ignoring removed bh option
[  306.876751][T14958] EXT4-fs: inline encryption not supported
[  306.882735][T14958] EXT4-fs: Ignoring removed i_version option
[  306.894895][T14960] loop2: detected capacity change from 0 to 1024
[  306.902044][T14958] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  306.915264][T14958] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.3668: lblock 1 mapped to illegal pblock 1 (length 1)
[  306.930002][T14958] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3668: Failed to acquire dquot type 0
[  306.946592][T14960] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.3667: Allocating blocks 385-513 which overlap fs metadata
[  306.961082][T14958] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.3668: Freeing blocks not in datazone - block = 0, count = 4096
[  306.962587][T14959] EXT4-fs (loop2): pa ffff888106a1b620: logic 16, phys. 129, len 24
[  306.978353][T14958] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3668: Invalid inode bitmap blk 0 in block_group 0
[  306.982627][T14959] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  306.996001][ T4315] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  307.019968][T14958] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  307.028800][T14958] EXT4-fs (loop5): 1 orphan inode deleted
[  307.036057][ T4315] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 0
[  307.134291][T14971] loop5: detected capacity change from 0 to 1024
[  307.141560][T14971] EXT4-fs: Ignoring removed nobh option
[  307.147351][T14971] EXT4-fs: Ignoring removed bh option
[  307.169157][T14971] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  307.208313][T14976] loop2: detected capacity change from 0 to 1024
[  307.227631][T14976] EXT4-fs: inline encryption not supported
[  307.234042][T14976] EXT4-fs: Ignoring removed orlov option
[  307.239750][T14976] ext4: Unknown parameter 'appraise'
[  307.264516][T14982] loop4: detected capacity change from 0 to 128
[  307.276230][T14982] EXT4-fs: Ignoring removed oldalloc option
[  307.282565][T14982] EXT4-fs: Ignoring removed bh option
[  307.285950][T14984] can0: slcan on ttyS3.
[  307.295608][T14976] loop2: detected capacity change from 0 to 1024
[  307.305732][T14976] EXT4-fs: Ignoring removed orlov option
[  307.311722][T14982] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  307.372761][T14984] can0 (unregistered): slcan off ttyS3.
[  307.378548][T14984] Falling back ldisc for ttyS3.
[  307.440199][T14992] loop5: detected capacity change from 0 to 1024
[  307.447144][T14992] EXT4-fs: Ignoring removed bh option
[  307.453051][T14992] EXT4-fs: inline encryption not supported
[  307.458949][T14992] EXT4-fs: Ignoring removed i_version option
[  307.465843][T14992] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  307.481218][T14992] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.3681: lblock 1 mapped to illegal pblock 1 (length 1)
[  307.501316][T14996] can0: slcan on ttyS3.
[  307.506301][T14992] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3681: Failed to acquire dquot type 0
[  307.527494][T14992] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.3681: Freeing blocks not in datazone - block = 0, count = 4096
[  307.578817][T14992] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3681: Invalid inode bitmap blk 0 in block_group 0
[  307.594488][ T4315] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  307.609182][ T4315] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 0
[  307.621605][T14992] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  307.630787][T14992] EXT4-fs (loop5): 1 orphan inode deleted
[  307.637257][T14996] can0 (unregistered): slcan off ttyS3.
[  307.642926][T14996] Falling back ldisc for ttyS3.
[  307.711319][T15006] loop1: detected capacity change from 0 to 1024
[  307.723915][T15006] EXT4-fs: Ignoring removed nobh option
[  307.729720][T15006] EXT4-fs: Ignoring removed bh option
[  307.757269][T15006] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  307.816895][T15016] can0: slcan on ttyS3.
[  307.833585][T15018] FAULT_INJECTION: forcing a failure.
[  307.833585][T15018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  307.846790][T15018] CPU: 1 UID: 0 PID: 15018 Comm: syz.0.3690 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  307.846881][T15018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.846896][T15018] Call Trace:
[  307.846904][T15018]  <TASK>
[  307.846913][T15018]  __dump_stack+0x1d/0x30
[  307.846940][T15018]  dump_stack_lvl+0xe8/0x140
[  307.847002][T15018]  dump_stack+0x15/0x1b
[  307.847019][T15018]  should_fail_ex+0x265/0x280
[  307.847040][T15018]  should_fail+0xb/0x20
[  307.847059][T15018]  should_fail_usercopy+0x1a/0x20
[  307.847088][T15018]  _copy_from_user+0x1c/0xb0
[  307.847151][T15018]  copy_bpf_fprog_from_user+0x107/0x1e0
[  307.847226][T15018]  sk_setsockopt+0x1559/0x2140
[  307.847267][T15018]  sock_setsockopt+0x40/0x50
[  307.847304][T15018]  __sys_setsockopt+0x13a/0x200
[  307.847339][T15018]  __x64_sys_setsockopt+0x64/0x80
[  307.847378][T15018]  x64_sys_call+0x2bd5/0x2fb0
[  307.847405][T15018]  do_syscall_64+0xd2/0x200
[  307.847477][T15018]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  307.847513][T15018]  ? clear_bhb_loop+0x40/0x90
[  307.847538][T15018]  ? clear_bhb_loop+0x40/0x90
[  307.847567][T15018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.847600][T15018] RIP: 0033:0x7f1152c0e969
[  307.847619][T15018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.847642][T15018] RSP: 002b:00007f1151277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  307.847676][T15018] RAX: ffffffffffffffda RBX: 00007f1152e35fa0 RCX: 00007f1152c0e969
[  307.847691][T15018] RDX: 0000000000000033 RSI: 0000000000000001 RDI: 0000000000000006
[  307.847715][T15018] RBP: 00007f1151277090 R08: 0000000000000010 R09: 0000000000000000
[  307.847731][T15018] R10: 0000200000000640 R11: 0000000000000246 R12: 0000000000000001
[  307.847746][T15018] R13: 0000000000000000 R14: 00007f1152e35fa0 R15: 00007ffcbabb3d88
[  307.847768][T15018]  </TASK>
[  308.092847][T15016] can0 (unregistered): slcan off ttyS3.
[  308.098624][T15016] Falling back ldisc for ttyS3.
[  308.125200][T15020] loop4: detected capacity change from 0 to 512
[  308.148871][T15026] loop5: detected capacity change from 0 to 1024
[  308.158144][T15024] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3694'.
[  308.203410][T15024] Process accounting paused
[  308.232547][T15026] EXT4-fs: inline encryption not supported
[  308.238662][T15026] EXT4-fs: Ignoring removed orlov option
[  308.244649][T15026] ext4: Unknown parameter 'appraise'
[  308.282979][T15026] loop5: detected capacity change from 0 to 1024
[  308.290697][T15026] EXT4-fs: Ignoring removed orlov option
[  308.363890][T15037] loop1: detected capacity change from 0 to 1024
[  308.370825][T15037] EXT4-fs: Ignoring removed bh option
[  308.376584][T15037] EXT4-fs: inline encryption not supported
[  308.382650][T15037] EXT4-fs: Ignoring removed i_version option
[  308.396080][T15037] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  308.422805][T15037] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.3699: lblock 1 mapped to illegal pblock 1 (length 1)
[  308.438165][T15037] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3699: Failed to acquire dquot type 0
[  308.453407][T15037] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.3699: Freeing blocks not in datazone - block = 0, count = 4096
[  308.468298][T15037] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.3699: Invalid inode bitmap blk 0 in block_group 0
[  308.481276][ T4315] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  308.504032][T15037] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  308.549489][ T4315] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 0
[  308.562078][T15053] loop4: detected capacity change from 0 to 512
[  308.589397][T15037] EXT4-fs (loop1): 1 orphan inode deleted
[  308.636453][T15055] loop2: detected capacity change from 0 to 1024
[  308.643999][T15055] EXT4-fs: inline encryption not supported
[  308.650410][T15055] EXT4-fs: Ignoring removed orlov option
[  308.656307][T15055] ext4: Unknown parameter 'appraise'
[  308.676115][T15055] loop2: detected capacity change from 0 to 1024
[  308.683558][T15055] EXT4-fs: Ignoring removed orlov option
[  308.690200][T15057] loop1: detected capacity change from 0 to 1024
[  308.729127][T15057] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.3707: Allocating blocks 385-513 which overlap fs metadata
[  308.768959][T15057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3707'.
[  308.824850][T15056] EXT4-fs (loop1): pa ffff888106a3cbd0: logic 16, phys. 129, len 24
[  308.833020][T15056] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  308.888771][T15070] lo speed is unknown, defaulting to 1000
[  308.991264][T15075] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3713'.
[  309.024046][T15075] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  309.118154][T15083] loop2: detected capacity change from 0 to 1024
[  309.149459][T15083] EXT4-fs: Ignoring removed nobh option
[  309.155127][T15083] EXT4-fs: Ignoring removed bh option
[  309.279655][T15092] loop5: detected capacity change from 0 to 1024
[  309.304989][T15083] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  309.333194][T15092] EXT4-fs: inline encryption not supported
[  309.339324][T15094] loop0: detected capacity change from 0 to 1024
[  309.354272][T15092] EXT4-fs: Ignoring removed orlov option
[  309.360244][T15092] ext4: Unknown parameter 'appraise'
[  309.364112][T15094] EXT4-fs: Ignoring removed bh option
[  309.371066][T15094] EXT4-fs: inline encryption not supported
[  309.377180][T15094] EXT4-fs: Ignoring removed i_version option
[  309.385989][T15094] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  309.404094][T15092] loop5: detected capacity change from 0 to 1024
[  309.410929][T15092] EXT4-fs: Ignoring removed orlov option
[  309.435768][T15094] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.3719: lblock 1 mapped to illegal pblock 1 (length 1)
[  309.457735][T15094] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3719: Failed to acquire dquot type 0
[  309.513477][T15094] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3719: Freeing blocks not in datazone - block = 0, count = 4096
[  309.531876][T15094] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3719: Invalid inode bitmap blk 0 in block_group 0
[  309.545742][ T4315] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  309.560778][T15094] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  309.572778][T15108] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3725'.
[  309.578307][ T4315] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 0
[  309.581762][T15108] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3725'.
[  309.602394][T15108] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3725'.
[  309.602422][T15094] EXT4-fs (loop0): 1 orphan inode deleted
[  309.623730][T15112] loop5: detected capacity change from 0 to 512
[  309.732570][T15123] loop2: detected capacity change from 0 to 512
[  309.747332][T15123] EXT4-fs (loop2): 1 orphan inode deleted
[  309.784899][T15132] can0: slcan on ttyS3.
[  309.789358][T15133] loop4: detected capacity change from 0 to 512
[  309.853156][T15132] can0 (unregistered): slcan off ttyS3.
[  309.867972][T15132] Falling back ldisc for ttyS3.
[  310.014446][T15145] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3741'.
[  310.023596][T15145] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3741'.
[  310.032688][T15145] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3741'.
[  310.215448][T15154] lo speed is unknown, defaulting to 1000
[  310.221590][T15159] loop2: detected capacity change from 0 to 512
[  310.232803][T15158] loop0: detected capacity change from 0 to 1024
[  310.251795][T15158] EXT4-fs: Ignoring removed bh option
[  310.402617][   T29] kauditd_printk_skb: 210 callbacks suppressed
[  310.402635][   T29] audit: type=1326 audit(310.376:14552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15161 comm="syz.1.3748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c13fe969 code=0x7ffc0000
[  310.432358][   T29] audit: type=1326 audit(310.376:14553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15161 comm="syz.1.3748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fc3c13fe969 code=0x7ffc0000
[  310.455412][   T29] audit: type=1326 audit(310.376:14554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15161 comm="syz.1.3748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c13fe969 code=0x7ffc0000
[  310.478442][   T29] audit: type=1326 audit(310.376:14555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15161 comm="syz.1.3748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fc3c13fe969 code=0x7ffc0000
[  310.501523][   T29] audit: type=1326 audit(310.376:14556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15161 comm="syz.1.3748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c13fe969 code=0x7ffc0000
[  310.612246][T15158] EXT4-fs: inline encryption not supported
[  310.618453][T15158] EXT4-fs: Ignoring removed i_version option
[  310.653712][T15164] can0: slcan on ttyS3.
[  310.660468][T15158] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  310.678747][T15159] EXT4-fs (loop2): 1 orphan inode deleted
[  310.692262][   T51] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  310.702085][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  310.724703][   T29] audit: type=1326 audit(310.706:14557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  310.765457][T15158] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.3746: lblock 1 mapped to illegal pblock 1 (length 1)
[  310.779559][   T29] audit: type=1326 audit(310.706:14558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  310.822991][   T29] audit: type=1326 audit(310.786:14559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  310.846242][   T29] audit: type=1326 audit(310.786:14560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0c8fce969 code=0x7ffc0000
[  310.873531][T15158] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3746: Failed to acquire dquot type 0
[  310.902236][T15168] can0 (unregistered): slcan off ttyS3.
[  310.912445][T15158] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3746: Freeing blocks not in datazone - block = 0, count = 4096
[  310.922765][T15168] Falling back ldisc for ttyS3.
[  310.936651][T15158] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3746: Invalid inode bitmap blk 0 in block_group 0
[  310.949463][ T4315] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  310.954434][T15158] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  310.973476][T15158] EXT4-fs (loop0): 1 orphan inode deleted
[  311.009553][ T4315] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 0
[  311.023099][T15178] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3753'.
[  311.110602][T15190] loop5: detected capacity change from 0 to 512
[  311.124989][T15194] loop0: detected capacity change from 0 to 512
[  311.147202][T15190] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  311.159283][T15190] EXT4-fs (loop5): 1 truncate cleaned up
[  311.173246][T15197] loop1: detected capacity change from 0 to 1024
[  311.180195][T15197] EXT4-fs: inline encryption not supported
[  311.186374][T15197] EXT4-fs: Ignoring removed orlov option
[  311.192105][T15197] ext4: Unknown parameter 'appraise'
[  311.208429][T15197] loop1: detected capacity change from 0 to 1024
[  311.215365][T15197] EXT4-fs: Ignoring removed orlov option
[  311.225184][T15192] loop2: detected capacity change from 0 to 512
[  311.231923][T15192] EXT4-fs: Ignoring removed bh option
[  311.237389][T15192] EXT4-fs: Ignoring removed mblk_io_submit option
[  311.249582][T15192] EXT4-fs: Ignoring removed nobh option
[  311.294261][T15206] loop4: detected capacity change from 0 to 512
[  311.337698][T15206] EXT4-fs (loop4): 1 orphan inode deleted
[  311.360707][   T51] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  311.375313][T15211] can0: slcan on ttyS3.
[  311.472832][T15211] can0 (unregistered): slcan off ttyS3.
[  311.475138][T15206] EXT4-fs mount: 163 callbacks suppressed
[  311.475159][T15206] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.482253][T15211] Falling back ldisc for ttyS3.
[  311.554861][ T7672] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.601990][ T8156] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.758245][T15231] loop2: detected capacity change from 0 to 1024
[  311.777261][T15231] EXT4-fs: Ignoring removed bh option
[  311.794545][T15231] EXT4-fs: inline encryption not supported
[  311.800450][T15231] EXT4-fs: Ignoring removed i_version option
[  311.809266][T15235] loop5: detected capacity change from 0 to 512
[  311.876414][T15231] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  311.914714][T15237] loop1: detected capacity change from 0 to 1024
[  311.925000][T15231] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #3: block 1: comm syz.2.3767: lblock 1 mapped to illegal pblock 1 (length 1)
[  311.963088][T15237] EXT4-fs: inline encryption not supported
[  311.969200][T15237] EXT4-fs: Ignoring removed orlov option
[  311.974933][T15237] ext4: Unknown parameter 'appraise'
[  311.986987][T15231] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3767: Failed to acquire dquot type 0
[  312.006329][T15237] loop1: detected capacity change from 0 to 1024
[  312.013939][T15231] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.3767: Freeing blocks not in datazone - block = 0, count = 4096
[  312.036648][T15237] EXT4-fs: Ignoring removed orlov option
[  312.054886][T15231] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3767: Invalid inode bitmap blk 0 in block_group 0
[  312.067984][T15231] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  312.080133][   T51] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  312.095538][T15231] EXT4-fs (loop2): 1 orphan inode deleted
[  312.101805][T15231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.116528][T15237] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.140782][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  312.157487][T15248] lo speed is unknown, defaulting to 1000
[  312.164669][T15231] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.329045][T15259] can0: slcan on ttyS3.
[  312.403647][ T8022] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.554381][T15262] can0 (unregistered): slcan off ttyS3.
[  312.561837][T15262] Falling back ldisc for ttyS3.
[  312.569739][T15273] loop4: detected capacity change from 0 to 512
[  312.640919][T15273] EXT4-fs (loop4): 1 orphan inode deleted
[  312.653171][ T4304] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  312.665239][T15273] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.791860][T15294] loop0: detected capacity change from 0 to 1024
[  312.809060][T15294] EXT4-fs: Ignoring removed bh option
[  312.816056][T15294] EXT4-fs: inline encryption not supported
[  312.817527][ T8156] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.821921][T15294] EXT4-fs: Ignoring removed i_version option
[  312.839256][T15294] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  312.869782][T15294] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.3793: lblock 1 mapped to illegal pblock 1 (length 1)
[  312.899705][T15305] loop5: detected capacity change from 0 to 1024
[  312.900562][T15294] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3793: Failed to acquire dquot type 0
[  312.918896][T15303] loop4: detected capacity change from 0 to 1024
[  312.925784][T15303] EXT4-fs: inline encryption not supported
[  312.931697][T15303] EXT4-fs: Ignoring removed orlov option
[  312.937445][T15303] ext4: Unknown parameter 'appraise'
[  312.938533][T15294] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3793: Freeing blocks not in datazone - block = 0, count = 4096
[  312.952646][T15303] loop4: detected capacity change from 0 to 1024
[  312.962670][T15305] EXT4-fs: Ignoring removed nobh option
[  312.962982][T15303] EXT4-fs: Ignoring removed orlov option
[  312.968268][T15305] EXT4-fs: Ignoring removed bh option
[  312.986644][T15303] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.005005][T15310] can0: slcan on ttyS3.
[  313.021738][T15294] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3793: Invalid inode bitmap blk 0 in block_group 0
[  313.036351][ T4309] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  313.062730][T15305] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.087695][T15294] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  313.093790][ T4309] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 0
[  313.109123][T15294] EXT4-fs (loop0): 1 orphan inode deleted
[  313.116292][T15294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.131801][T15305] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  313.133614][T15294] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.189270][ T8695] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.192468][ T8156] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.213607][T15310] can0 (unregistered): slcan off ttyS3.
[  313.224419][T15310] Falling back ldisc for ttyS3.
[  313.260808][T15322] loop0: detected capacity change from 0 to 512
[  313.286824][T15320] lo speed is unknown, defaulting to 1000
[  313.404642][T15332] loop4: detected capacity change from 0 to 512
[  313.433141][T15332] EXT4-fs (loop4): 1 orphan inode deleted
[  313.473801][T15332] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.509025][T15339] lo speed is unknown, defaulting to 1000
[  313.646866][T15343] loop5: detected capacity change from 0 to 1024
[  313.702954][T15343] EXT4-fs: inline encryption not supported
[  313.743565][ T4309] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  313.774553][T15343] EXT4-fs: Ignoring removed orlov option
[  313.780331][T15343] ext4: Unknown parameter 'appraise'
[  313.794939][T15348] loop1: detected capacity change from 0 to 1024
[  313.802500][T15348] EXT4-fs: Ignoring removed bh option
[  313.809703][T15348] EXT4-fs: inline encryption not supported
[  313.815630][T15348] EXT4-fs: Ignoring removed i_version option
[  313.838722][T15343] loop5: detected capacity change from 0 to 1024
[  313.845512][T15343] EXT4-fs: Ignoring removed orlov option
[  313.853921][T15348] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  313.863013][T15343] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.867672][T15348] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.3812: lblock 1 mapped to illegal pblock 1 (length 1)
[  313.891249][T15348] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3812: Failed to acquire dquot type 0
[  313.903114][T15348] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.3812: Freeing blocks not in datazone - block = 0, count = 4096
[  313.917540][T15348] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.3812: Invalid inode bitmap blk 0 in block_group 0
[  313.930939][T15348] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  313.939589][ T4309] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  313.940710][T15348] EXT4-fs (loop1): 1 orphan inode deleted
[  313.954719][ T4309] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 0
[  313.962058][T15348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.984969][T15348] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.024563][ T8156] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.030762][T15355] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  314.040321][T15355] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  314.048263][T15355] vhci_hcd vhci_hcd.0: Device attached
[  314.064200][T15355] loop1: detected capacity change from 0 to 512
[  314.073049][ T8695] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.090697][T15355] EXT4-fs (loop1): 1 orphan inode deleted
[  314.097073][T15355] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.129110][T15355] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  314.139810][T15355] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.3813: iget: bad i_size value: 360287970189639690
[  314.152647][   T51] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  314.158183][T15367] FAULT_INJECTION: forcing a failure.
[  314.158183][T15367] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.177226][T15367] CPU: 0 UID: 0 PID: 15367 Comm: syz.0.3818 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  314.177293][T15367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  314.177309][T15367] Call Trace:
[  314.177318][T15367]  <TASK>
[  314.177328][T15367]  __dump_stack+0x1d/0x30
[  314.177359][T15367]  dump_stack_lvl+0xe8/0x140
[  314.177390][T15367]  dump_stack+0x15/0x1b
[  314.177413][T15367]  should_fail_ex+0x265/0x280
[  314.177441][T15367]  should_fail+0xb/0x20
[  314.177464][T15367]  should_fail_usercopy+0x1a/0x20
[  314.177490][T15367]  _copy_to_user+0x20/0xa0
[  314.177590][T15367]  simple_read_from_buffer+0xb5/0x130
[  314.177613][T15367]  proc_fail_nth_read+0x100/0x140
[  314.177645][T15367]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  314.177707][T15367]  vfs_read+0x1a0/0x6f0
[  314.177734][T15367]  ? __rcu_read_unlock+0x4f/0x70
[  314.177780][T15367]  ? __fget_files+0x184/0x1c0
[  314.177816][T15367]  ksys_read+0xda/0x1a0
[  314.177847][T15367]  __x64_sys_read+0x40/0x50
[  314.177950][T15367]  x64_sys_call+0x2d77/0x2fb0
[  314.177989][T15367]  do_syscall_64+0xd2/0x200
[  314.178030][T15367]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  314.178065][T15367]  ? clear_bhb_loop+0x40/0x90
[  314.178153][T15367]  ? clear_bhb_loop+0x40/0x90
[  314.178177][T15367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.178205][T15367] RIP: 0033:0x7f1152c0d37c
[  314.178225][T15367] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  314.178269][T15367] RSP: 002b:00007f1151277030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  314.178289][T15367] RAX: ffffffffffffffda RBX: 00007f1152e35fa0 RCX: 00007f1152c0d37c
[  314.178302][T15367] RDX: 000000000000000f RSI: 00007f11512770a0 RDI: 0000000000000003
[  314.178315][T15367] RBP: 00007f1151277090 R08: 0000000000000000 R09: 0000000000000000
[  314.178328][T15367] R10: 0000000002000004 R11: 0000000000000246 R12: 0000000000000001
[  314.178405][T15367] R13: 0000000000000001 R14: 00007f1152e35fa0 R15: 00007ffcbabb3d88
[  314.178429][T15367]  </TASK>
[  314.195747][T15356] vhci_hcd: connection closed
[  314.307409][T15374] loop4: detected capacity change from 0 to 1024
[  314.372867][ T4304] vhci_hcd: stop threads
[  314.379152][T15374] EXT4-fs: inline encryption not supported
[  314.385928][ T4304] vhci_hcd: release socket
[  314.389160][T15374] EXT4-fs: Ignoring removed orlov option
[  314.393670][ T4304] vhci_hcd: disconnect device
[  314.393848][   T36] usb 4-1: enqueue for inactive port 0
[  314.400101][T15374] ext4: Unknown parameter 'appraise'
[  314.430663][T15380] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x2
[  314.445933][T15371] loop4: detected capacity change from 0 to 1024
[  314.465960][T15371] EXT4-fs: Ignoring removed orlov option
[  314.475840][T15371] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.488758][T15382] loop0: detected capacity change from 0 to 1024
[  314.489018][T15382] EXT4-fs: Ignoring removed bh option
[  314.501665][T15382] EXT4-fs: inline encryption not supported
[  314.507621][T15382] EXT4-fs: Ignoring removed i_version option
[  314.535170][T15382] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  314.560364][T15382] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.3824: lblock 1 mapped to illegal pblock 1 (length 1)
[  314.577724][T15382] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3824: Failed to acquire dquot type 0
[  314.589822][T15382] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3824: Freeing blocks not in datazone - block = 0, count = 4096
[  314.619438][   T36] usb 4-1: enqueue for inactive port 0
[  314.628064][T15382] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3824: Invalid inode bitmap blk 0 in block_group 0
[  314.634441][T15387] loop2: detected capacity change from 0 to 1024
[  314.647692][T15387] EXT4-fs: inline encryption not supported
[  314.654217][T15387] EXT4-fs: Ignoring removed orlov option
[  314.660358][T15387] ext4: Unknown parameter 'appraise'
[  314.675662][T15387] loop2: detected capacity change from 0 to 1024
[  314.682669][T15387] EXT4-fs: Ignoring removed orlov option
[  314.692930][ T4309] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  314.716213][ T4309] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 0
[  314.729899][T15382] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  314.740758][T15382] EXT4-fs (loop0): 1 orphan inode deleted
[  314.747674][T15382] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.750229][T15387] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.785237][T15382] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.868963][ T8022] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.879479][ T7672] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.937629][T15405] loop0: detected capacity change from 0 to 512
[  314.983459][T15405] EXT4-fs (loop0): 1 orphan inode deleted
[  315.012367][ T4309] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  315.029184][T15405] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.119683][ T8156] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.135053][T15416] loop2: detected capacity change from 0 to 1024
[  315.141832][T15416] EXT4-fs: Ignoring removed nobh option
[  315.147594][T15416] EXT4-fs: Ignoring removed bh option
[  315.149503][T15406] $H�: renamed from bond0 (while UP)
[  315.163200][T15406] $H�: entered promiscuous mode
[  315.168310][T15406] bond_slave_0: entered promiscuous mode
[  315.174230][T15406] bond_slave_1: entered promiscuous mode
[  315.191609][ T8135] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.192657][T15416] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.238794][T15416] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  315.255032][T15425] FAULT_INJECTION: forcing a failure.
[  315.255032][T15425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.268404][T15425] CPU: 0 UID: 0 PID: 15425 Comm: syz.4.3839 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  315.268453][T15425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  315.268470][T15425] Call Trace:
[  315.268480][T15425]  <TASK>
[  315.268491][T15425]  __dump_stack+0x1d/0x30
[  315.268520][T15425]  dump_stack_lvl+0xe8/0x140
[  315.268547][T15425]  dump_stack+0x15/0x1b
[  315.268569][T15425]  should_fail_ex+0x265/0x280
[  315.268645][T15425]  should_fail+0xb/0x20
[  315.268668][T15425]  should_fail_usercopy+0x1a/0x20
[  315.268766][T15425]  _copy_to_user+0x20/0xa0
[  315.268793][T15425]  simple_read_from_buffer+0xb5/0x130
[  315.268816][T15425]  proc_fail_nth_read+0x100/0x140
[  315.268845][T15425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  315.268868][T15425]  vfs_read+0x1a0/0x6f0
[  315.268938][T15425]  ? __rcu_read_unlock+0x4f/0x70
[  315.268975][T15425]  ? __fget_files+0x184/0x1c0
[  315.269011][T15425]  ksys_read+0xda/0x1a0
[  315.269057][T15425]  __x64_sys_read+0x40/0x50
[  315.269085][T15425]  x64_sys_call+0x2d77/0x2fb0
[  315.269111][T15425]  do_syscall_64+0xd2/0x200
[  315.269155][T15425]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  315.269214][T15425]  ? clear_bhb_loop+0x40/0x90
[  315.269238][T15425]  ? clear_bhb_loop+0x40/0x90
[  315.269282][T15425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.269313][T15425] RIP: 0033:0x7f824edcd37c
[  315.269334][T15425] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  315.269390][T15425] RSP: 002b:00007f824d437030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  315.269415][T15425] RAX: ffffffffffffffda RBX: 00007f824eff5fa0 RCX: 00007f824edcd37c
[  315.269429][T15425] RDX: 000000000000000f RSI: 00007f824d4370a0 RDI: 0000000000000004
[  315.269444][T15425] RBP: 00007f824d437090 R08: 0000000000000000 R09: 0000000000000000
[  315.269456][T15425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.269468][T15425] R13: 0000000000000000 R14: 00007f824eff5fa0 R15: 00007ffc40653ec8
[  315.269493][T15425]  </TASK>
[  315.487628][T15427] loop5: detected capacity change from 0 to 1024
[  315.494485][T15427] EXT4-fs: inline encryption not supported
[  315.500708][T15427] EXT4-fs: Ignoring removed orlov option
[  315.506585][T15427] ext4: Unknown parameter 'appraise'
[  315.514841][ T7672] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.522681][T15427] loop5: detected capacity change from 0 to 1024
[  315.536530][T15427] EXT4-fs: Ignoring removed orlov option
[  315.557661][T15432] loop2: detected capacity change from 0 to 512
[  315.576239][T15427] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.589019][   T29] kauditd_printk_skb: 294 callbacks suppressed
[  315.589037][   T29] audit: type=1326 audit(315.556:14835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.592294][T15432] EXT4-fs: inline encryption not supported
[  315.595305][   T29] audit: type=1326 audit(315.556:14836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.627082][T15439] FAULT_INJECTION: forcing a failure.
[  315.627082][T15439] name failslab, interval 1, probability 0, space 0, times 0
[  315.647507][   T29] audit: type=1326 audit(315.556:14837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.660027][T15439] CPU: 0 UID: 0 PID: 15439 Comm: syz.0.3844 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  315.660063][T15439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  315.660130][T15439] Call Trace:
[  315.660140][T15439]  <TASK>
[  315.660160][T15439]  __dump_stack+0x1d/0x30
[  315.660321][T15439]  dump_stack_lvl+0xe8/0x140
[  315.660350][T15439]  dump_stack+0x15/0x1b
[  315.660373][T15439]  should_fail_ex+0x265/0x280
[  315.660402][T15439]  should_failslab+0x8c/0xb0
[  315.660438][T15439]  __kmalloc_noprof+0xa5/0x3e0
[  315.660509][T15439]  ? kernfs_fop_write_iter+0xe1/0x2d0
[  315.660548][T15439]  ? splice_from_pipe_next+0x321/0x380
[  315.660598][T15439]  kernfs_fop_write_iter+0xe1/0x2d0
[  315.660664][T15439]  ? iov_iter_bvec+0xa4/0xd0
[  315.660757][T15439]  iter_file_splice_write+0x5f2/0x970
[  315.660823][T15439]  ? __pfx_iter_file_splice_write+0x10/0x10
[  315.660928][T15439]  direct_splice_actor+0x156/0x2a0
[  315.660956][T15439]  ? __pfx_shmem_file_open+0x1/0x10
[  315.660989][T15439]  splice_direct_to_actor+0x312/0x680
[  315.661024][T15439]  ? __pfx_direct_splice_actor+0x10/0x10
[  315.661059][T15439]  do_splice_direct+0xda/0x150
[  315.661085][T15439]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  315.661129][T15439]  do_sendfile+0x380/0x650
[  315.661196][T15439]  __x64_sys_sendfile64+0x105/0x150
[  315.661306][T15439]  x64_sys_call+0xb39/0x2fb0
[  315.661402][T15439]  do_syscall_64+0xd2/0x200
[  315.661556][T15439]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  315.661596][T15439]  ? clear_bhb_loop+0x40/0x90
[  315.661628][T15439]  ? clear_bhb_loop+0x40/0x90
[  315.661687][T15439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.661717][T15439] RIP: 0033:0x7f1152c0e969
[  315.661739][T15439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.661764][T15439] RSP: 002b:00007f1151277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  315.661866][T15439] RAX: ffffffffffffffda RBX: 00007f1152e35fa0 RCX: 00007f1152c0e969
[  315.661883][T15439] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  315.661973][T15439] RBP: 00007f1151277090 R08: 0000000000000000 R09: 0000000000000000
[  315.662014][T15439] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000001
[  315.662031][T15439] R13: 0000000000000000 R14: 00007f1152e35fa0 R15: 00007ffcbabb3d88
[  315.662060][T15439]  </TASK>
[  315.663199][T15432] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  315.683372][   T29] audit: type=1326 audit(315.556:14838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.765802][T15443] can0: slcan on ttyS3.
[  315.766314][   T29] audit: type=1326 audit(315.556:14839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.823751][T15445] loop0: detected capacity change from 0 to 1024
[  315.829572][   T29] audit: type=1326 audit(315.556:14840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.836262][T15445] EXT4-fs: inline encryption not supported
[  315.838939][   T29] audit: type=1326 audit(315.556:14841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.845101][T15445] EXT4-fs: Ignoring removed orlov option
[  315.849363][   T29] audit: type=1326 audit(315.556:14842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.874171][T15445] ext4: Unknown parameter 'appraise'
[  315.887795][T15445] loop0: detected capacity change from 0 to 1024
[  315.891831][   T29] audit: type=1326 audit(315.556:14843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.900661][T15445] EXT4-fs: Ignoring removed orlov option
[  315.907871][   T29] audit: type=1326 audit(315.556:14844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.4.3845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  315.938029][T15445] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.077819][T15449] loop1: detected capacity change from 0 to 512
[  316.171456][T15449] EXT4-fs (loop1): 1 orphan inode deleted
[  316.181097][T15449] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.194358][ T1391] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[  316.222440][   T36] usb usb4-port1: attempt power cycle
[  316.248848][ T8695] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.262818][T15443] can0 (unregistered): slcan off ttyS3.
[  316.268594][T15443] Falling back ldisc for ttyS3.
[  316.293368][T15455] __nla_validate_parse: 11 callbacks suppressed
[  316.293386][T15455] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3851'.
[  316.344910][T15459] loop4: detected capacity change from 0 to 1024
[  316.361905][T15461] loop2: detected capacity change from 0 to 2048
[  316.363662][T15459] EXT4-fs: Ignoring removed nobh option
[  316.374731][T15459] EXT4-fs: Ignoring removed bh option
[  316.382382][ T8022] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.410841][T15461] EXT4-fs (loop2): failed to initialize system zone (-117)
[  316.419412][T15461] EXT4-fs (loop2): mount failed
[  316.432875][T15459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.446949][T15461] loop2: detected capacity change from 0 to 256
[  316.458042][T15459] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  316.474285][T15461] msdos: Bad value for 'gid'
[  316.479141][T15461] msdos: Bad value for 'gid'
[  316.491026][T15461] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3853'.
[  316.502088][T15461] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3853'.
[  316.537906][T15480] loop5: detected capacity change from 0 to 512
[  316.566644][T15483] can0: slcan on ttyS3.
[  316.575563][T15484] loop1: detected capacity change from 0 to 512
[  316.581535][ T8156] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.606594][T15484] EXT4-fs (loop1): 1 orphan inode deleted
[  316.610173][T15489] loop4: detected capacity change from 0 to 1024
[  316.613292][T15484] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.620300][T15489] EXT4-fs: inline encryption not supported
[  316.631853][ T4309] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  316.637977][T15480] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.649861][T15483] can0 (unregistered): slcan off ttyS3.
[  316.667836][T15483] Falling back ldisc for ttyS3.
[  316.673356][T15489] EXT4-fs: Ignoring removed orlov option
[  316.679120][T15489] ext4: Unknown parameter 'appraise'
[  316.686684][T15480] FAULT_INJECTION: forcing a failure.
[  316.686684][T15480] name failslab, interval 1, probability 0, space 0, times 0
[  316.699377][T15480] CPU: 0 UID: 0 PID: 15480 Comm: syz.5.3859 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  316.699444][T15480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  316.699461][T15480] Call Trace:
[  316.699472][T15480]  <TASK>
[  316.699483][T15480]  __dump_stack+0x1d/0x30
[  316.699511][T15480]  dump_stack_lvl+0xe8/0x140
[  316.699537][T15480]  dump_stack+0x15/0x1b
[  316.699559][T15480]  should_fail_ex+0x265/0x280
[  316.699586][T15480]  should_failslab+0x8c/0xb0
[  316.699695][T15480]  kmem_cache_alloc_noprof+0x50/0x310
[  316.699726][T15480]  ? getname_flags+0x80/0x3b0
[  316.699762][T15480]  getname_flags+0x80/0x3b0
[  316.699798][T15480]  do_sys_openat2+0x60/0x110
[  316.699916][T15480]  __x64_sys_openat+0xf2/0x120
[  316.699958][T15480]  x64_sys_call+0x1af/0x2fb0
[  316.699986][T15480]  do_syscall_64+0xd2/0x200
[  316.700026][T15480]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  316.700086][T15480]  ? clear_bhb_loop+0x40/0x90
[  316.700189][T15480]  ? clear_bhb_loop+0x40/0x90
[  316.700294][T15480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.700315][T15480] RIP: 0033:0x7fbab530d2d0
[  316.700331][T15480] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  316.700350][T15480] RSP: 002b:00007fbab3974ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  316.700370][T15480] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fbab530d2d0
[  316.700386][T15480] RDX: 0000000000000002 RSI: 00007fbab539078c RDI: 00000000ffffff9c
[  316.700470][T15480] RBP: 00007fbab539078c R08: 0000000000000000 R09: 0000000000000000
[  316.700483][T15480] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  316.700499][T15480] R13: 0000000000000088 R14: 0000200000001780 R15: 00007ffc261006a8
[  316.700526][T15480]  </TASK>
[  316.886479][T15489] loop4: detected capacity change from 0 to 1024
[  316.894915][ T8022] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.905592][ T8135] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.905819][T15489] EXT4-fs: Ignoring removed orlov option
[  316.931676][T15489] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.953804][T15497] loop0: detected capacity change from 0 to 1024
[  316.960622][T15497] EXT4-fs: inline encryption not supported
[  316.966816][T15497] EXT4-fs: Ignoring removed orlov option
[  316.972558][T15497] ext4: Unknown parameter 'appraise'
[  316.987031][T15497] loop0: detected capacity change from 0 to 1024
[  316.994316][T15497] EXT4-fs: Ignoring removed orlov option
[  317.005037][T15497] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.084915][T15505] loop1: detected capacity change from 0 to 1024
[  317.092086][T15505] EXT4-fs: Ignoring removed bh option
[  317.097652][T15505] EXT4-fs: inline encryption not supported
[  317.103567][T15505] EXT4-fs: Ignoring removed i_version option
[  317.156188][T15505] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  317.175831][T15505] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.3867: lblock 1 mapped to illegal pblock 1 (length 1)
[  317.195758][T15505] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3867: Failed to acquire dquot type 0
[  317.208637][T15505] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.3867: Freeing blocks not in datazone - block = 0, count = 4096
[  317.239999][T15505] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.3867: Invalid inode bitmap blk 0 in block_group 0
[  317.253922][ T4315] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  317.271681][ T4315] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 0
[  317.273228][T15505] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  317.294289][T15512] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3869'.
[  317.303481][T15512] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3869'.
[  317.312671][T15512] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3869'.
[  317.323422][T15505] EXT4-fs (loop1): 1 orphan inode deleted
[  317.329671][T15505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.345079][T15505] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.355919][ T8695] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.356053][ T8135] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.485299][T15521] loop2: detected capacity change from 0 to 512
[  317.493270][T15524] loop5: detected capacity change from 0 to 1024
[  317.499981][T15524] EXT4-fs: Ignoring removed bh option
[  317.509024][T15524] EXT4-fs: inline encryption not supported
[  317.515281][T15524] EXT4-fs: Ignoring removed i_version option
[  317.522949][T15524] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  317.536529][T15524] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.3873: lblock 1 mapped to illegal pblock 1 (length 1)
[  317.552451][T15524] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3873: Failed to acquire dquot type 0
[  317.565662][ T8156] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.575745][T15524] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.3873: Freeing blocks not in datazone - block = 0, count = 4096
[  317.590731][T15524] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3873: Invalid inode bitmap blk 0 in block_group 0
[  317.603798][ T4309] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  317.619550][T15524] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  317.628440][ T4309] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 0
[  317.640931][T15524] EXT4-fs (loop5): 1 orphan inode deleted
[  317.647311][T15524] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.677903][T15524] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.694761][T15533] loop1: detected capacity change from 0 to 512
[  317.700310][T15535] loop4: detected capacity change from 0 to 512
[  317.828431][T15536] lo speed is unknown, defaulting to 1000
[  317.888810][T15539] lo speed is unknown, defaulting to 1000
[  318.084411][T15541] netlink: 332 bytes leftover after parsing attributes in process `syz.0.3877'.
[  318.122635][T15539] Process accounting paused
[  318.302054][T15545] loop5: detected capacity change from 0 to 1024
[  318.308970][T15545] EXT4-fs: Ignoring removed orlov option
[  318.327762][T15547] loop0: detected capacity change from 0 to 1024
[  318.335233][T15547] EXT4-fs: inline encryption not supported
[  318.341315][T15547] EXT4-fs: Ignoring removed orlov option
[  318.347198][T15547] ext4: Unknown parameter 'appraise'
[  318.357602][T15549] can0: slcan on ttyS3.
[  318.378223][T15545] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.428330][T15547] loop0: detected capacity change from 0 to 1024
[  318.435978][T15549] can0 (unregistered): slcan off ttyS3.
[  318.462296][T15549] Falling back ldisc for ttyS3.
[  318.467585][T15547] EXT4-fs: Ignoring removed orlov option
[  318.482631][   T36] usb usb4-port1: unable to enumerate USB device
[  318.492673][T15547] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.532210][T15553] lo speed is unknown, defaulting to 1000
[  318.573061][T15555] loop2: detected capacity change from 0 to 8192
[  318.579981][T15555] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  318.612665][T15555] netlink: 'syz.2.3882': attribute type 10 has an invalid length.
[  318.680207][T15567] can0: slcan on ttyS3.
[  318.701149][T15563] loop2: detected capacity change from 0 to 1024
[  318.708038][T15563] EXT4-fs: inline encryption not supported
[  318.714366][T15563] EXT4-fs: Ignoring removed orlov option
[  318.720166][T15563] ext4: Unknown parameter 'appraise'
[  318.753303][T15563] loop2: detected capacity change from 0 to 1024
[  318.770334][T15563] EXT4-fs: Ignoring removed orlov option
[  318.780511][T15563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.822221][T15568] can0 (unregistered): slcan off ttyS3.
[  318.828103][T15568] Falling back ldisc for ttyS3.
[  318.873113][T15571] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.922523][ T8135] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.936219][T15571] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.969241][T15574] loop0: detected capacity change from 0 to 512
[  319.006752][T15571] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.019644][T15574] EXT4-fs (loop0): 1 orphan inode deleted
[  319.030908][T15574] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.043777][ T4304] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  319.185053][T15571] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.196559][ T8695] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.212874][ T8135] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.286216][T15571] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.332059][T15571] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.355165][T15586] loop5: detected capacity change from 0 to 512
[  319.458015][T15588] netlink: 332 bytes leftover after parsing attributes in process `syz.0.3891'.
[  319.469008][T15571] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.486276][T15571] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.592966][ T7672] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.626138][T15594] loop1: detected capacity change from 0 to 512
[  319.649248][T15595] lo speed is unknown, defaulting to 1000
[  319.926974][T15598] loop2: detected capacity change from 0 to 8192
[  319.952615][T15598] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  319.996264][T15604] loop4: detected capacity change from 0 to 1024
[  320.019199][T15604] EXT4-fs: inline encryption not supported
[  320.047949][T15598] netlink: 'syz.2.3893': attribute type 10 has an invalid length.
[  320.058216][T15604] EXT4-fs: Ignoring removed orlov option
[  320.064267][T15604] ext4: Unknown parameter 'appraise'
[  320.105240][T15604] loop4: detected capacity change from 0 to 1024
[  320.124027][T15604] EXT4-fs: Ignoring removed orlov option
[  320.150899][T15604] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.161907][T15606] can0: slcan on ttyS3.
[  320.324263][T15614] loop5: detected capacity change from 0 to 512
[  320.348128][T15614] EXT4-fs (loop5): 1 orphan inode deleted
[  320.362403][ T4304] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  320.362696][T15614] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.410706][T15606] can0 (unregistered): slcan off ttyS3.
[  320.432283][T15606] Falling back ldisc for ttyS3.
[  320.439322][ T8695] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.679349][T15626] netlink: 332 bytes leftover after parsing attributes in process `syz.2.3903'.
[  320.730353][T15628] loop2: detected capacity change from 0 to 1024
[  320.739166][T15628] EXT4-fs: inline encryption not supported
[  320.747738][T15628] EXT4-fs: Ignoring removed orlov option
[  320.754361][T15628] ext4: Unknown parameter 'appraise'
[  320.797833][T15628] loop2: detected capacity change from 0 to 1024
[  320.846962][T15628] EXT4-fs: Ignoring removed orlov option
[  320.878901][T15630] loop4: detected capacity change from 0 to 1024
[  320.892530][T15630] EXT4-fs: Ignoring removed bh option
[  320.908325][T15630] EXT4-fs: inline encryption not supported
[  320.914382][T15630] EXT4-fs: Ignoring removed i_version option
[  320.939986][T15630] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  320.974518][T15630] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.3905: lblock 1 mapped to illegal pblock 1 (length 1)
[  320.992468][T15630] __quota_error: 86 callbacks suppressed
[  320.992485][T15630] Quota error (device loop4): write_blk: dquota write failed
[  321.006092][T15630] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  321.045471][T15630] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3905: Failed to acquire dquot type 0
[  321.098749][T15630] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.3905: Freeing blocks not in datazone - block = 0, count = 4096
[  321.151106][T15630] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.3905: Invalid inode bitmap blk 0 in block_group 0
[  321.165043][ T4304] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  321.192422][T15630] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  321.201279][ T4304] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  321.209856][ T4304] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 0
[  321.210271][T15630] EXT4-fs (loop4): 1 orphan inode deleted
[  321.281670][T15635] loop1: detected capacity change from 0 to 8192
[  321.289292][T15635] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  321.346992][T15639] loop5: detected capacity change from 0 to 512
[  321.349359][T15635] netlink: 'syz.1.3907': attribute type 10 has an invalid length.
[  321.365650][   T29] audit: type=1326 audit(321.346:14921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15640 comm="syz.0.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  321.389218][   T29] audit: type=1326 audit(321.346:14922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15640 comm="syz.0.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  321.515927][   T29] audit: type=1326 audit(321.396:14923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15640 comm="syz.0.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  321.539471][   T29] audit: type=1326 audit(321.396:14924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15640 comm="syz.0.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  321.563199][   T29] audit: type=1326 audit(321.396:14925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15640 comm="syz.0.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  321.586340][   T29] audit: type=1326 audit(321.396:14926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15640 comm="syz.0.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  321.609453][   T29] audit: type=1326 audit(321.396:14927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15640 comm="syz.0.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1152c0e969 code=0x7ffc0000
[  321.611088][T15646] can0: slcan on ttyS3.
[  321.644051][T15648] loop1: detected capacity change from 0 to 512
[  321.703989][T15651] lo speed is unknown, defaulting to 1000
[  321.870337][T15648] EXT4-fs (loop1): 1 orphan inode deleted
[  321.951337][T15646] can0 (unregistered): slcan off ttyS3.
[  321.957236][T15646] Falling back ldisc for ttyS3.
[  322.001254][T15669] loop2: detected capacity change from 0 to 512
[  322.034091][T15673] loop1: detected capacity change from 0 to 1024
[  322.041061][T15673] EXT4-fs: Ignoring removed bh option
[  322.046634][T15673] EXT4-fs: inline encryption not supported
[  322.052671][T15673] EXT4-fs: Ignoring removed i_version option
[  322.084248][T15673] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  322.126417][T15673] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.3919: lblock 1 mapped to illegal pblock 1 (length 1)
[  322.141071][T15677] loop4: detected capacity change from 0 to 8192
[  322.147860][T15673] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3919: Failed to acquire dquot type 0
[  322.147977][T15677] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  322.161522][T15673] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.3919: Freeing blocks not in datazone - block = 0, count = 4096
[  322.196936][T15677] netlink: 'syz.4.3921': attribute type 10 has an invalid length.
[  322.198299][T15673] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.3919: Invalid inode bitmap blk 0 in block_group 0
[  322.218262][  T386] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  322.233238][  T386] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[  322.242403][T15673] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  322.278892][T15673] EXT4-fs (loop1): 1 orphan inode deleted
[  322.423556][T15689] loop4: detected capacity change from 0 to 1024
[  322.432917][T15689] EXT4-fs: inline encryption not supported
[  322.439344][T15689] EXT4-fs: Ignoring removed orlov option
[  322.445323][T15689] ext4: Unknown parameter 'appraise'
[  322.470345][T15689] loop4: detected capacity change from 0 to 1024
[  322.478027][T15692] netlink: 332 bytes leftover after parsing attributes in process `syz.1.3926'.
[  322.488282][T15689] EXT4-fs: Ignoring removed orlov option
[  322.700932][T15701] can0: slcan on ttyS3.
[  322.802819][T15701] can0 (unregistered): slcan off ttyS3.
[  322.824424][T15701] Falling back ldisc for ttyS3.
[  323.007885][T15714] loop1: detected capacity change from 0 to 512
[  323.044127][T15706] loop0: detected capacity change from 0 to 8192
[  323.050967][T15706] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  323.085483][T15706] netlink: 'syz.0.3932': attribute type 10 has an invalid length.
[  323.158986][T15720] loop2: detected capacity change from 0 to 1024
[  323.166371][T15720] EXT4-fs: Ignoring removed bh option
[  323.171870][T15720] EXT4-fs: inline encryption not supported
[  323.178000][T15720] EXT4-fs: Ignoring removed i_version option
[  323.183354][T15721] loop5: detected capacity change from 0 to 1024
[  323.184949][T15720] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  323.210657][T15721] EXT4-fs: Ignoring removed bh option
[  323.215205][T15719] lo speed is unknown, defaulting to 1000
[  323.216312][T15721] EXT4-fs: inline encryption not supported
[  323.227858][T15721] EXT4-fs: Ignoring removed i_version option
[  323.235600][T15721] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  323.268291][T15720] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #3: block 1: comm syz.2.3938: lblock 1 mapped to illegal pblock 1 (length 1)
[  323.283967][T15720] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3938: Failed to acquire dquot type 0
[  323.299101][T15720] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.3938: Freeing blocks not in datazone - block = 0, count = 4096
[  323.314333][T15720] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3938: Invalid inode bitmap blk 0 in block_group 0
[  323.327207][T15720] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  323.329008][T15721] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.3937: lblock 1 mapped to illegal pblock 1 (length 1)
[  323.352390][T15720] EXT4-fs (loop2): 1 orphan inode deleted
[  323.359543][T15721] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3937: Failed to acquire dquot type 0
[  323.371243][   T51] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  323.386449][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  323.398897][T15721] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.3937: Freeing blocks not in datazone - block = 0, count = 4096
[  323.406805][T15730] loop1: detected capacity change from 0 to 1024
[  323.431591][T15733] loop0: detected capacity change from 0 to 512
[  323.438547][T15730] EXT4-fs: Ignoring removed orlov option
[  323.452536][T15721] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3937: Invalid inode bitmap blk 0 in block_group 0
[  323.471263][   T51] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  323.471306][T15721] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  323.495199][   T51] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  323.540941][T15738] loop4: detected capacity change from 0 to 512
[  323.549332][T15721] EXT4-fs (loop5): 1 orphan inode deleted
[  323.725757][T15744] can0: slcan on ttyS3.
[  323.762381][T15744] can0 (unregistered): slcan off ttyS3.
[  323.780448][T15744] Falling back ldisc for ttyS3.
[  324.069885][T15756] loop5: detected capacity change from 0 to 8192
[  324.107613][T15756] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  324.239203][T15749] lo speed is unknown, defaulting to 1000
[  324.335530][T15756] netlink: 'syz.5.3949': attribute type 10 has an invalid length.
[  324.412338][T15762] loop1: detected capacity change from 0 to 1024
[  324.419503][T15762] EXT4-fs: inline encryption not supported
[  324.437400][T15766] loop5: detected capacity change from 0 to 1024
[  324.454967][T15766] EXT4-fs: Ignoring removed orlov option
[  324.486421][T15762] EXT4-fs: Ignoring removed orlov option
[  324.492174][T15762] ext4: Unknown parameter 'appraise'
[  324.556567][T15762] loop1: detected capacity change from 0 to 1024
[  324.662479][T15762] EXT4-fs: Ignoring removed orlov option
[  324.987375][T15778] loop2: detected capacity change from 0 to 512
[  325.080304][T15778] EXT4-fs (loop2): 1 orphan inode deleted
[  325.094406][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  325.164897][T15782] loop0: detected capacity change from 0 to 1024
[  325.171767][T15782] EXT4-fs: Ignoring removed bh option
[  325.177697][T15782] EXT4-fs: inline encryption not supported
[  325.183659][T15782] EXT4-fs: Ignoring removed i_version option
[  325.191493][T15782] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  325.222758][T15782] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.3956: lblock 1 mapped to illegal pblock 1 (length 1)
[  325.252009][T15789] can0: slcan on ttyS3.
[  325.254419][T15782] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3956: Failed to acquire dquot type 0
[  325.273644][T15782] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3956: Freeing blocks not in datazone - block = 0, count = 4096
[  325.274719][T15787] loop1: detected capacity change from 0 to 1024
[  325.299139][T15787] EXT4-fs: Ignoring removed bh option
[  325.305347][T15782] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3956: Invalid inode bitmap blk 0 in block_group 0
[  325.319122][T15787] EXT4-fs: inline encryption not supported
[  325.322905][T15789] can0 (unregistered): slcan off ttyS3.
[  325.325128][T15787] EXT4-fs: Ignoring removed i_version option
[  325.331674][T15789] Falling back ldisc for ttyS3.
[  325.342863][   T51] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  325.358402][T15782] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  325.374108][T15791] can0: slcan on ttyS3.
[  325.377616][T15782] EXT4-fs (loop0): 1 orphan inode deleted
[  325.392581][   T51] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  325.412797][T15787] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  325.438775][T15797] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.449783][T15787] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.3957: lblock 1 mapped to illegal pblock 1 (length 1)
[  325.470427][T15787] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3957: Failed to acquire dquot type 0
[  325.488011][T15787] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.3957: Freeing blocks not in datazone - block = 0, count = 4096
[  325.515355][T15798] loop2: detected capacity change from 0 to 8192
[  325.523178][T15798] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  325.538882][T15797] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.557514][T15787] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.3957: Invalid inode bitmap blk 0 in block_group 0
[  325.571663][T15791] can0 (unregistered): slcan off ttyS3.
[  325.578139][   T51] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  325.596709][T15791] Falling back ldisc for ttyS3.
[  325.602710][T15787] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  325.613341][T15798] netlink: 'syz.2.3963': attribute type 10 has an invalid length.
[  325.633587][   T51] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  325.645727][T15787] EXT4-fs (loop1): 1 orphan inode deleted
[  325.667801][T15797] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.723533][T15811] loop0: detected capacity change from 0 to 1024
[  325.730708][T15811] EXT4-fs: inline encryption not supported
[  325.743288][T15797] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.753409][T15811] EXT4-fs: Ignoring removed orlov option
[  325.759228][T15811] ext4: Unknown parameter 'appraise'
[  325.778230][T15811] loop0: detected capacity change from 0 to 1024
[  325.802504][T15811] EXT4-fs: Ignoring removed orlov option
[  325.856755][T15819] loop1: detected capacity change from 0 to 1024
[  325.873205][T15819] EXT4-fs: inline encryption not supported
[  325.879295][T15819] EXT4-fs: Ignoring removed orlov option
[  325.885007][T15819] ext4: Unknown parameter 'appraise'
[  325.905925][T15797] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.919092][T15797] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.931878][T15797] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.947650][T15797] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.971928][T15819] loop1: detected capacity change from 0 to 1024
[  326.004346][T15823] loop2: detected capacity change from 0 to 1024
[  326.027218][T15823] EXT4-fs: Ignoring removed orlov option
[  326.040587][T15819] EXT4-fs: Ignoring removed orlov option
[  326.070104][T15832] can0: slcan on ttyS3.
[  326.124199][T15834] loop5: detected capacity change from 0 to 1024
[  326.131750][T15834] EXT4-fs: Ignoring removed bh option
[  326.137453][T15834] EXT4-fs: inline encryption not supported
[  326.143635][T15834] EXT4-fs: Ignoring removed i_version option
[  326.150749][T15832] can0 (unregistered): slcan off ttyS3.
[  326.156849][T15832] Falling back ldisc for ttyS3.
[  326.162794][T15834] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  326.194818][   T29] kauditd_printk_skb: 138 callbacks suppressed
[  326.194838][   T29] audit: type=1326 audit(326.156:15050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.224520][   T29] audit: type=1326 audit(326.156:15051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.247915][   T29] audit: type=1326 audit(326.156:15052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.271255][   T29] audit: type=1326 audit(326.156:15053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.294485][   T29] audit: type=1326 audit(326.156:15054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.317652][   T29] audit: type=1326 audit(326.156:15055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.341210][   T29] audit: type=1326 audit(326.156:15056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.367943][   T29] audit: type=1326 audit(326.156:15057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.392467][   T29] audit: type=1326 audit(326.156:15058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.396604][T15834] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.3975: lblock 1 mapped to illegal pblock 1 (length 1)
[  326.415996][   T29] audit: type=1326 audit(326.156:15059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15804 comm="syz.4.3965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824edce969 code=0x7ffc0000
[  326.513160][T15834] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3975: Failed to acquire dquot type 0
[  326.552756][T15834] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.3975: Freeing blocks not in datazone - block = 0, count = 4096
[  326.573410][T15834] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3975: Invalid inode bitmap blk 0 in block_group 0
[  326.592580][  T386] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  326.614952][  T386] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[  326.627802][T15834] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  326.640004][T15834] EXT4-fs (loop5): 1 orphan inode deleted
[  326.716503][T15852] loop0: detected capacity change from 0 to 1024
[  326.725551][T15852] EXT4-fs: Ignoring removed bh option
[  326.738691][T15852] EXT4-fs: inline encryption not supported
[  326.745786][T15852] EXT4-fs: Ignoring removed i_version option
[  326.764315][T15852] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  326.775044][T15856] loop5: detected capacity change from 0 to 1024
[  326.782726][T15856] EXT4-fs: inline encryption not supported
[  326.788798][T15856] EXT4-fs: Ignoring removed orlov option
[  326.794527][T15856] ext4: Unknown parameter 'appraise'
[  326.808800][T15852] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.3980: lblock 1 mapped to illegal pblock 1 (length 1)
[  326.823531][T15856] loop5: detected capacity change from 0 to 1024
[  326.830933][T15856] EXT4-fs: Ignoring removed orlov option
[  326.836997][T15852] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3980: Failed to acquire dquot type 0
[  326.866856][T15852] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3980: Freeing blocks not in datazone - block = 0, count = 4096
[  326.881190][T15852] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3980: Invalid inode bitmap blk 0 in block_group 0
[  326.903048][ T1391] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  326.920814][T15852] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  326.930987][T15863] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.942950][ T1391] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 0
[  326.958117][T15866] can0: slcan on ttyS3.
[  326.972351][T15852] EXT4-fs (loop0): 1 orphan inode deleted
[  327.006524][T15863] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.112725][T15866] can0 (unregistered): slcan off ttyS3.
[  327.133336][T15866] Falling back ldisc for ttyS3.
[  327.174478][T15863] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.256670][T15863] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.311610][T15886] loop4: detected capacity change from 0 to 1024
[  327.326858][T15875] can0: slcan on ttyS3.
[  327.333753][T15886] EXT4-fs: Ignoring removed bh option
[  327.340176][T15886] EXT4-fs: inline encryption not supported
[  327.346560][T15886] EXT4-fs: Ignoring removed i_version option
[  327.357521][T15886] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  327.384489][T15886] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.3994: lblock 1 mapped to illegal pblock 1 (length 1)
[  327.408046][T15863] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  327.417044][T15886] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3994: Failed to acquire dquot type 0
[  327.432224][T15863] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.434435][T15886] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.3994: Freeing blocks not in datazone - block = 0, count = 4096
[  327.444876][T15863] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.466202][T15863] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  327.482290][T15886] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.3994: Invalid inode bitmap blk 0 in block_group 0
[  327.495951][T15881] can0 (unregistered): slcan off ttyS3.
[  327.502462][T15881] Falling back ldisc for ttyS3.
[  327.507479][T15886] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  327.508504][  T386] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  327.531263][T15886] EXT4-fs (loop4): 1 orphan inode deleted
[  327.541053][  T386] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[  327.674274][T15902] can0: slcan on ttyS3.
[  327.698310][T15904] loop4: detected capacity change from 0 to 1024
[  327.713744][T15902] can0 (unregistered): slcan off ttyS3.
[  327.719447][T15902] Falling back ldisc for ttyS3.
[  327.732864][T15904] EXT4-fs: Ignoring removed nobh option
[  327.738560][T15904] EXT4-fs: Ignoring removed bh option
[  327.746836][T15900] loop0: detected capacity change from 0 to 8192
[  327.772817][T15900] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  327.806924][T15911] loop2: detected capacity change from 0 to 512
[  327.810585][T15912] loop1: detected capacity change from 0 to 1024
[  327.824018][T15912] EXT4-fs: inline encryption not supported
[  327.829407][T15904] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  327.829975][T15912] EXT4-fs: Ignoring removed orlov option
[  327.850379][T15912] ext4: Unknown parameter 'appraise'
[  327.852631][T15900] netlink: 'syz.0.4001': attribute type 10 has an invalid length.
[  327.868791][T15912] loop1: detected capacity change from 0 to 1024
[  327.876638][T15912] EXT4-fs: Ignoring removed orlov option
[  327.896013][T15911] lo speed is unknown, defaulting to 1000
[  327.971334][T15923] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.985897][T15922] can0: slcan on ttyS3.
[  328.017344][T15923] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.044187][T15928] loop2: detected capacity change from 0 to 1024
[  328.064643][T15928] EXT4-fs: inline encryption not supported
[  328.066204][T15922] can0 (unregistered): slcan off ttyS3.
[  328.070734][T15928] EXT4-fs: Ignoring removed orlov option
[  328.081969][T15928] ext4: Unknown parameter 'appraise'
[  328.088552][T15898] loop5: detected capacity change from 0 to 512
[  328.115197][T15922] Falling back ldisc for ttyS3.
[  328.155566][T15923] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.177512][T15928] loop2: detected capacity change from 0 to 1024
[  328.198777][T15928] EXT4-fs: Ignoring removed orlov option
[  328.234814][T15923] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.315393][T15944] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4017'.
[  328.324859][T15944] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4017'.
[  328.335077][T15944] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4017'.
[  328.351468][T15923] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.368980][T15946] loop5: detected capacity change from 0 to 1024
[  328.376313][T15923] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.377822][T15946] EXT4-fs: Ignoring removed bh option
[  328.392998][T15946] EXT4-fs: inline encryption not supported
[  328.399485][T15946] EXT4-fs: Ignoring removed i_version option
[  328.415909][T15946] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  328.429759][T15949] loop1: detected capacity change from 0 to 512
[  328.441143][T15923] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.453006][T15946] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.4016: lblock 1 mapped to illegal pblock 1 (length 1)
[  328.468052][T15946] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4016: Failed to acquire dquot type 0
[  328.480866][T15949] EXT4-fs (loop1): 1 orphan inode deleted
[  328.484394][T15923] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.488114][T15946] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.4016: Freeing blocks not in datazone - block = 0, count = 4096
[  328.495971][   T51] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  328.534104][T15946] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.4016: Invalid inode bitmap blk 0 in block_group 0
[  328.548571][T15946] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  328.558190][  T386] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  328.585974][T15946] EXT4-fs (loop5): 1 orphan inode deleted
[  328.606645][  T386] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[  328.692579][T15962] loop0: detected capacity change from 0 to 512
[  328.719506][T15964] loop5: detected capacity change from 0 to 512
[  328.726467][T15962] EXT4-fs (loop0): 1 orphan inode deleted
[  328.741591][T15960] loop1: detected capacity change from 0 to 8192
[  328.749914][  T386] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  328.763111][T15960] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  328.808771][T15967] lo speed is unknown, defaulting to 1000
[  328.848761][T15960] netlink: 'syz.1.4020': attribute type 10 has an invalid length.
[  328.879241][T15970] can0: slcan on ttyS3.
[  328.933561][T15970] can0 (unregistered): slcan off ttyS3.
[  328.939633][T15970] Falling back ldisc for ttyS3.
[  328.951643][T15978] loop5: detected capacity change from 0 to 1024
[  328.961592][T15978] EXT4-fs: inline encryption not supported
[  328.970253][T15978] EXT4-fs: Ignoring removed orlov option
[  328.976071][T15978] ext4: Unknown parameter 'appraise'
[  328.983190][T15980] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.007969][T15978] loop5: detected capacity change from 0 to 1024
[  329.022601][T15978] EXT4-fs: Ignoring removed orlov option
[  329.089131][T15986] loop4: detected capacity change from 0 to 1024
[  329.096091][T15986] EXT4-fs: Ignoring removed bh option
[  329.101963][T15986] EXT4-fs: inline encryption not supported
[  329.107868][T15986] EXT4-fs: Ignoring removed i_version option
[  329.119468][T15980] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.131367][T15986] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  329.253376][T15986] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.4032: lblock 1 mapped to illegal pblock 1 (length 1)
[  329.327467][T15986] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.4032: Failed to acquire dquot type 0
[  329.339890][T15986] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.4032: Freeing blocks not in datazone - block = 0, count = 4096
[  329.353919][T15986] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.4032: Invalid inode bitmap blk 0 in block_group 0
[  329.368815][T15986] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  329.378495][T15986] EXT4-fs (loop4): 1 orphan inode deleted
[  329.384729][   T51] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  329.422800][T15980] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.435934][   T51] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  329.494531][T15980] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.534236][T16002] can0: slcan on ttyS3.
[  329.558931][T16000] loop2: detected capacity change from 0 to 8192
[  329.573934][T16000] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  329.612697][T16000] netlink: 'syz.2.4034': attribute type 10 has an invalid length.
[  329.651461][T16005] loop2: detected capacity change from 0 to 512
[  329.666300][T16005] EXT4-fs (loop2): 1 orphan inode deleted
[  329.692384][T16002] can0 (unregistered): slcan off ttyS3.
[  329.698183][T16002] Falling back ldisc for ttyS3.
[  329.797317][T16011] loop4: detected capacity change from 0 to 512
[  329.829300][T16013] loop0: detected capacity change from 0 to 1024
[  329.836013][T16015] can0: slcan on ttyS3.
[  329.836679][T16013] EXT4-fs: inline encryption not supported
[  329.849588][T16013] EXT4-fs: Ignoring removed orlov option
[  329.855490][T16013] ext4: Unknown parameter 'appraise'
[  329.872032][T16013] loop0: detected capacity change from 0 to 1024
[  329.879327][T16013] EXT4-fs: Ignoring removed orlov option
[  329.962771][T16015] can0 (unregistered): slcan off ttyS3.
[  329.968754][T16015] Falling back ldisc for ttyS3.
[  330.178134][T16032] loop2: detected capacity change from 0 to 1024
[  330.199987][T16025] lo speed is unknown, defaulting to 1000
[  330.216643][T16034] loop5: detected capacity change from 0 to 1024
[  330.240086][T16032] EXT4-fs: Ignoring removed bh option
[  330.241108][T16034] EXT4-fs: Ignoring removed bh option
[  330.246181][T16032] EXT4-fs: inline encryption not supported
[  330.257296][T16032] EXT4-fs: Ignoring removed i_version option
[  330.264994][T16034] EXT4-fs: inline encryption not supported
[  330.270896][T16034] EXT4-fs: Ignoring removed i_version option
[  330.277837][T16032] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  330.292225][T16032] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #3: block 1: comm syz.2.4044: lblock 1 mapped to illegal pblock 1 (length 1)
[  330.322985][T16032] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.4044: Failed to acquire dquot type 0
[  330.334841][T16034] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  330.349896][T16034] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.4045: lblock 1 mapped to illegal pblock 1 (length 1)
[  330.365671][T16032] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.4044: Freeing blocks not in datazone - block = 0, count = 4096
[  330.379812][T16034] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4045: Failed to acquire dquot type 0
[  330.441290][T16032] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.4044: Invalid inode bitmap blk 0 in block_group 0
[  330.455637][   T51] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  330.471774][T16034] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.4045: Freeing blocks not in datazone - block = 0, count = 4096
[  330.492160][T16032] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  330.493364][T16034] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.4045: Invalid inode bitmap blk 0 in block_group 0
[  330.501192][T16032] EXT4-fs (loop2): 1 orphan inode deleted
[  330.519719][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  330.533556][T16034] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  330.542368][   T51] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  330.557433][T16034] EXT4-fs (loop5): 1 orphan inode deleted
[  330.563560][   T51] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  330.739827][T16039] loop5: detected capacity change from 0 to 8192
[  330.746470][T16043] loop2: detected capacity change from 0 to 512
[  330.747072][T16039] vfat: Unknown parameter '�������������H�!��1��`w�)��ea뀋-��sà��_�uŪ][_Hq�m��5W��)�-3?b5e]�C"XG�	��\�Z��H�P��X������18446744073709551615�0xffffffffffffffff00000000000000000003'
[  330.766043][T16045] can0: slcan on ttyS3.
[  330.790921][T16039] netlink: 'syz.5.4046': attribute type 10 has an invalid length.
[  330.872249][T16045] can0 (unregistered): slcan off ttyS3.
[  330.878393][T16045] Falling back ldisc for ttyS3.
[  330.933987][T16050] loop5: detected capacity change from 0 to 1024
[  330.941061][T16050] EXT4-fs: inline encryption not supported
[  330.947104][T16052] loop0: detected capacity change from 0 to 1024
[  330.947177][T16050] EXT4-fs: Ignoring removed orlov option
[  330.954104][T16052] EXT4-fs: inline encryption not supported
[  330.959355][T16050] ext4: Unknown parameter 'appraise'
[  330.965498][T16052] EXT4-fs: Ignoring removed orlov option
[  330.976648][T16052] ext4: Unknown parameter 'appraise'
[  330.984300][T16050] loop5: detected capacity change from 0 to 1024
[  330.991085][T16050] EXT4-fs: Ignoring removed orlov option
[  331.069833][T16055] lo speed is unknown, defaulting to 1000
[  331.212499][T16052] loop0: detected capacity change from 0 to 1024
[  331.333769][T16052] EXT4-fs: Ignoring removed orlov option
[  331.513794][T16058] ==================================================================
[  331.522193][T16058] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[  331.530511][T16058] 
[  331.532863][T16058] write to 0xffff888106a9d758 of 4 bytes by task 16057 on cpu 1:
[  331.540905][T16058]  writeback_single_inode+0x14a/0x3e0
[  331.546772][T16058]  sync_inode_metadata+0x5b/0x90
[  331.552344][T16058]  generic_buffers_fsync_noflush+0xd9/0x120
[  331.558280][T16058]  ext4_sync_file+0x1ab/0x690
[  331.563023][T16058]  vfs_fsync_range+0x10d/0x130
[  331.567923][T16058]  ext4_buffered_write_iter+0x34f/0x3c0
[  331.574304][T16058]  ext4_file_write_iter+0x383/0xf00
[  331.579659][T16058]  iter_file_splice_write+0x5f2/0x970
[  331.585474][T16058]  direct_splice_actor+0x156/0x2a0
[  331.590821][T16058]  splice_direct_to_actor+0x312/0x680
[  331.596273][T16058]  do_splice_direct+0xda/0x150
[  331.601557][T16058]  do_sendfile+0x380/0x650
[  331.606123][T16058]  __x64_sys_sendfile64+0x105/0x150
[  331.611452][T16058]  x64_sys_call+0xb39/0x2fb0
[  331.616179][T16058]  do_syscall_64+0xd2/0x200
[  331.620827][T16058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.627063][T16058] 
[  331.629499][T16058] read to 0xffff888106a9d758 of 4 bytes by task 16058 on cpu 0:
[  331.637257][T16058]  vfs_fsync_range+0x9b/0x130
[  331.642071][T16058]  ext4_buffered_write_iter+0x34f/0x3c0
[  331.647718][T16058]  ext4_file_write_iter+0x383/0xf00
[  331.652972][T16058]  iter_file_splice_write+0x5f2/0x970
[  331.658418][T16058]  direct_splice_actor+0x156/0x2a0
[  331.663596][T16058]  splice_direct_to_actor+0x312/0x680
[  331.669040][T16058]  do_splice_direct+0xda/0x150
[  331.673933][T16058]  do_sendfile+0x380/0x650
[  331.678498][T16058]  __x64_sys_sendfile64+0x105/0x150
[  331.683749][T16058]  x64_sys_call+0xb39/0x2fb0
[  331.688463][T16058]  do_syscall_64+0xd2/0x200
[  331.693024][T16058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.699025][T16058] 
[  331.701427][T16058] value changed: 0x00000038 -> 0x00000002
[  331.707169][T16058] 
[  331.709502][T16058] Reported by Kernel Concurrency Sanitizer on:
[  331.715758][T16058] CPU: 0 UID: 0 PID: 16058 Comm: syz.5.4051 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(voluntary) 
[  331.728163][T16058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  331.738334][T16058] ==================================================================
[  331.856452][T15980] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  331.868650][T15980] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  331.880926][T15980] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  331.893527][T15980] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.227017][   T29] kauditd_printk_skb: 154 callbacks suppressed
[  332.227034][   T29] audit: type=1400 audit(332.206:15191): avc:  denied  { recv } for  pid=0 comm="swapper/1" saddr=10.128.0.163 src=42764 daddr=10.128.0.64 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1