last executing test programs:

5m29.496509954s ago: executing program 3 (id=495):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, 0x0, 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x18000000000002a0, 0xb, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

5m29.495982894s ago: executing program 3 (id=497):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000340), 0x2, 0x0)
close(r1)

5m29.442879209s ago: executing program 3 (id=499):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x4b67, 0x0)

5m29.348002749s ago: executing program 3 (id=501):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@init_itable_val}, {@init_itable}, {@nogrpid}, {@user_xattr}, {@errors_remount}, {@grpquota}]}, 0x3, 0x43b, &(0x7f00000003c0)="$eJzs281vG0UbAPBn7aR9+/UmVOWjaYFAQUR8JE1aSg9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IsE/wAkuCDghcYU7qlShXFo4Ga29m9iOnSapky3495O2ndkda+bx7mPP7sQB9Kzh9J8kYn9E/BYRA/Vqc4Ph+n+3lhen/lpenEqiWn3jz6TW7uby4lTeNH/dvrzSF1H6JIkjbfqdv3zl/GSlMnMpq48tXHh3bP7ylWdmL0yemzk3c3Hi9OmTJ8afOzXxbFfiTOO6OfTB3NHDr7x17bWpM9fe/unrJI+/JY4uGV7v4OPVape7K9aBhnLSV+BA2JRyPU2jv5b/A1GO1ZM3EC9/XOjggG1VrVar93U+vFQF/sOSKHoEQDHyL/r0/jffdmjqcVe48UL9BiiN+1a21Y/0RSlr099yf9tNwxFxZunvL9Ittuc5BABAk+/S+c/T7eZ/pWh8LvT/bA1lMCLuiYiDEXEqIg5FxL0Rtbb3R8QDm+y/dZFk7fyndH1LgW1QOv97Plvbap7/5bO/GCxntQO1+PuTs7OVmePZezIS/bvT+vg6fXz/0q+fdTrWOP9Lt7T/fC6YjeN63+7m10xPLkzeScyNbnwUMdTXLv5kZSUgiYjDETG0xT5mn/zqaKdjt49/HV1YZ6p+GfFE/fwvRUv82dS/VlpnfXLsf1GZOT6WXxVr/fzL1dc79X9H8XdBev73tr3+V1aBB5PG9dr5zfdx9fdPO97TbPX635W82bTv/cmFhUvjEbuSV+uDbtw/0dJuYrV9Gv/Isfb5fzBW34kjEZFexA9GxEMR8XA29kci4tGIOLZO/D+++Ng7HeP/pvjzP72p879a2BWte9oXyud/+Lap08GG+Dd0/k/WSiPZno18/m1kXFu7mgEAAODfpxQR+yMpja6US6XR0frf8B+KvaXK3PzCU2fn3rs4Xf+NwGD0l/InXQMNz0PHs9v6vD7RUj+RPTf+vLynVh+dmqtMFx089Lh9a/I/Ikbrx/4oFzw4YPv5vRb0LvkPvUv+Q++S/9C72uT/niLGAey8lfxvyPoPCxoLsLNavv8t+0EPcf8PvUv+Q++S/9CT5vfE7X8kr6CwphClu2IYCttUKPqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+CQAA///u8ede")
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_print_times', 0x149a82, 0x0)
writev(r0, &(0x7f0000001a00)=[{&(0x7f0000000080)='b', 0x1}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x13, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x3, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000600)={r2, 0xffffffffffffffff, 0x7, 0x0, @void}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESHEX=r2], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ptrace$getregset(0x4205, r4, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)=ANY=[@ANYBLOB="380000001214010025bd7000fbdbdf2508004f00000000000800"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x8010)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="38000000031401002dbd7000fbdbdf250900020073797a300000000008004100727865006b62ce21b90514003300766c616e300000000000000000000000b1267ae0f7af3edd7b155ab367309995c9e10592aa04556acff690442b0f83fba162cab7f4d8421b031c6e8cab25eb69b72ebe8a24d30e093558e21274994824f81980e45a891e4c50d396d2a4cc2732c3e0737042162601413419a39770a4917ef913f4446322ed29b2952627781cfb0f595bbf09e5f88d61d1b4ebce303cdce953bdea831f6928b1b13cf2dbf8c15b304a883e4b77aa"], 0x38}}, 0x8000010)
setsockopt$netlink_NETLINK_RX_RING(r5, 0x10e, 0x6, &(0x7f0000000000)={0x2, 0x5, 0x8000, 0x101}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xb470, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_LISTDEF(r7, &(0x7f0000000980)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000428bd7000fbdbdf250600000014000600ff010500000000000000000000000001080008007f19000000000000001315471400050000000000000000000000ffffe000000206000b0005000000080008006401010008000700ac1414aa"], 0x64}, 0x1, 0x0, 0x0, 0x8011}, 0x4004015)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
unshare(0x6020480)
r9 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_RECVERR(r9, 0x114, 0x5, &(0x7f0000000200)=0x1, 0x4)
munlockall()

5m28.844193238s ago: executing program 2 (id=505):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x934, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}}}, 0x108)

5m28.592250023s ago: executing program 2 (id=507):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xb31}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xffffffffffffff8f)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
clock_gettime(0x1, &(0x7f0000000000)={<r2=>0x0, <r3=>0x0})
clock_settime(0x0, &(0x7f0000000040)={r2, r3+10000000})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x7fff}, 0x18)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="2001000012001307"], 0x120}}, 0x0)
r6 = syz_create_resource$binfmt(&(0x7f0000000000)='./file2\x00')
r7 = openat$binfmt(0xffffffffffffff9c, r6, 0x41, 0x1ff)
fcntl$setlease(r7, 0x400, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r8, 0x0, 0x1034}, 0x18)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file7\x00', 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x80, 0x0)
ioctl$PPPIOCNEWUNIT(r9, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r9, 0x40047459, &(0x7f0000000000)={0x0, 0x0})
read(r9, 0x0, 0x0)
write$ppp(r9, &(0x7f0000000480)="ac4a", 0x2)

5m28.552717757s ago: executing program 3 (id=509):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x112, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x1, @perf_config_ext={0xd, 0x3}, 0x12, 0x6, 0x7, 0x3, 0x4, 0x5, 0x0, 0x0, 0x2}, 0x0, 0x2000000000000000, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
socket(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
setgroups(0x0, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x20000001}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r8, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
getsockname$packet(r3, &(0x7f00000001c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000007c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

5m28.484368053s ago: executing program 2 (id=511):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x4b67, 0x0)

5m28.366797585s ago: executing program 2 (id=514):
r0 = syz_io_uring_setup(0x497, &(0x7f0000000300)={0x0, 0x4661, 0x800, 0x3, 0x20c}, &(0x7f0000000540)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0xa, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)='./file0\x00', 0xffffffffffffffff, 0x400, 0x1})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x2, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000020000000000000000000000850000005e00000095"], &(0x7f0000000540)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d1}, 0x94)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000340)='./file0/file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x2001080, 0x0)
umount2(&(0x7f0000000480)='./file0/../file0\x00', 0x0)
io_uring_enter(r0, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000600)="2d974cb75367d55302948228b3b427ba2d114c13d24bb37f6f655defa376bab4df3d85d023240cec69ef29d624c1f345f4cd63bd7b036299a8eb716d58dd730694d4a6a6aa7c5f78f6d9108b8922666f066e9d14d565da1717c398ef07d81a9ff3187011acb17f670f0bc5dda2fb49e9c1eccaf401498235b6cd97245d095255750206b476b11420eaaf", 0x8a}], 0x1, 0x4)

5m28.083683053s ago: executing program 2 (id=518):
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x934, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}}}, 0x108)

5m27.868200934s ago: executing program 3 (id=520):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, 0x0, 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x18000000000002a0, 0xd, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

5m27.860231645s ago: executing program 32 (id=520):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, 0x0, 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x18000000000002a0, 0xd, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

5m27.336232437s ago: executing program 2 (id=525):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x4b67, 0x0)

5m27.336079057s ago: executing program 33 (id=525):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x4b67, 0x0)

3m2.694998549s ago: executing program 6 (id=3606):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x112, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x1, @perf_config_ext={0xd, 0x3}, 0x12, 0x6, 0x7, 0x3, 0x4, 0x5, 0x0, 0x0, 0x2}, 0x0, 0x2000000000000000, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
socket(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
setgroups(0x0, 0x0)
r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x20000001}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r10, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r5, &(0x7f00000001c0)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000007c0)=0x14)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r12, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r12], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x50, 0x5}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6, 0x0, 0x8, 0x3}]}, 0x10)
writev(r2, &(0x7f0000000500)=[{&(0x7f0000000080)='\f', 0x1}], 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000001c0)='cpu>00\t&&')

3m2.296842439s ago: executing program 6 (id=3609):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000340), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
close(r1)

3m2.235510175s ago: executing program 6 (id=3611):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab", 0x8}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0x8000000008}, 0x18)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21481e, &(0x7f0000000300), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[], 0x34c}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
open$dir(&(0x7f0000000140)='./file1\x00', 0x18180, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
getrlimit(0x8, &(0x7f0000000b40))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="04000000040000000400000005", @ANYRESHEX=0x0], 0x48)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r4, 0x4004662b, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdbf, 0x0, 0x0, 0x0, 0x80}, 0x94)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x10)

3m2.025426796s ago: executing program 6 (id=3614):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$inet(0x2, 0x3, 0xd)
getsockopt$inet_mreqsrc(r1, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)

3m1.981336379s ago: executing program 6 (id=3616):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000007c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

3m1.847660333s ago: executing program 6 (id=3621):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000380)=[{0x3, 0x2, 0xc, 0x6}, {0x3, 0x3, 0xb, 0xc}], 0x10, 0x80000000}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

2m46.709469443s ago: executing program 34 (id=3621):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000380)=[{0x3, 0x2, 0xc, 0x6}, {0x3, 0x3, 0xb, 0xc}], 0x10, 0x80000000}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

6.334619236s ago: executing program 1 (id=7152):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b000000050000000200000002000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SIOCX25SENDCALLACCPT(0xffffffffffffffff, 0x89e9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r1, 0x0, 0xfdef)

6.311172949s ago: executing program 7 (id=7153):
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = dup3(r2, r1, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x8000, 0x2, 0x3, 0x6, 0x1}, &(0x7f00000000c0)=0x14)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000040)=0x40)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r4, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r4, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f0000000380)}}, {{0x0, 0x0, 0x0, 0x49}}, {{0x0, 0x0, &(0x7f0000004dc0)=[{&(0x7f0000000380)=""/171, 0xab}], 0x1, &(0x7f00000053c0)=""/196, 0xc4}, 0x4}, {{0x0, 0x0, 0x0}}], 0x4, 0x2, 0x0)
sendmmsg(r4, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
set_mempolicy_home_node(&(0x7f0000ff1000/0xe000)=nil, 0xe000, 0x0, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x1c003, 0xc0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x6, 0x40, 0x3, 0x0, 0x4000000000, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x100882, 0x7ff, 0x6, 0x3, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x3fd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00'}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))

6.261193064s ago: executing program 7 (id=7156):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000001, @mcast2, 0x6}, 0x1c)
write(r0, &(0x7f00000000c0)="8f2a", 0x2)

5.655377563s ago: executing program 1 (id=7176):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$kcm(0x29, 0x5, 0x0)
sendmsg(r1, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003140)=[{&(0x7f0000002d80)="0f", 0x1}, {0x0, 0x2}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0, 0x4d}, {0x0}], 0x9}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000008"], 0x48)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x14927e, 0x20)
fallocate(r2, 0x0, 0x0, 0x1000f4)
ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f00000000c0))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'tunl0\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r6}, 0x18)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="01002bbd7000000000001c0000002000018014000200766c616e31000000000000000000000008000100", @ANYRES32=r5], 0x34}}, 0x0)

5.524346646s ago: executing program 1 (id=7180):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
r4 = dup(r1)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
lstat(&(0x7f0000000380)='./file0\x00', 0x0)

5.499797729s ago: executing program 0 (id=7181):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
io_setup(0x8, &(0x7f0000000180))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
socket(0x10, 0x803, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
sendfile(r6, r5, 0x0, 0x3ffff)

5.475915291s ago: executing program 1 (id=7183):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
r1 = syz_usbip_server_init(0x2) (fail_nth: 1)
write(r1, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xf, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x1a, r4, 0x1, 0x8, 0x6, @broadcast}, 0x14)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@grpquota}, {@mblk_io_submit}, {@jqfmt_vfsold}, {@nodelalloc}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@grpjquota, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==")

5.020251585s ago: executing program 0 (id=7186):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001980), 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001900010929bd700080000000021810000000fd010000000008000b"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f00000019c0)={{0x1, 0x0, 0x5, 0x0, 0x8}, 0x2, 0x85, 'id0\x00', 'timer1\x00', 0x0, 0x0, 0xb9, 0x10001, 0xff})
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18)
r3 = epoll_create1(0x0)
r4 = epoll_create1(0x80000)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x445bd}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r8}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000400)={0xa})
epoll_pwait(r3, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x7460)
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240), 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000180)=@raw=[@map_fd={0x18, 0xa, 0x1, 0x0, r5}, @map_val={0x18, 0x1, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x54}], &(0x7f00000001c0)='GPL\x00', 0x8, 0x28, &(0x7f0000000200)=""/40, 0x41100, 0x12, '\x00', 0x0, 0x1a, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x2, 0xd, 0xf82, 0x6}, 0x10, 0x1ae2a, 0xffffffffffffffff, 0x3, &(0x7f00000004c0)=[r5, r5, r5, 0xffffffffffffffff], &(0x7f0000000500)=[{0x0, 0x5, 0x9, 0x7}, {0x0, 0x2, 0x0, 0x5}, {0x3, 0x3, 0x7, 0x6}]}, 0x94)

4.110944155s ago: executing program 0 (id=7189):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000580)={0xfffffffc}, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfdef)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x200e7b, 0x0, 0x86)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d80672e65a6a0a72e19c2b60bd6276fd8bb6366e9d1ed9a60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d10d1f600"})
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
ioctl$USBDEVFS_FORBID_SUSPEND(0xffffffffffffffff, 0x5521)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r3, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400038010"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

4.099711676s ago: executing program 0 (id=7192):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
r4 = dup(r1)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
lstat(&(0x7f0000000380)='./file0\x00', 0x0)

4.052962151s ago: executing program 1 (id=7193):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
r4 = dup(r1)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

4.052510391s ago: executing program 0 (id=7194):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000001, @mcast2, 0x6}, 0x1c)
write(r0, &(0x7f00000000c0)="8f2a", 0x2)

4.042996322s ago: executing program 1 (id=7195):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
io_setup(0x8, &(0x7f0000000180))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
socket(0x10, 0x803, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
sendfile(r6, r5, 0x0, 0x3ffff)

3.993656457s ago: executing program 0 (id=7196):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010", @ANYBLOB, @ANYRES32=0x0], 0x50)
io_setup(0x8, &(0x7f0000000180))
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x10, 0x803, 0x0)
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3ffff)

2.490004465s ago: executing program 7 (id=7158):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x112, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x1, @perf_config_ext={0xd, 0x3}, 0x12, 0x6, 0x7, 0x3, 0x4, 0x5, 0x0, 0x0, 0x2}, 0x0, 0x2000000000000000, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
socket(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
setgroups(0x0, 0x0)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x20000001}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r11, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r6, &(0x7f00000001c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000007c0)=0x14)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r13, @ANYBLOB='\b\x00\n\x00'], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x50, 0x5}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6, 0x0, 0x8, 0x3}]}, 0x10)
writev(r3, &(0x7f0000000500)=[{&(0x7f0000000080)='\f', 0x1}], 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000001c0)='cpu>00\t&&')

2.422206392s ago: executing program 7 (id=7219):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$gtp(0x0, r2)
r4 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000002c0)={0x88, r3, 0x20, 0x70bd25, 0x25dfdbfe, {0x2, 0x0, 0xa6ff}, [@GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_NET_NS_FD={0x8, 0x7, r4}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_MS_ADDR6={0x14, 0xc, @dev={0xfe, 0x80, '\x00', 0x19}}, @GTPA_FAMILY={0x5, 0xd, 0x9}, @GTPA_MS_ADDR6={0x14, 0xc, @private0={0xfc, 0x0, '\x00', 0x1}}, @GTPA_MS_ADDRESS={0x8, 0x5, @loopback}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_PEER_ADDR6={0x14, 0xb, @dev={0xfe, 0x80, '\x00', 0x18}}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008040)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
socket$inet6(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r7}, 0x10)
setrlimit(0x9, &(0x7f0000000000))
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
io_setup(0x2004, &(0x7f0000000680))
sendmsg$NFNL_MSG_CTHELPER_NEW(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="58000000000905000000000000000000020000050900010073797a3000000000080005400000001c0c00048008000144fffffff7240002001400018008000100ac1414aa08000200e00000020c0002"], 0x58}, 0x1, 0x0, 0x0, 0x24000800}, 0x4040040)
socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)

1.307868531s ago: executing program 4 (id=7224):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x8000000a, 0x20002f3})

1.307262011s ago: executing program 4 (id=7225):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f0000000880)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000300)="359c", 0x2}], 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c000400"/44, @ANYRES32=0x0], 0x30}], 0x1, 0x0)

1.267417666s ago: executing program 4 (id=7226):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
r4 = dup(r1)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

1.247132937s ago: executing program 4 (id=7227):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'geneve0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x401, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r2, 0x137b, 0x2000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x2000c0d0)

1.228648959s ago: executing program 4 (id=7228):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@delqdisc={0x2c, 0x25, 0x10, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xd, 0x1}, {0xffe0, 0xfff1}, {0x11, 0x3}}, [@TCA_RATE={0x6, 0x5, {0x0, 0xf7}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20048084}, 0x2008c014)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write$binfmt_misc(r0, &(0x7f0000000000), 0xfffffecc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r0, @ANYRES32=0x0, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
getgroups(0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r2 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000880), 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x10, 0x28, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000007d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYBLOB='\a'], 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x20, 0x2, 0x8, 0x201, 0x0, 0x0, {0x3, 0x0, 0x3}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x40)
r8 = bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r0}, 0x8)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r7, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r5}, 0x20)
sendmmsg$inet6(r5, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000045)
sendmsg$TIPC_NL_MON_GET(r3, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000d80)={0x14, r4, 0x301, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x6c, r4, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x58, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "d11d5dc18541b4e6762666211ed9abe28f96fc6d61fb94d95dad1252a27819"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x3797}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x10}, 0x20000044)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$sock_FIOGETOWN(r8, 0x8903, &(0x7f0000000340)=<r10=>0x0)
recvfrom$inet(r0, &(0x7f0000000640)=""/45, 0x2d, 0x102, &(0x7f0000000680)={0x2, 0x4e22, @broadcast}, 0x10)
ptrace$ARCH_MAP_VDSO_32(0x1e, r10, 0x2, 0x2002)
sendmsg$RDMA_NLDEV_CMD_SET(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYRES8=r9], 0x24}, 0x1, 0x0, 0x0, 0x4000801}, 0x24040811)

1.192284682s ago: executing program 7 (id=7229):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x112, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x1, @perf_config_ext={0xd, 0x3}, 0x12, 0x6, 0x7, 0x3, 0x4, 0x5, 0x0, 0x0, 0x2}, 0x0, 0x2000000000000000, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
socket(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
setgroups(0x0, 0x0)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x20000001}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r11, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r6, &(0x7f00000001c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000007c0)=0x14)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r13, @ANYBLOB='\b\x00\n\x00'], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x50, 0x5}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6, 0x0, 0x8, 0x3}]}, 0x10)
writev(r3, &(0x7f0000000500)=[{&(0x7f0000000080)='\f', 0x1}], 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000001c0)='cpu>00\t&&')

1.098967922s ago: executing program 7 (id=7231):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010", @ANYBLOB, @ANYRES32=0x0], 0x50)
io_setup(0x8, &(0x7f0000000180))
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)

1.043449097s ago: executing program 5 (id=7233):
r0 = socket$netlink(0x10, 0x3, 0x4)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x8000, 0x2, 0x3, 0x6, 0x1}, &(0x7f00000000c0)=0x14)
sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000010603000000000000000000190000030500010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4008010)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000040)=0x40)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r1, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r1, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f0000000380)}}, {{0x0, 0x0, 0x0, 0x49}}, {{0x0, 0x0, &(0x7f0000004dc0)=[{&(0x7f0000000380)=""/171, 0xab}], 0x1, &(0x7f00000053c0)=""/196, 0xc4}, 0x4}, {{0x0, 0x0, 0x0}}], 0x4, 0x2, 0x0)
sendmmsg(r1, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
set_mempolicy_home_node(&(0x7f0000ff1000/0xe000)=nil, 0xe000, 0x0, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x1c003, 0xc0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x6, 0x40, 0x3, 0x0, 0x4000000000, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x100882, 0x7ff, 0x6, 0x3, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3fd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00'}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))

1.007229931s ago: executing program 5 (id=7234):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001980), 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001900010929bd700080000000021810000000fd010000000008000b"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f00000019c0)={{0x1, 0x0, 0x5, 0x0, 0x8}, 0x2, 0x85, 'id0\x00', 'timer1\x00', 0x0, 0x0, 0xb9, 0x10001, 0xff})
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18)
r3 = epoll_create1(0x0)
r4 = epoll_create1(0x80000)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x445bd}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r8}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000400)={0xa})
epoll_pwait(r3, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x7460)
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{0x1, <r10=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000440)=r2}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000180)=@raw=[@map_fd={0x18, 0xa, 0x1, 0x0, r5}, @map_val={0x18, 0x1, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x54}], &(0x7f00000001c0)='GPL\x00', 0x8, 0x28, &(0x7f0000000200)=""/40, 0x41100, 0x12, '\x00', 0x0, 0x1a, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x2, 0xd, 0xf82, 0x6}, 0x10, 0x1ae2a, 0xffffffffffffffff, 0x3, &(0x7f00000004c0)=[r5, r5, r5, r10], &(0x7f0000000500)=[{0x0, 0x5, 0x9, 0x7}, {0x0, 0x2, 0x0, 0x5}, {0x3, 0x3, 0x7, 0x6}]}, 0x94)
io_setup(0x10000, &(0x7f00000014c0))

336.084287ms ago: executing program 4 (id=7235):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x2, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0x5}, {0xe, 0xffff}, {0xa, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_ECN={0x8, 0x4, 0x1}, @TCA_CODEL_LIMIT={0x8, 0x2, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x12d8)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getrusage(0x0, &(0x7f0000000ac0))
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x20)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x5, 0x3, &(0x7f0000000500)=ANY=[], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r5, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = socket(0x10, 0x803, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0700000004000000080200002100000000000000", @ANYRES8=r4, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES64=r4, @ANYBLOB="000000000000000000000000a1a082d66c35a321e8aca4530e1f74000000000000"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r5, @ANYRES32=r7, @ANYRES8=r5], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kfree\x00', r8}, 0x18)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f00000000c0)=@ethtool_stats})
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
mount$9p_rdma(&(0x7f0000000580), &(0x7f00000005c0)='./cgroup\x00', &(0x7f0000000600), 0x2800004, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=rdma,'])

158.002174ms ago: executing program 5 (id=7236):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f0000000880)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000300)="359c", 0x2}], 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c000400"/44, @ANYRES32=0x0], 0x30}], 0x1, 0x0)

141.183806ms ago: executing program 5 (id=7237):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x8000000a, 0x20002f3})

124.820908ms ago: executing program 5 (id=7238):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000500)={0x0, r1}, 0x8)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(r2, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f00000011c0), &(0x7f0000001200)='./file0\x00', 0x1008489, &(0x7f0000000100), 0x41, 0x11ed, &(0x7f0000002440)="$eJzs209rI2UcB/Cfu1u7m9pu/e/uxQe96GVw9+BBvBTpgmxA2d0Ku4IwpVMNiUnJ5JCIYD148eQL8CUIXrwJ6hvoxdfgrQiiF0+OtElrGyItpU2Lfj4Qnl/yfTJ5fplkYEJm+82vPm6ul9l6jFwaDmmviIjNePXHN/748v7DR3eX6vXleyndWXpw6/WU0sKLP7z/6Tcv/dSbe++7he9nY2vxg+3fbv+ydSlubP/14KNGmRpland6KU+rnU4vX20Vaa1RNrOU3m0VeVmkRrssusN856VaRVpvdTY2Bilvr83XNrpFWaa8PUjNYpB6ndTrDlL+Yd5opyzL0nwtOKnPR2NV7dxm4vGoqqq6FrWYiydiPhbieizGk/FUPB3PxLPxXDwfL8SN3VnnvHQAAAAAAAAAAAAAAAAAAAD4j/mzGr/+/7rr/wEAAAAAAAAAAAAAAAAAAGDK7j98dHepXl++l9LViF83+yv9leE4zO+8XV9+Le1a/OdZv/f7K5f381vDPB3OZ6M2ym9PzK/GKy8P853srXfqY/nNWDv79gEAAOB/IUv7Jp7fZ9m/5cPqwO8DY+fvV+Lmlam1wQmVg0+a+czoTt5qFd3dR06zqD47qy2ffhFfTIxWI+KCrPAYxczp7srZ0afj3PuaQvH15clv3eEvzZHbmYuIi9DOWPHzt6M9eZzJUz0McU4OHPr2PLY5aeK1aa4KAAAAAAAAAACAo0zlT7UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwN/swIEAAAAAgCB/6wk2KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAUAAD//5jlW3M=")
io_uring_setup(0xf21, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000ffff0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='percpu_free_percpu\x00', r4}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r6)

0s ago: executing program 5 (id=7239):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$gtp(0x0, r2)
r4 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000002c0)={0x88, r3, 0x20, 0x70bd25, 0x25dfdbfe, {0x2, 0x0, 0xa6ff}, [@GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_NET_NS_FD={0x8, 0x7, r4}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_MS_ADDR6={0x14, 0xc, @dev={0xfe, 0x80, '\x00', 0x19}}, @GTPA_FAMILY={0x5, 0xd, 0x9}, @GTPA_MS_ADDR6={0x14, 0xc, @private0={0xfc, 0x0, '\x00', 0x1}}, @GTPA_MS_ADDRESS={0x8, 0x5, @loopback}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_PEER_ADDR6={0x14, 0xb, @dev={0xfe, 0x80, '\x00', 0x18}}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008040)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
socket$inet6(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r7}, 0x10)
setrlimit(0x9, &(0x7f0000000000))
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
io_setup(0x2004, &(0x7f0000000680))
sendmsg$NFNL_MSG_CTHELPER_NEW(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="58000000000905000000000000000000020000050900010073797a3000000000080005400000001c0c00048008000144fffffff7240002001400018008000100ac1414aa08000200e00000020c0002"], 0x58}, 0x1, 0x0, 0x0, 0x24000800}, 0x4040040)
socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

rder=0, oom_score_adj=1000
[  337.780930][T20636] CPU: 0 UID: 0 PID: 20636 Comm: syz.0.6451 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  337.780972][T20636] Tainted: [W]=WARN
[  337.780979][T20636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  337.781070][T20636] Call Trace:
[  337.781079][T20636]  <TASK>
[  337.781089][T20636]  __dump_stack+0x1d/0x30
[  337.781115][T20636]  dump_stack_lvl+0xe8/0x140
[  337.781140][T20636]  dump_stack+0x15/0x1b
[  337.781162][T20636]  dump_header+0x81/0x220
[  337.781257][T20636]  oom_kill_process+0x342/0x400
[  337.781356][T20636]  out_of_memory+0x979/0xb80
[  337.781394][T20636]  try_charge_memcg+0x5e6/0x9e0
[  337.781470][T20636]  obj_cgroup_charge_pages+0xa6/0x150
[  337.781512][T20636]  __memcg_kmem_charge_page+0x9f/0x170
[  337.781615][T20636]  __alloc_frozen_pages_noprof+0x188/0x360
[  337.781660][T20636]  alloc_pages_mpol+0xb3/0x260
[  337.781741][T20636]  ? alloc_pages_noprof+0x61/0x130
[  337.781767][T20636]  alloc_pages_noprof+0x90/0x130
[  337.781785][T20636]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  337.781828][T20636]  __kvmalloc_node_noprof+0x483/0x670
[  337.781895][T20636]  ? ip_set_alloc+0x24/0x30
[  337.781928][T20636]  ? ip_set_alloc+0x24/0x30
[  337.781993][T20636]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  337.782042][T20636]  ip_set_alloc+0x24/0x30
[  337.782074][T20636]  hash_netiface_create+0x282/0x740
[  337.782186][T20636]  ? __pfx_hash_netiface_create+0x10/0x10
[  337.782214][T20636]  ip_set_create+0x3c9/0x970
[  337.782262][T20636]  ? __nla_parse+0x40/0x60
[  337.782344][T20636]  nfnetlink_rcv_msg+0x4c6/0x590
[  337.782399][T20636]  netlink_rcv_skb+0x120/0x220
[  337.782435][T20636]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  337.782476][T20636]  nfnetlink_rcv+0x167/0x16c0
[  337.782500][T20636]  ? kmem_cache_free+0xe4/0x3d0
[  337.782590][T20636]  ? __kfree_skb+0x109/0x150
[  337.782615][T20636]  ? nlmon_xmit+0x4f/0x60
[  337.782697][T20636]  ? consume_skb+0x49/0x150
[  337.782860][T20636]  ? nlmon_xmit+0x4f/0x60
[  337.782892][T20636]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  337.782931][T20636]  ? __dev_queue_xmit+0x1200/0x2000
[  337.782993][T20636]  ? __dev_queue_xmit+0x182/0x2000
[  337.783031][T20636]  ? ref_tracker_free+0x37d/0x3e0
[  337.783073][T20636]  ? __netlink_deliver_tap+0x4dc/0x500
[  337.783130][T20636]  netlink_unicast+0x5bd/0x690
[  337.783184][T20636]  netlink_sendmsg+0x58b/0x6b0
[  337.783227][T20636]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.783266][T20636]  __sock_sendmsg+0x145/0x180
[  337.783442][T20636]  ____sys_sendmsg+0x31e/0x4e0
[  337.783483][T20636]  ___sys_sendmsg+0x17b/0x1d0
[  337.783532][T20636]  __x64_sys_sendmsg+0xd4/0x160
[  337.783621][T20636]  x64_sys_call+0x191e/0x3000
[  337.783672][T20636]  do_syscall_64+0xd2/0x200
[  337.783774][T20636]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  337.783828][T20636]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  337.783859][T20636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.783881][T20636] RIP: 0033:0x7f4f4c99eec9
[  337.783958][T20636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.783997][T20636] RSP: 002b:00007f4f4b407038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.784027][T20636] RAX: ffffffffffffffda RBX: 00007f4f4cbf5fa0 RCX: 00007f4f4c99eec9
[  337.784044][T20636] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  337.784061][T20636] RBP: 00007f4f4ca21f91 R08: 0000000000000000 R09: 0000000000000000
[  337.784077][T20636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.784168][T20636] R13: 00007f4f4cbf6038 R14: 00007f4f4cbf5fa0 R15: 00007fff3581dc48
[  337.784195][T20636]  </TASK>
[  337.784205][T20636] memory: usage 307192kB, limit 307200kB, failcnt 1889
[  337.814494][T20666] loop5: detected capacity change from 0 to 4096
[  337.815818][T20636] memory+swap: usage 307412kB, limit 9007199254740988kB, failcnt 0
[  337.815837][T20636] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0
[  337.826820][T20666] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.829072][T20636] Memory cgroup stats for 
[  337.840119][T20666] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6461: corrupted inode contents
[  337.842835][T20636] /syz0
[  337.848057][T20666] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #15: comm syz.5.6461: mark_inode_dirty error
[  337.853094][T20636] :
[  337.858752][T20666] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6461: corrupted inode contents
[  337.865043][T20636] cache 8192
[  337.869290][T20666] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.6461: mark_inode_dirty error
[  337.874299][T20636] rss 8192
[  337.874308][T20636] shmem 0
[  337.874315][T20636] mapped_file 8192
[  337.874323][T20636] dirty 0
[  337.874329][T20636] writeback 0
[  337.874336][T20636] workingset_refault_anon 1023
[  337.874361][T20636] workingset_refault_file 11378
[  337.874372][T20636] swap 217088
[  337.879533][T20666] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6461: corrupted inode contents
[  337.885188][T20636] swapcached 4096
[  337.885200][T20636] pgpgin 301364
[  337.890816][T20666] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.6461: mark_inode_dirty error
[  337.895144][T20636] pgpgout 301357
[  337.895156][T20636] pgfault 321479
[  337.899827][T20666] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6461: corrupted inode contents
[  337.905258][T20636] pgmajfault 752
[  337.905271][T20636] inactive_anon 8192
[  337.909883][T20666] EXT4-fs error (device loop5): ext4_truncate:4637: inode #15: comm syz.5.6461: mark_inode_dirty error
[  337.914801][T20636] active_anon 0
[  337.922299][T20666] EXT4-fs error (device loop5) in ext4_setattr:6042: Corrupt filesystem
[  337.925157][T20636] inactive_file 20480
[  337.925169][T20636] active_file 0
[  338.351073][T20636] unevictable 0
[  338.354540][T20636] hierarchical_memory_limit 314572800
[  338.359919][T20636] hierarchical_memsw_limit 9223372036854771712
[  338.366060][T20636] total_cache 8192
[  338.369846][T20636] total_rss 8192
[  338.373380][T20636] total_shmem 0
[  338.376850][T20636] total_mapped_file 8192
[  338.381085][T20636] total_dirty 0
[  338.384534][T20636] total_writeback 0
[  338.388516][T20636] total_workingset_refault_anon 1023
[  338.393811][T20636] total_workingset_refault_file 11378
[  338.399198][T20636] total_swap 217088
[  338.403013][T20636] total_swapcached 4096
[  338.407184][T20636] total_pgpgin 301364
[  338.411201][T20636] total_pgpgout 301357
[  338.415335][T20636] total_pgfault 321479
[  338.419425][T20636] total_pgmajfault 752
[  338.423483][T20636] total_inactive_anon 8192
[  338.427908][T20636] total_active_anon 0
[  338.431955][T20636] total_inactive_file 20480
[  338.436467][T20636] total_active_file 0
[  338.440438][T20636] total_unevictable 0
[  338.444407][T20636] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.6451,pid=20634,uid=0
[  338.459165][T20636] Memory cgroup out of memory: Killed process 20634 (syz.0.6451) total-vm:93956kB, anon-rss:1132kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  338.480058][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.562416][T20670] vlan2: entered allmulticast mode
[  338.567641][T20670] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  338.957091][T20709] __nla_validate_parse: 21 callbacks suppressed
[  338.957111][T20709] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6478'.
[  339.044197][T20710] loop4: detected capacity change from 0 to 1024
[  339.051075][T20710] EXT4-fs: Ignoring removed orlov option
[  339.063835][T20710] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.791772][T20715] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6479'.
[  339.810620][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.831472][   T29] kauditd_printk_skb: 669 callbacks suppressed
[  339.831489][   T29] audit: type=1326 audit(851.828:157682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  339.838727][T20717] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6480'.
[  339.880710][   T29] audit: type=1326 audit(851.878:157683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  339.904023][   T29] audit: type=1326 audit(851.878:157684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  339.927147][   T29] audit: type=1326 audit(851.878:157685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  339.950276][   T29] audit: type=1326 audit(851.878:157686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  339.950664][T20717] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  339.973431][   T29] audit: type=1326 audit(851.878:157687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  339.980810][T20717] batman_adv: batadv0: Removing interface: batadv_slave_0
[  340.011023][   T29] audit: type=1326 audit(851.878:157688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  340.033957][   T29] audit: type=1326 audit(851.878:157689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  340.070084][T20717] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  340.077553][T20717] batman_adv: batadv0: Removing interface: batadv_slave_1
[  340.085368][   T29] audit: type=1326 audit(851.878:157690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  340.108457][   T29] audit: type=1326 audit(851.878:157691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20718 comm="syz.1.6481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  340.134469][T20730] netlink: 224 bytes leftover after parsing attributes in process `syz.7.6484'.
[  340.144186][T20730] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6484'.
[  340.163446][T20732] vlan5: entered allmulticast mode
[  340.179561][T20730] 8021q: adding VLAN 0 to HW filter on device bond28
[  340.193457][T20725] vlan6: entered allmulticast mode
[  340.198673][T20725] bond28: entered allmulticast mode
[  340.360242][T20741] loop5: detected capacity change from 0 to 4096
[  340.368775][T20741] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.401260][T20741] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6490: corrupted inode contents
[  340.413645][T20741] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #15: comm syz.5.6490: mark_inode_dirty error
[  340.425351][T20741] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6490: corrupted inode contents
[  340.440968][T20741] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.6490: mark_inode_dirty error
[  340.478830][T20741] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6490: corrupted inode contents
[  340.522231][T20741] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.6490: mark_inode_dirty error
[  340.538150][T20758] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6498'.
[  340.581586][T20741] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6490: corrupted inode contents
[  340.594946][T20741] EXT4-fs error (device loop5): ext4_truncate:4637: inode #15: comm syz.5.6490: mark_inode_dirty error
[  340.663917][T20758] validate_nla: 24 callbacks suppressed
[  340.663936][T20758] netlink: 'syz.0.6498': attribute type 1 has an invalid length.
[  340.677391][T20758] netlink: 'syz.0.6498': attribute type 2 has an invalid length.
[  340.695828][T20741] EXT4-fs error (device loop5) in ext4_setattr:6042: Corrupt filesystem
[  340.849424][T20774] netlink: 'syz.0.6503': attribute type 1 has an invalid length.
[  340.857238][T20774] netlink: 224 bytes leftover after parsing attributes in process `syz.0.6503'.
[  340.867032][T20774] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6503'.
[  340.952465][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.034694][T20774] 8021q: adding VLAN 0 to HW filter on device bond4
[  341.047099][T20775] vlan2: entered allmulticast mode
[  341.052309][T20775] bond4: entered allmulticast mode
[  341.227249][T20791] netlink: 44 bytes leftover after parsing attributes in process `syz.5.6504'.
[  341.242464][T20792] loop4: detected capacity change from 0 to 1024
[  341.249615][T20792] EXT4-fs: Ignoring removed orlov option
[  341.312509][T20792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.337414][T20797] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6513'.
[  341.358757][T20797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.368071][T20797] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  341.399668][T20799] netlink: 'syz.7.6514': attribute type 1 has an invalid length.
[  341.407514][T20799] netlink: 'syz.7.6514': attribute type 2 has an invalid length.
[  341.710061][T20819] netlink: 'syz.7.6523': attribute type 1 has an invalid length.
[  341.787963][T20825] netlink: 'syz.1.6526': attribute type 1 has an invalid length.
[  341.795827][T20825] netlink: 'syz.1.6526': attribute type 2 has an invalid length.
[  342.067165][T20846] netlink: 'syz.0.6533': attribute type 1 has an invalid length.
[  342.092677][T20848] netlink: 'syz.5.6535': attribute type 1 has an invalid length.
[  342.114102][T20846] 8021q: adding VLAN 0 to HW filter on device bond5
[  342.128174][T20848] 8021q: adding VLAN 0 to HW filter on device bond1
[  342.155424][T20846] vlan2: entered allmulticast mode
[  342.160659][T20846] bond5: entered allmulticast mode
[  342.219583][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.235940][T20848] vlan2: entered allmulticast mode
[  342.241322][T20848] bond1: entered allmulticast mode
[  342.380445][T20866] loop4: detected capacity change from 0 to 4096
[  342.407952][T20866] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.460271][T20866] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6540: corrupted inode contents
[  342.527507][T20866] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #15: comm syz.4.6540: mark_inode_dirty error
[  342.568922][T20866] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6540: corrupted inode contents
[  342.604734][T20877] FAULT_INJECTION: forcing a failure.
[  342.604734][T20877] name failslab, interval 1, probability 0, space 0, times 0
[  342.617624][T20877] CPU: 1 UID: 0 PID: 20877 Comm: syz.0.6544 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  342.617725][T20877] Tainted: [W]=WARN
[  342.617734][T20877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  342.617747][T20877] Call Trace:
[  342.617753][T20877]  <TASK>
[  342.617766][T20877]  __dump_stack+0x1d/0x30
[  342.617792][T20877]  dump_stack_lvl+0xe8/0x140
[  342.617818][T20877]  dump_stack+0x15/0x1b
[  342.617878][T20877]  should_fail_ex+0x265/0x280
[  342.617989][T20877]  should_failslab+0x8c/0xb0
[  342.618018][T20877]  kmem_cache_alloc_noprof+0x50/0x480
[  342.618045][T20877]  ? skb_clone+0x151/0x1f0
[  342.618075][T20877]  skb_clone+0x151/0x1f0
[  342.618144][T20877]  __netlink_deliver_tap+0x2c9/0x500
[  342.618177][T20877]  netlink_unicast+0x66b/0x690
[  342.618204][T20877]  netlink_sendmsg+0x58b/0x6b0
[  342.618239][T20877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.618331][T20877]  __sock_sendmsg+0x145/0x180
[  342.618354][T20877]  ____sys_sendmsg+0x31e/0x4e0
[  342.618389][T20877]  ___sys_sendmsg+0x17b/0x1d0
[  342.618554][T20877]  __x64_sys_sendmsg+0xd4/0x160
[  342.618591][T20877]  x64_sys_call+0x191e/0x3000
[  342.618674][T20877]  do_syscall_64+0xd2/0x200
[  342.618697][T20877]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  342.618729][T20877]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  342.618826][T20877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.618884][T20877] RIP: 0033:0x7f4f4c99eec9
[  342.618901][T20877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.618925][T20877] RSP: 002b:00007f4f4b3e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  342.618948][T20877] RAX: ffffffffffffffda RBX: 00007f4f4cbf6090 RCX: 00007f4f4c99eec9
[  342.618964][T20877] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000008
[  342.618996][T20877] RBP: 00007f4f4b3e6090 R08: 0000000000000000 R09: 0000000000000000
[  342.619009][T20877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.619020][T20877] R13: 00007f4f4cbf6128 R14: 00007f4f4cbf6090 R15: 00007fff3581dc48
[  342.619046][T20877]  </TASK>
[  342.625863][T20866] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6540: mark_inode_dirty error
[  342.883562][T20866] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6540: corrupted inode contents
[  342.946468][T20866] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6540: mark_inode_dirty error
[  342.976572][T20866] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6540: corrupted inode contents
[  343.010173][T20866] EXT4-fs error (device loop4): ext4_truncate:4637: inode #15: comm syz.4.6540: mark_inode_dirty error
[  343.048874][T20889] 8021q: adding VLAN 0 to HW filter on device bond6
[  343.056389][T20866] EXT4-fs error (device loop4) in ext4_setattr:6042: Corrupt filesystem
[  343.072010][T20889] vlan2: entered allmulticast mode
[  343.077264][T20889] bond6: entered allmulticast mode
[  343.172842][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.303139][T20902] loop5: detected capacity change from 0 to 1024
[  343.309906][T20902] EXT4-fs: Ignoring removed orlov option
[  343.380438][T20902] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.099783][T20929] loop4: detected capacity change from 0 to 1024
[  344.106778][T20929] EXT4-fs: Ignoring removed orlov option
[  344.119971][T20929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.149096][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.535544][T20943] __nla_validate_parse: 21 callbacks suppressed
[  344.535561][T20943] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6569'.
[  344.551029][T20943] netlink: 196 bytes leftover after parsing attributes in process `syz.7.6569'.
[  344.560520][T20943] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6569'.
[  344.569641][T20943] netlink: 196 bytes leftover after parsing attributes in process `syz.7.6569'.
[  344.584231][T20943] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  344.604992][T20943] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  344.688785][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.746211][T20956] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  344.760580][T20952] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6574'.
[  344.770174][T20952] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6574'.
[  345.212786][T20980] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6583'.
[  345.326598][T20988] netlink: 224 bytes leftover after parsing attributes in process `syz.5.6584'.
[  345.407708][T20982] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6584'.
[  345.423061][T20992] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6587'.
[  345.430914][T20982] 8021q: adding VLAN 0 to HW filter on device bond2
[  345.452650][T20982] vlan2: entered allmulticast mode
[  345.457942][T20982] bond2: entered allmulticast mode
[  345.475947][   T29] kauditd_printk_skb: 117 callbacks suppressed
[  345.475964][   T29] audit: type=1326 audit(857.468:157809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.506472][   T29] audit: type=1326 audit(857.468:157810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.529569][   T29] audit: type=1326 audit(857.468:157811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.552830][   T29] audit: type=1326 audit(857.468:157812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.576004][   T29] audit: type=1326 audit(857.468:157813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.599117][   T29] audit: type=1326 audit(857.468:157814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.622263][   T29] audit: type=1326 audit(857.468:157815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.645426][   T29] audit: type=1326 audit(857.468:157816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.668869][   T29] audit: type=1326 audit(857.598:157817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.692139][   T29] audit: type=1326 audit(857.598:157818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20998 comm="syz.7.6590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  345.725817][T20999] validate_nla: 8 callbacks suppressed
[  345.725844][T20999] netlink: 'syz.7.6590': attribute type 1 has an invalid length.
[  345.739182][T20999] netlink: 'syz.7.6590': attribute type 2 has an invalid length.
[  345.794259][T21003] loop5: detected capacity change from 0 to 4096
[  345.857271][T21003] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.877074][T21003] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6591: corrupted inode contents
[  345.891234][T21003] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #15: comm syz.5.6591: mark_inode_dirty error
[  345.903872][T21003] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6591: corrupted inode contents
[  345.916222][T21003] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.6591: mark_inode_dirty error
[  345.928577][T21003] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6591: corrupted inode contents
[  345.941419][T21003] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.6591: mark_inode_dirty error
[  345.953500][T21003] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.6591: corrupted inode contents
[  345.965767][T21003] EXT4-fs error (device loop5): ext4_truncate:4637: inode #15: comm syz.5.6591: mark_inode_dirty error
[  345.977861][T21003] EXT4-fs error (device loop5) in ext4_setattr:6042: Corrupt filesystem
[  346.007073][T21015] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  346.019272][T21016] netlink: 'syz.0.6595': attribute type 1 has an invalid length.
[  346.029361][T21015] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  346.029368][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.078093][T21016] 8021q: adding VLAN 0 to HW filter on device bond7
[  346.108164][T21013] vlan2: entered allmulticast mode
[  346.113327][T21013] bond7: entered allmulticast mode
[  346.211047][T21027] netlink: 'syz.5.6601': attribute type 1 has an invalid length.
[  346.232655][T21027] 8021q: adding VLAN 0 to HW filter on device bond3
[  346.247149][T21027] vlan2: entered allmulticast mode
[  346.252351][T21027] bond3: entered allmulticast mode
[  346.922379][T21057] netlink: 'syz.7.6610': attribute type 1 has an invalid length.
[  346.930479][T21057] netlink: 'syz.7.6610': attribute type 2 has an invalid length.
[  346.986420][T21061] netlink: 'syz.5.6615': attribute type 1 has an invalid length.
[  347.001460][T21061] 8021q: adding VLAN 0 to HW filter on device bond4
[  347.028690][T21061] vlan2: entered allmulticast mode
[  347.033886][T21061] bond4: entered allmulticast mode
[  347.123450][T21066] SELinux:  policydb string length -501 does not match expected length 8
[  347.132049][T21066] SELinux: failed to load policy
[  347.629034][T21084] loop4: detected capacity change from 0 to 4096
[  347.649025][T21084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.697893][T21084] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6623: corrupted inode contents
[  347.730591][T21084] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #15: comm syz.4.6623: mark_inode_dirty error
[  347.773653][T21084] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6623: corrupted inode contents
[  347.808969][T21084] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6623: mark_inode_dirty error
[  347.823186][T21084] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6623: corrupted inode contents
[  347.835485][T21084] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6623: mark_inode_dirty error
[  347.847308][T21084] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6623: corrupted inode contents
[  347.865309][T21084] EXT4-fs error (device loop4): ext4_truncate:4637: inode #15: comm syz.4.6623: mark_inode_dirty error
[  347.878868][T21084] EXT4-fs error (device loop4) in ext4_setattr:6042: Corrupt filesystem
[  347.907168][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.248508][T21121] netlink: 'syz.0.6638': attribute type 1 has an invalid length.
[  348.256306][T21121] netlink: 'syz.0.6638': attribute type 2 has an invalid length.
[  348.492775][T21129] loop7: detected capacity change from 0 to 1024
[  348.499822][T21129] EXT4-fs: Ignoring removed orlov option
[  348.591963][T21129] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.119949][T21143] loop4: detected capacity change from 0 to 1024
[  349.126843][T21143] EXT4-fs: Ignoring removed orlov option
[  349.172264][T21143] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.319439][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.557626][T21149] netlink: 'syz.7.6648': attribute type 1 has an invalid length.
[  349.817113][T21160] __nla_validate_parse: 18 callbacks suppressed
[  349.817128][T21160] netlink: 32 bytes leftover after parsing attributes in process `syz.5.6654'.
[  349.849283][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.922813][T21162] netlink: 224 bytes leftover after parsing attributes in process `syz.0.6655'.
[  349.932495][T21162] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6655'.
[  349.956887][T21162] 8021q: adding VLAN 0 to HW filter on device bond8
[  349.998556][T21162] vlan2: entered allmulticast mode
[  350.003736][T21162] bond8: entered allmulticast mode
[  350.106445][T21184] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6663'.
[  350.194074][T21188] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6665'.
[  350.203252][T21188] netlink: 196 bytes leftover after parsing attributes in process `syz.7.6665'.
[  350.215521][T21188] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6665'.
[  350.224949][T21188] netlink: 196 bytes leftover after parsing attributes in process `syz.7.6665'.
[  350.242008][T21188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  350.250696][T21188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.440770][T21199] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6670'.
[  350.450688][T21199] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6670'.
[  350.470252][T21199] 8021q: adding VLAN 0 to HW filter on device bond13
[  350.487808][T21199] vlan5: entered allmulticast mode
[  350.492967][T21199] bond13: entered allmulticast mode
[  350.569175][   T29] kauditd_printk_skb: 223 callbacks suppressed
[  350.569208][   T29] audit: type=1326 audit(862.568:158042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.608518][   T29] audit: type=1326 audit(862.598:158043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.631830][   T29] audit: type=1326 audit(862.598:158044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.654924][   T29] audit: type=1326 audit(862.598:158045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.678025][   T29] audit: type=1326 audit(862.598:158046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.701116][   T29] audit: type=1326 audit(862.598:158047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.724358][   T29] audit: type=1326 audit(862.598:158048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.747488][   T29] audit: type=1326 audit(862.598:158049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.770613][   T29] audit: type=1326 audit(862.598:158050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  350.793715][   T29] audit: type=1326 audit(862.598:158051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21201 comm="syz.4.6671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  351.014043][T21216] validate_nla: 11 callbacks suppressed
[  351.014060][T21216] netlink: 'syz.7.6676': attribute type 1 has an invalid length.
[  351.115476][T21216] 8021q: adding VLAN 0 to HW filter on device bond29
[  351.135059][T21219] vlan6: entered allmulticast mode
[  351.140296][T21219] bond29: entered allmulticast mode
[  351.451090][T21224] netlink: 'syz.5.6678': attribute type 1 has an invalid length.
[  351.468962][T21224] 8021q: adding VLAN 0 to HW filter on device bond5
[  351.484867][T21224] vlan2: entered allmulticast mode
[  351.490096][T21224] bond5: entered allmulticast mode
[  352.352938][T21257] netlink: 'syz.1.6690': attribute type 1 has an invalid length.
[  352.360995][T21257] netlink: 'syz.1.6690': attribute type 2 has an invalid length.
[  352.442758][T21258] loop7: detected capacity change from 0 to 1024
[  352.449735][T21258] EXT4-fs: Ignoring removed orlov option
[  352.530968][T21258] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.042462][T21276] loop5: detected capacity change from 0 to 1024
[  353.049577][T21276] EXT4-fs: Ignoring removed orlov option
[  353.104114][T21278] netlink: 'syz.0.6695': attribute type 1 has an invalid length.
[  353.112392][T21278] netlink: 'syz.0.6695': attribute type 2 has an invalid length.
[  353.250468][T21276] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.291392][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.818854][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.060234][T21293] loop5: detected capacity change from 0 to 1024
[  354.067154][T21293] EXT4-fs: Ignoring removed orlov option
[  354.348882][T21293] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.546923][T21304] loop7: detected capacity change from 0 to 1024
[  354.554220][T21304] EXT4-fs: Ignoring removed orlov option
[  354.624278][T21304] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.878240][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.902262][T21296] loop4: detected capacity change from 0 to 4096
[  354.927698][T21296] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.950933][T21296] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6700: corrupted inode contents
[  354.989635][T21296] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #15: comm syz.4.6700: mark_inode_dirty error
[  355.017106][T21296] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6700: corrupted inode contents
[  355.058073][T21296] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6700: mark_inode_dirty error
[  355.091796][T21296] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6700: corrupted inode contents
[  355.119792][T21296] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6700: mark_inode_dirty error
[  355.137188][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.156310][T21296] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6700: corrupted inode contents
[  355.187573][T21326] __nla_validate_parse: 7 callbacks suppressed
[  355.187591][T21326] netlink: 40 bytes leftover after parsing attributes in process `syz.7.6712'.
[  355.189043][T21296] EXT4-fs error (device loop4): ext4_truncate:4637: inode #15: comm syz.4.6700: mark_inode_dirty error
[  355.216550][T21296] EXT4-fs error (device loop4) in ext4_setattr:6042: Corrupt filesystem
[  355.258191][T21328] netlink: 'syz.1.6713': attribute type 1 has an invalid length.
[  355.266000][T21328] netlink: 'syz.1.6713': attribute type 2 has an invalid length.
[  355.275218][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.295366][T21329] netlink: 'syz.7.6712': attribute type 1 has an invalid length.
[  355.303313][T21329] netlink: 'syz.7.6712': attribute type 2 has an invalid length.
[  355.589596][T21336] loop4: detected capacity change from 0 to 1024
[  355.596708][T21336] EXT4-fs: Ignoring removed orlov option
[  355.650510][T21336] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.736378][   T29] kauditd_printk_skb: 110 callbacks suppressed
[  355.736397][   T29] audit: type=1400 audit(867.728:158162): avc:  denied  { create } for  pid=21339 comm="syz.0.6716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  355.890649][   T29] audit: type=1400 audit(867.848:158163): avc:  denied  { sys_admin } for  pid=21339 comm="syz.0.6716" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  356.283161][T21343] netlink: 'syz.0.6717': attribute type 1 has an invalid length.
[  356.291027][T21343] netlink: 224 bytes leftover after parsing attributes in process `syz.0.6717'.
[  356.300399][T21343] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6717'.
[  356.315555][T21343] 8021q: adding VLAN 0 to HW filter on device bond9
[  356.369716][T21343] vlan2: entered allmulticast mode
[  356.374944][T21343] bond9: entered allmulticast mode
[  356.401616][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.650915][T21372] loop4: detected capacity change from 0 to 1024
[  356.657675][T21372] EXT4-fs: Ignoring removed orlov option
[  356.749153][T21372] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.064120][   T29] audit: type=1326 audit(869.058:158164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.7.6731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  357.110981][T21380] netlink: 'syz.7.6731': attribute type 1 has an invalid length.
[  357.118797][T21380] netlink: 'syz.7.6731': attribute type 2 has an invalid length.
[  357.122499][   T29] audit: type=1326 audit(869.088:158165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.7.6731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  357.149694][   T29] audit: type=1326 audit(869.098:158166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.7.6731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  357.172854][   T29] audit: type=1326 audit(869.098:158167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.7.6731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  357.196030][   T29] audit: type=1326 audit(869.098:158168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.7.6731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  357.219295][   T29] audit: type=1326 audit(869.098:158169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.7.6731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  357.242410][   T29] audit: type=1326 audit(869.098:158170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.7.6731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  357.265543][   T29] audit: type=1326 audit(869.098:158171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.7.6731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  357.403093][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.449426][T21387] netlink: 'syz.4.6735': attribute type 1 has an invalid length.
[  357.457237][T21387] netlink: 224 bytes leftover after parsing attributes in process `syz.4.6735'.
[  357.478117][T21387] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6735'.
[  357.538183][T21387] 8021q: adding VLAN 0 to HW filter on device bond2
[  357.550791][T21387] vlan2: entered allmulticast mode
[  357.555946][T21387] bond2: entered allmulticast mode
[  357.604999][T21400] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6740'.
[  357.622029][T21400] netlink: 'syz.1.6740': attribute type 1 has an invalid length.
[  357.629873][T21400] netlink: 'syz.1.6740': attribute type 2 has an invalid length.
[  357.809935][T21413] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6746'.
[  357.890154][T21416] loop4: detected capacity change from 0 to 1024
[  357.897013][T21416] EXT4-fs: Ignoring removed orlov option
[  357.958763][T21416] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.721859][T21441] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6753'.
[  358.774123][T21441] netlink: 'syz.0.6753': attribute type 1 has an invalid length.
[  358.782015][T21441] netlink: 'syz.0.6753': attribute type 2 has an invalid length.
[  358.809013][T21444] netlink: 'syz.5.6754': attribute type 1 has an invalid length.
[  358.816920][T21444] netlink: 224 bytes leftover after parsing attributes in process `syz.5.6754'.
[  358.915626][T21443] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6754'.
[  358.916502][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.940973][T21443] 8021q: adding VLAN 0 to HW filter on device bond6
[  358.954860][T21443] vlan2: entered allmulticast mode
[  358.960152][T21443] bond6: entered allmulticast mode
[  359.415259][T21472] loop4: detected capacity change from 0 to 1024
[  359.422352][T21472] EXT4-fs: Ignoring removed orlov option
[  359.433794][T21472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  360.356093][T21483] loop7: detected capacity change from 0 to 4096
[  360.387026][T21483] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  360.414595][T21488] __nla_validate_parse: 2 callbacks suppressed
[  360.414690][T21488] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6770'.
[  360.435800][T21489] netlink: 'syz.1.6769': attribute type 1 has an invalid length.
[  360.443808][T21489] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6769'.
[  360.453320][T21489] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6769'.
[  360.493748][T21489] 8021q: adding VLAN 0 to HW filter on device bond14
[  360.505997][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.519183][T21489] vlan5: entered allmulticast mode
[  360.524310][T21489] bond14: entered allmulticast mode
[  360.528557][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.646570][T21509] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6777'.
[  360.720114][T21513] loop7: detected capacity change from 0 to 4096
[  360.779098][T21513] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  360.807515][T21513] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6779: corrupted inode contents
[  360.821094][T21513] EXT4-fs error (device loop7): ext4_dirty_inode:6509: inode #15: comm syz.7.6779: mark_inode_dirty error
[  360.836749][T21513] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6779: corrupted inode contents
[  361.121349][T21513] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6779: mark_inode_dirty error
[  361.181322][T21513] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6779: corrupted inode contents
[  361.230741][T21513] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6779: mark_inode_dirty error
[  361.242683][T21513] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6779: corrupted inode contents
[  361.255075][T21513] EXT4-fs error (device loop7): ext4_truncate:4637: inode #15: comm syz.7.6779: mark_inode_dirty error
[  361.268644][T21513] EXT4-fs error (device loop7) in ext4_setattr:6042: Corrupt filesystem
[  361.294529][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.493813][T21528] 9pnet_fd: Insufficient options for proto=fd
[  361.527789][   T29] kauditd_printk_skb: 78 callbacks suppressed
[  361.527807][   T29] audit: type=1326 audit(873.528:158250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.557194][   T29] audit: type=1326 audit(873.528:158251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.580335][   T29] audit: type=1326 audit(873.528:158252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.603538][   T29] audit: type=1326 audit(873.528:158253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.626639][   T29] audit: type=1326 audit(873.528:158254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.664253][   T29] audit: type=1326 audit(873.528:158255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.687393][   T29] audit: type=1326 audit(873.528:158256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.710503][   T29] audit: type=1326 audit(873.528:158257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.733630][   T29] audit: type=1326 audit(873.528:158258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.757221][   T29] audit: type=1326 audit(873.528:158259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.7.6785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5d749beec9 code=0x7ffc0000
[  361.760188][T21536] netlink: 60 bytes leftover after parsing attributes in process `syz.5.6788'.
[  361.789348][T21536] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6788'.
[  361.901498][T21538] validate_nla: 4 callbacks suppressed
[  361.901516][T21538] netlink: 'syz.1.6789': attribute type 1 has an invalid length.
[  361.914899][T21538] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6789'.
[  361.929938][T21538] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6789'.
[  361.946930][T21538] 8021q: adding VLAN 0 to HW filter on device bond15
[  362.017260][T21547] loop7: detected capacity change from 0 to 1024
[  362.024097][T21547] EXT4-fs: Ignoring removed orlov option
[  362.099268][T21547] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.422777][T21554] netlink: 'syz.5.6793': attribute type 1 has an invalid length.
[  362.430733][T21554] netlink: 'syz.5.6793': attribute type 2 has an invalid length.
[  362.438643][T21543] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6791'.
[  362.513940][T21560] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6796'.
[  362.664149][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.518723][T21577] loop7: detected capacity change from 0 to 1024
[  363.525491][T21577] EXT4-fs: Ignoring removed orlov option
[  363.599549][T21577] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.030808][T21585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  364.086860][T21585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  364.101328][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.193755][T21592] netlink: 'syz.0.6806': attribute type 1 has an invalid length.
[  364.201569][T21592] netlink: 'syz.0.6806': attribute type 2 has an invalid length.
[  364.807472][T21627] 9pnet_fd: Insufficient options for proto=fd
[  364.827278][T21628] netlink: 'syz.1.6818': attribute type 1 has an invalid length.
[  364.835171][T21628] netlink: 'syz.1.6818': attribute type 2 has an invalid length.
[  365.192321][T21640] netlink: 'syz.7.6823': attribute type 1 has an invalid length.
[  365.225607][T21640] 8021q: adding VLAN 0 to HW filter on device bond30
[  365.262208][T21638] vlan6: entered allmulticast mode
[  365.267543][T21638] bond30: entered allmulticast mode
[  365.959017][T21652] loop7: detected capacity change from 0 to 4096
[  366.000946][T21656] __nla_validate_parse: 8 callbacks suppressed
[  366.000962][T21656] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6829'.
[  366.041905][T21652] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.082580][T21664] netlink: 'syz.1.6832': attribute type 1 has an invalid length.
[  366.084404][T21652] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6828: corrupted inode contents
[  366.131123][T21652] EXT4-fs error (device loop7): ext4_dirty_inode:6509: inode #15: comm syz.7.6828: mark_inode_dirty error
[  366.144803][T21667] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6833'.
[  366.149115][T21652] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6828: corrupted inode contents
[  366.168673][T21652] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6828: mark_inode_dirty error
[  366.180265][T21652] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6828: corrupted inode contents
[  366.192708][T21652] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6828: mark_inode_dirty error
[  366.194022][T21669] FAULT_INJECTION: forcing a failure.
[  366.194022][T21669] name failslab, interval 1, probability 0, space 0, times 0
[  366.216730][T21669] CPU: 0 UID: 0 PID: 21669 Comm: syz.5.6834 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  366.216770][T21669] Tainted: [W]=WARN
[  366.216779][T21669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  366.216845][T21669] Call Trace:
[  366.216853][T21669]  <TASK>
[  366.216862][T21669]  __dump_stack+0x1d/0x30
[  366.216911][T21669]  dump_stack_lvl+0xe8/0x140
[  366.216934][T21669]  dump_stack+0x15/0x1b
[  366.217034][T21669]  should_fail_ex+0x265/0x280
[  366.217077][T21669]  should_failslab+0x8c/0xb0
[  366.217106][T21669]  kmem_cache_alloc_noprof+0x50/0x480
[  366.217138][T21669]  ? skb_clone+0x151/0x1f0
[  366.217197][T21669]  skb_clone+0x151/0x1f0
[  366.217223][T21669]  __netlink_deliver_tap+0x2c9/0x500
[  366.217269][T21669]  netlink_unicast+0x66b/0x690
[  366.217353][T21669]  netlink_sendmsg+0x58b/0x6b0
[  366.217390][T21669]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.217423][T21669]  __sock_sendmsg+0x145/0x180
[  366.217445][T21669]  ____sys_sendmsg+0x31e/0x4e0
[  366.217554][T21669]  ___sys_sendmsg+0x17b/0x1d0
[  366.217664][T21669]  __x64_sys_sendmsg+0xd4/0x160
[  366.217695][T21669]  x64_sys_call+0x191e/0x3000
[  366.217718][T21669]  do_syscall_64+0xd2/0x200
[  366.217743][T21669]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  366.217832][T21669]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  366.217858][T21669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.217884][T21669] RIP: 0033:0x7f1ae8afeec9
[  366.217903][T21669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.217924][T21669] RSP: 002b:00007f1ae755f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  366.217943][T21669] RAX: ffffffffffffffda RBX: 00007f1ae8d55fa0 RCX: 00007f1ae8afeec9
[  366.218003][T21669] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[  366.218019][T21669] RBP: 00007f1ae755f090 R08: 0000000000000000 R09: 0000000000000000
[  366.218034][T21669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.218048][T21669] R13: 00007f1ae8d56038 R14: 00007f1ae8d55fa0 R15: 00007ffe5e556208
[  366.218072][T21669]  </TASK>
[  366.218297][T21669] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6834'.
[  366.249488][T21652] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6828: corrupted inode contents
[  366.264119][T21673] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6836'.
[  366.409941][T21652] EXT4-fs error (device loop7): ext4_truncate:4637: inode #15: comm syz.7.6828: mark_inode_dirty error
[  366.470786][T21652] EXT4-fs error (device loop7) in ext4_setattr:6042: Corrupt filesystem
[  366.497404][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.509342][T21681] netlink: 32 bytes leftover after parsing attributes in process `syz.5.6838'.
[  366.584209][T21683] loop4: detected capacity change from 0 to 1024
[  366.591114][T21683] EXT4-fs: Ignoring removed orlov option
[  366.600853][T21683] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.788631][T21688] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  367.097075][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.202500][T21696] loop7: detected capacity change from 0 to 1024
[  367.209481][T21696] EXT4-fs: Ignoring removed orlov option
[  367.303228][   T29] kauditd_printk_skb: 89 callbacks suppressed
[  367.303301][   T29] audit: type=1326 audit(879.298:158349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.424226][   T29] audit: type=1326 audit(879.328:158350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.447390][   T29] audit: type=1326 audit(879.328:158351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.470574][   T29] audit: type=1326 audit(879.328:158352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.493809][   T29] audit: type=1326 audit(879.328:158353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.517047][   T29] audit: type=1326 audit(879.328:158354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.540167][   T29] audit: type=1326 audit(879.328:158355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.563289][   T29] audit: type=1326 audit(879.328:158356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.586666][   T29] audit: type=1326 audit(879.328:158357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.609650][   T29] audit: type=1326 audit(879.338:158358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21701 comm="syz.1.6844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  367.666058][T21696] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.813331][T21718] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6851'.
[  367.990118][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.072962][T21723] loop5: detected capacity change from 0 to 1024
[  368.079847][T21723] EXT4-fs: Ignoring removed orlov option
[  368.085375][T21734] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6858'.
[  368.158821][T21737] loop4: detected capacity change from 0 to 1024
[  368.165656][T21737] EXT4-fs: Ignoring removed orlov option
[  368.241742][T21723] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.272375][T21737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.378765][T21745] FAULT_INJECTION: forcing a failure.
[  368.378765][T21745] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.392236][T21745] CPU: 1 UID: 0 PID: 21745 Comm: syz.1.6859 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  368.392297][T21745] Tainted: [W]=WARN
[  368.392328][T21745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  368.392343][T21745] Call Trace:
[  368.392352][T21745]  <TASK>
[  368.392362][T21745]  __dump_stack+0x1d/0x30
[  368.392387][T21745]  dump_stack_lvl+0xe8/0x140
[  368.392479][T21745]  dump_stack+0x15/0x1b
[  368.392500][T21745]  should_fail_ex+0x265/0x280
[  368.392576][T21745]  should_fail+0xb/0x20
[  368.392611][T21745]  should_fail_usercopy+0x1a/0x20
[  368.392635][T21745]  _copy_from_user+0x1c/0xb0
[  368.392744][T21745]  set_selection_user+0x4a/0xe0
[  368.392774][T21745]  tioclinux+0x347/0x460
[  368.392800][T21745]  vt_ioctl+0x75f/0x18a0
[  368.392823][T21745]  ? tty_jobctrl_ioctl+0x29e/0x810
[  368.392924][T21745]  tty_ioctl+0x7d8/0xb80
[  368.392949][T21745]  ? __pfx_tty_ioctl+0x10/0x10
[  368.392974][T21745]  __se_sys_ioctl+0xcb/0x140
[  368.393063][T21745]  __x64_sys_ioctl+0x43/0x50
[  368.393100][T21745]  x64_sys_call+0x1816/0x3000
[  368.393119][T21745]  do_syscall_64+0xd2/0x200
[  368.393151][T21745]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  368.393180][T21745]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  368.393200][T21745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.393244][T21745] RIP: 0033:0x7fc19205eec9
[  368.393263][T21745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.393279][T21745] RSP: 002b:00007fc190abf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  368.393297][T21745] RAX: ffffffffffffffda RBX: 00007fc1922b5fa0 RCX: 00007fc19205eec9
[  368.393308][T21745] RDX: 0000200000001900 RSI: 000000000000541c RDI: 0000000000000003
[  368.393366][T21745] RBP: 00007fc190abf090 R08: 0000000000000000 R09: 0000000000000000
[  368.393381][T21745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.393394][T21745] R13: 00007fc1922b6038 R14: 00007fc1922b5fa0 R15: 00007ffd12855c88
[  368.393413][T21745]  </TASK>
[  368.658788][T21753] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6863'.
[  368.674571][T21753] netlink: 'syz.1.6863': attribute type 1 has an invalid length.
[  368.682655][T21753] netlink: 'syz.1.6863': attribute type 2 has an invalid length.
[  368.719649][T21751] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.733014][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.745194][T21756] ������: renamed from vlan1 (while UP)
[  368.823984][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.857461][T21751] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.920618][T21766] netlink: 'syz.1.6868': attribute type 1 has an invalid length.
[  368.928567][T21766] netlink: 'syz.1.6868': attribute type 2 has an invalid length.
[  368.996788][T21769] loop5: detected capacity change from 0 to 1024
[  369.003626][T21769] EXT4-fs: Ignoring removed orlov option
[  369.071031][T21751] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.138821][T21769] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.361259][T21751] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.444291][T21777] loop7: detected capacity change from 0 to 1024
[  369.451078][T21777] EXT4-fs: Ignoring removed orlov option
[  369.470296][T21777] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.873975][T18648] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  369.886628][T18618] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  369.903433][T18618] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  369.912712][T18618] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  369.990964][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.099059][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.117835][T21787] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6875'.
[  370.178073][T21792] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6877'.
[  370.209361][T21793] netlink: 'syz.0.6875': attribute type 1 has an invalid length.
[  370.217173][T21793] netlink: 'syz.0.6875': attribute type 2 has an invalid length.
[  370.474320][T21802] loop7: detected capacity change from 0 to 1024
[  370.481170][T21802] EXT4-fs: Ignoring removed orlov option
[  370.543371][T21802] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.689380][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.865971][T21822] loop4: detected capacity change from 0 to 4096
[  371.911645][T21822] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.021355][T21822] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6885: corrupted inode contents
[  372.036207][T21832] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6890'.
[  372.053684][T21822] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #15: comm syz.4.6885: mark_inode_dirty error
[  372.070550][T21822] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6885: corrupted inode contents
[  372.082841][T21822] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6885: mark_inode_dirty error
[  372.094597][T21822] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6885: corrupted inode contents
[  372.122559][T21822] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6885: mark_inode_dirty error
[  372.150876][T21822] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6885: corrupted inode contents
[  372.180208][T21822] EXT4-fs error (device loop4): ext4_truncate:4637: inode #15: comm syz.4.6885: mark_inode_dirty error
[  372.194277][T21822] EXT4-fs error (device loop4) in ext4_setattr:6042: Corrupt filesystem
[  372.249607][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.289623][T21838] netlink: 'syz.0.6892': attribute type 1 has an invalid length.
[  372.297430][T21838] netlink: 'syz.0.6892': attribute type 2 has an invalid length.
[  372.305490][T21840] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6893'.
[  372.377208][T21841] netlink: 'syz.4.6893': attribute type 1 has an invalid length.
[  372.385050][T21841] netlink: 'syz.4.6893': attribute type 2 has an invalid length.
[  373.012866][T21845] loop7: detected capacity change from 0 to 1024
[  373.019875][T21845] EXT4-fs: Ignoring removed orlov option
[  373.207940][T21845] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  373.505307][T21852] 9pnet_fd: Insufficient options for proto=fd
[  373.738485][T21864] netlink: 'syz.4.6900': attribute type 1 has an invalid length.
[  373.746260][T21864] netlink: 224 bytes leftover after parsing attributes in process `syz.4.6900'.
[  373.764490][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.774628][T21863] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6900'.
[  373.795398][T21866] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6902'.
[  373.798830][T21863] 8021q: adding VLAN 0 to HW filter on device bond3
[  373.833082][T21863] vlan2: entered allmulticast mode
[  373.838380][T21863] bond3: entered allmulticast mode
[  373.884493][T21875] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6905'.
[  373.912657][T21871] loop9: detected capacity change from 0 to 7
[  373.918997][T21871] Buffer I/O error on dev loop9, logical block 0, async page read
[  373.926928][T21871] Buffer I/O error on dev loop9, logical block 0, async page read
[  373.934749][T21871]  loop9: unable to read partition table
[  373.940506][T21871] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  373.940506][T21871] 
) failed (rc=-5)
[  373.970869][T21881] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6907'.
[  373.984096][T21879] netlink: 'syz.7.6906': attribute type 1 has an invalid length.
[  373.991958][T21879] netlink: 224 bytes leftover after parsing attributes in process `syz.7.6906'.
[  374.001092][T21871] FAULT_INJECTION: forcing a failure.
[  374.001092][T21871] name failslab, interval 1, probability 0, space 0, times 0
[  374.013728][T21871] CPU: 1 UID: 0 PID: 21871 Comm: syz.5.6903 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  374.013815][T21871] Tainted: [W]=WARN
[  374.013823][T21871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  374.013838][T21871] Call Trace:
[  374.013845][T21871]  <TASK>
[  374.013853][T21871]  __dump_stack+0x1d/0x30
[  374.013901][T21871]  dump_stack_lvl+0xe8/0x140
[  374.013924][T21871]  dump_stack+0x15/0x1b
[  374.013940][T21871]  should_fail_ex+0x265/0x280
[  374.014011][T21871]  ? bdev_disk_changed+0x311/0xcb0
[  374.014040][T21871]  should_failslab+0x8c/0xb0
[  374.014066][T21871]  __kmalloc_cache_noprof+0x4c/0x4a0
[  374.014116][T21871]  bdev_disk_changed+0x311/0xcb0
[  374.014153][T21871]  loop_reread_partitions+0x48/0xb0
[  374.014204][T21871]  lo_ioctl+0x1286/0x12b0
[  374.014264][T21871]  ? blkdev_common_ioctl+0xad6/0x1ad0
[  374.014340][T21871]  ? do_vfs_ioctl+0x866/0xe10
[  374.014360][T21871]  ? selinux_file_ioctl+0x308/0x3a0
[  374.014445][T21871]  ? __pfx_lo_ioctl+0x10/0x10
[  374.014476][T21871]  ? __pfx_blkdev_ioctl+0x10/0x10
[  374.014572][T21871]  blkdev_ioctl+0x356/0x440
[  374.014666][T21871]  ? __pfx_blkdev_ioctl+0x10/0x10
[  374.014701][T21871]  __se_sys_ioctl+0xcb/0x140
[  374.014811][T21871]  __x64_sys_ioctl+0x43/0x50
[  374.014850][T21871]  x64_sys_call+0x1816/0x3000
[  374.014873][T21871]  do_syscall_64+0xd2/0x200
[  374.014920][T21871]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  374.014949][T21871]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  374.014972][T21871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.014995][T21871] RIP: 0033:0x7f1ae8afeec9
[  374.015032][T21871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.015051][T21871] RSP: 002b:00007f1ae755f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  374.015089][T21871] RAX: ffffffffffffffda RBX: 00007f1ae8d55fa0 RCX: 00007f1ae8afeec9
[  374.015103][T21871] RDX: 0000000000000004 RSI: 0000000000004c06 RDI: 0000000000000005
[  374.015116][T21871] RBP: 00007f1ae755f090 R08: 0000000000000000 R09: 0000000000000000
[  374.015128][T21871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  374.015141][T21871] R13: 00007f1ae8d56038 R14: 00007f1ae8d55fa0 R15: 00007ffe5e556208
[  374.015161][T21871]  </TASK>
[  374.015850][T21879] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6906'.
[  374.066673][T21881] netlink: 'syz.1.6907': attribute type 1 has an invalid length.
[  374.078281][T21879] 8021q: adding VLAN 0 to HW filter on device bond31
[  374.080561][T21881] netlink: 'syz.1.6907': attribute type 2 has an invalid length.
[  374.111434][T21883] 9pnet_fd: Insufficient options for proto=fd
[  374.176208][T21879] vlan6: entered allmulticast mode
[  374.285640][T21879] bond31: entered allmulticast mode
[  374.420207][T21902] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.484260][T21911] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6920'.
[  374.499786][T21911] netlink: 'syz.1.6920': attribute type 1 has an invalid length.
[  374.507677][T21911] netlink: 'syz.1.6920': attribute type 2 has an invalid length.
[  374.589386][T21913] loop5: detected capacity change from 0 to 1024
[  374.596129][T21913] EXT4-fs: Ignoring removed orlov option
[  374.607658][T21906] netlink: 'syz.7.6918': attribute type 1 has an invalid length.
[  374.636081][T21906] 8021q: adding VLAN 0 to HW filter on device bond32
[  374.667526][T21913] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  374.750233][T21917] 9pnet_fd: Insufficient options for proto=fd
[  374.811818][T21919] 9pnet_fd: Insufficient options for proto=fd
[  375.038034][T21921] loop4: detected capacity change from 0 to 4096
[  375.049228][T21902] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.062860][T21921] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.077221][T21921] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6923: corrupted inode contents
[  375.090943][T21921] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #15: comm syz.4.6923: mark_inode_dirty error
[  375.103512][T21921] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6923: corrupted inode contents
[  375.117260][T21902] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.117854][T21921] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6923: mark_inode_dirty error
[  375.139774][T21921] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6923: corrupted inode contents
[  375.154565][T21921] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6923: mark_inode_dirty error
[  375.187275][T21921] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6923: corrupted inode contents
[  375.202065][T21902] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.212860][T21921] EXT4-fs error (device loop4): ext4_truncate:4637: inode #15: comm syz.4.6923: mark_inode_dirty error
[  375.225881][T21934] loop7: detected capacity change from 0 to 4096
[  375.233505][T21921] EXT4-fs error (device loop4) in ext4_setattr:6042: Corrupt filesystem
[  375.246405][T21934] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.270246][   T29] kauditd_printk_skb: 196 callbacks suppressed
[  375.270264][   T29] audit: type=1400 audit(887.268:158555): avc:  denied  { mount } for  pid=21935 comm="syz.1.6930" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  375.271528][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.279378][   T29] audit: type=1400 audit(887.278:158556): avc:  denied  { watch } for  pid=21935 comm="syz.1.6930" path="/276/file0/bus" dev="sysfs" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  375.303879][T21934] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6929: corrupted inode contents
[  375.383219][T21934] EXT4-fs error (device loop7): ext4_dirty_inode:6509: inode #15: comm syz.7.6929: mark_inode_dirty error
[  375.396517][T21934] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6929: corrupted inode contents
[  375.408878][T18631] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  375.421053][T18631] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  375.425840][T21941] netlink: 'syz.4.6932': attribute type 1 has an invalid length.
[  375.429894][T21934] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6929: mark_inode_dirty error
[  375.437239][T21941] netlink: 'syz.4.6932': attribute type 2 has an invalid length.
[  375.449424][T21934] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6929: corrupted inode contents
[  375.457832][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.477447][T21934] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6929: mark_inode_dirty error
[  375.499132][T18623] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  375.520856][T18623] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  375.532574][T21934] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6929: corrupted inode contents
[  375.549767][T21934] EXT4-fs error (device loop7): ext4_truncate:4637: inode #15: comm syz.7.6929: mark_inode_dirty error
[  375.591542][T21951] 9pnet_fd: Insufficient options for proto=fd
[  375.600403][T21934] EXT4-fs error (device loop7) in ext4_setattr:6042: Corrupt filesystem
[  375.675871][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.947591][T21975] loop4: detected capacity change from 0 to 1024
[  375.954449][T21975] EXT4-fs: Ignoring removed orlov option
[  376.113301][T21975] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.149718][T21980] netlink: 'syz.7.6945': attribute type 1 has an invalid length.
[  376.279130][T21983] 8021q: adding VLAN 0 to HW filter on device bond33
[  376.376789][T21986] 9pnet_fd: Insufficient options for proto=fd
[  376.393910][   T29] audit: type=1326 audit(888.388:158557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21987 comm="syz.1.6948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  376.446499][   T29] audit: type=1326 audit(888.418:158558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21987 comm="syz.1.6948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  376.469735][   T29] audit: type=1326 audit(888.418:158559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21987 comm="syz.1.6948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  376.492940][   T29] audit: type=1326 audit(888.418:158560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21987 comm="syz.1.6948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  376.516289][   T29] audit: type=1326 audit(888.418:158561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21987 comm="syz.1.6948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  376.539627][   T29] audit: type=1326 audit(888.418:158562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21987 comm="syz.1.6948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  376.562923][   T29] audit: type=1326 audit(888.418:158563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21987 comm="syz.1.6948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  376.586258][   T29] audit: type=1326 audit(888.418:158564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21987 comm="syz.1.6948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc19205eec9 code=0x7ffc0000
[  376.911188][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.058164][T22027] loop5: detected capacity change from 0 to 1024
[  377.064730][T22027] EXT4-fs: Ignoring removed orlov option
[  377.078357][T22027] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.111577][T22026] loop7: detected capacity change from 0 to 4096
[  377.127011][T22026] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.141612][T22026] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6967: corrupted inode contents
[  377.156990][T22026] EXT4-fs error (device loop7): ext4_dirty_inode:6509: inode #15: comm syz.7.6967: mark_inode_dirty error
[  377.168932][T22026] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6967: corrupted inode contents
[  377.201061][T22026] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6967: mark_inode_dirty error
[  377.213272][T22026] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6967: corrupted inode contents
[  377.225539][T22026] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6967: mark_inode_dirty error
[  377.237084][T22026] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6967: corrupted inode contents
[  377.249161][T22026] EXT4-fs error (device loop7): ext4_truncate:4637: inode #15: comm syz.7.6967: mark_inode_dirty error
[  377.260497][T22026] EXT4-fs error (device loop7) in ext4_setattr:6042: Corrupt filesystem
[  377.284768][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.367687][T22040] __nla_validate_parse: 7 callbacks suppressed
[  377.367705][T22040] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6971'.
[  377.385899][T22042] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6972'.
[  377.661874][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.797642][T22057] 9pnet_fd: Insufficient options for proto=fd
[  377.821645][T22059] netlink: 32 bytes leftover after parsing attributes in process `syz.5.6979'.
[  378.268686][T22063] loop7: detected capacity change from 0 to 4096
[  378.280489][T22065] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6982'.
[  378.280999][T22063] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.289535][T22065] netlink: 196 bytes leftover after parsing attributes in process `syz.1.6982'.
[  378.293555][T22065] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6982'.
[  378.307347][T22063] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6980: corrupted inode contents
[  378.329621][T22065] netlink: 196 bytes leftover after parsing attributes in process `syz.1.6982'.
[  378.333447][T22063] EXT4-fs error (device loop7): ext4_dirty_inode:6509: inode #15: comm syz.7.6980: mark_inode_dirty error
[  378.353003][T22063] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6980: corrupted inode contents
[  378.365294][T22063] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6980: mark_inode_dirty error
[  378.377081][T22063] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6980: corrupted inode contents
[  378.389574][T22069] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6981'.
[  378.403548][T22063] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.6980: mark_inode_dirty error
[  378.405818][T22065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  378.415351][T22063] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.6980: corrupted inode contents
[  378.435603][T22063] EXT4-fs error (device loop7): ext4_truncate:4637: inode #15: comm syz.7.6980: mark_inode_dirty error
[  378.438833][T22065] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  378.448372][T22063] EXT4-fs error (device loop7) in ext4_setattr:6042: Corrupt filesystem
[  378.488748][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.531027][T22074] netlink: 224 bytes leftover after parsing attributes in process `syz.7.6983'.
[  378.540757][T22074] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6983'.
[  378.555207][T22074] 8021q: adding VLAN 0 to HW filter on device bond34
[  378.567488][T22074] vlan6: entered allmulticast mode
[  378.572667][T22074] bond34: entered allmulticast mode
[  378.806274][T22091] loop4: detected capacity change from 0 to 1024
[  378.813006][T22091] EXT4-fs: Ignoring removed orlov option
[  378.909462][T22091] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.112660][T22097] validate_nla: 7 callbacks suppressed
[  379.118249][T22097] netlink: 'syz.5.6989': attribute type 1 has an invalid length.
[  379.126158][T22097] netlink: 'syz.5.6989': attribute type 2 has an invalid length.
[  379.644781][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.796738][T22104] 9pnet_fd: Insufficient options for proto=fd
[  379.842376][T22108] loop4: detected capacity change from 0 to 4096
[  379.851483][T22108] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.865942][T22108] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6993: corrupted inode contents
[  379.878827][T22108] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #15: comm syz.4.6993: mark_inode_dirty error
[  379.890958][T22108] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6993: corrupted inode contents
[  379.903397][T22108] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6993: mark_inode_dirty error
[  379.916749][T22108] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6993: corrupted inode contents
[  379.929960][T22108] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.6993: mark_inode_dirty error
[  379.934479][T22107] netlink: 'syz.7.6992': attribute type 1 has an invalid length.
[  379.942203][T22108] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.6993: corrupted inode contents
[  379.949006][T22107] netlink: 'syz.7.6992': attribute type 2 has an invalid length.
[  379.969989][T22108] EXT4-fs error (device loop4): ext4_truncate:4637: inode #15: comm syz.4.6993: mark_inode_dirty error
[  379.999997][T22108] EXT4-fs error (device loop4) in ext4_setattr:6042: Corrupt filesystem
[  380.029637][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.130873][T22128] loop5: detected capacity change from 0 to 256
[  380.156272][T22128] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  380.219433][T22137] netlink: 'syz.7.7008': attribute type 1 has an invalid length.
[  380.227369][T22137] netlink: 'syz.7.7008': attribute type 2 has an invalid length.
[  380.397294][T22162] netlink: 'syz.5.7020': attribute type 1 has an invalid length.
[  380.405134][T22162] netlink: 'syz.5.7020': attribute type 2 has an invalid length.
[  380.503150][T22166] loop5: detected capacity change from 0 to 8192
[  380.741036][T22194] netlink: 'syz.1.7034': attribute type 1 has an invalid length.
[  380.748870][T22194] netlink: 'syz.1.7034': attribute type 2 has an invalid length.
[  380.774655][T22190] 8021q: adding VLAN 0 to HW filter on device bond7
[  380.784453][T22198] 9pnet_fd: Insufficient options for proto=fd
[  380.789856][T22190] vlan2: entered allmulticast mode
[  380.795763][T22190] bond7: entered allmulticast mode
[  381.025485][T22211] loop5: detected capacity change from 0 to 1024
[  381.032434][T22211] EXT4-fs: Ignoring removed orlov option
[  381.041038][T22211] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  381.451450][T22238] 8021q: adding VLAN 0 to HW filter on device bond4
[  381.466797][T22238] vlan2: entered allmulticast mode
[  381.471988][T22238] bond4: entered allmulticast mode
[  381.538854][   T29] kauditd_printk_skb: 120 callbacks suppressed
[  381.538939][   T29] audit: type=1326 audit(893.538:158685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.569185][   T29] audit: type=1326 audit(893.538:158686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.592863][   T29] audit: type=1326 audit(893.538:158687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.616478][   T29] audit: type=1326 audit(893.538:158688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.639759][   T29] audit: type=1326 audit(893.538:158689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.663052][   T29] audit: type=1326 audit(893.538:158690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.686325][   T29] audit: type=1326 audit(893.538:158691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.709633][   T29] audit: type=1326 audit(893.538:158692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.733038][   T29] audit: type=1326 audit(893.538:158693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.756554][   T29] audit: type=1326 audit(893.538:158694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22241 comm="syz.4.7052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  381.804958][T22249] 9pnet_fd: Insufficient options for proto=fd
[  381.929574][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.967831][T22265] 8021q: adding VLAN 0 to HW filter on device bond10
[  381.980393][T22265] vlan1: entered allmulticast mode
[  381.985554][T22265] bond10: entered allmulticast mode
[  382.007523][T22267] 8021q: adding VLAN 0 to HW filter on device bond8
[  382.297761][T22293] 8021q: adding VLAN 0 to HW filter on device bond9
[  382.381515][T22298] __nla_validate_parse: 28 callbacks suppressed
[  382.381532][T22298] netlink: 224 bytes leftover after parsing attributes in process `syz.5.7075'.
[  382.398450][T22298] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7075'.
[  382.466777][T22298] 8021q: adding VLAN 0 to HW filter on device bond10
[  382.481548][T22297] vlan2: entered allmulticast mode
[  382.486764][T22297] bond10: entered allmulticast mode
[  382.941569][T22317] loop7: detected capacity change from 0 to 1024
[  382.948639][T22317] EXT4-fs: Ignoring removed orlov option
[  382.958258][T22317] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.243061][T22321] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7083'.
[  383.272348][T22323] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7084'.
[  383.392833][T22331] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7087'.
[  383.402306][T22332] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7088'.
[  383.530850][T22335] loop4: detected capacity change from 0 to 1024
[  383.537804][T22335] EXT4-fs: Ignoring removed orlov option
[  383.696429][T22338] loop5: detected capacity change from 0 to 1024
[  383.703470][T22338] EXT4-fs: Ignoring removed orlov option
[  383.715894][T22338] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.854888][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.868626][T22335] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.903234][T22343] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7089'.
[  384.269875][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.270562][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.322289][T22347] validate_nla: 14 callbacks suppressed
[  384.322303][T22347] netlink: 'syz.4.7091': attribute type 1 has an invalid length.
[  384.335830][T22347] netlink: 224 bytes leftover after parsing attributes in process `syz.4.7091'.
[  384.347613][T22347] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7091'.
[  384.369835][T22347] 8021q: adding VLAN 0 to HW filter on device bond5
[  384.387982][T22347] vlan2: entered allmulticast mode
[  384.393201][T22347] bond5: entered allmulticast mode
[  384.415258][T22352] netlink: 'syz.1.7092': attribute type 1 has an invalid length.
[  384.423121][T22352] netlink: 224 bytes leftover after parsing attributes in process `syz.1.7092'.
[  384.441062][T22352] 8021q: adding VLAN 0 to HW filter on device bond16
[  384.471512][T22352] vlan5: entered allmulticast mode
[  384.476692][T22352] bond16: entered allmulticast mode
[  384.597301][T22370] loop5: detected capacity change from 0 to 1024
[  384.604102][T22370] EXT4-fs: Ignoring removed orlov option
[  384.679353][T22370] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.337574][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.400727][T22390] netlink: 'syz.4.7105': attribute type 1 has an invalid length.
[  385.408596][T22390] netlink: 'syz.4.7105': attribute type 2 has an invalid length.
[  385.698098][T22410] loop7: detected capacity change from 0 to 4096
[  385.707276][T22410] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.728228][T22414] siw: device registration error -23
[  385.733684][T22410] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.7115: corrupted inode contents
[  385.750456][T22410] EXT4-fs error (device loop7): ext4_dirty_inode:6509: inode #15: comm syz.7.7115: mark_inode_dirty error
[  385.762303][T22410] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.7115: corrupted inode contents
[  385.775316][T22410] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.7115: mark_inode_dirty error
[  385.786941][T22410] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.7115: corrupted inode contents
[  385.799730][T22410] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.7115: mark_inode_dirty error
[  385.811236][T22410] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.7115: corrupted inode contents
[  385.823309][T22410] EXT4-fs error (device loop7): ext4_truncate:4637: inode #15: comm syz.7.7115: mark_inode_dirty error
[  385.834910][T22410] EXT4-fs error (device loop7) in ext4_setattr:6042: Corrupt filesystem
[  385.857255][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.891103][T22421] loop7: detected capacity change from 0 to 512
[  385.907829][T22421] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.7117: casefold flag without casefold feature
[  385.920692][T22421] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.7117: couldn't read orphan inode 15 (err -117)
[  385.933215][T22421] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.991771][T22426] netlink: 'syz.5.7119': attribute type 1 has an invalid length.
[  385.999629][T22426] netlink: 'syz.5.7119': attribute type 2 has an invalid length.
[  386.116550][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.631903][T22453] loop5: detected capacity change from 0 to 1024
[  386.638605][T22453] EXT4-fs: Ignoring removed orlov option
[  386.650649][T22453] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.984027][T22458] loop7: detected capacity change from 0 to 4096
[  387.004475][T22460] netlink: 'syz.4.7132': attribute type 1 has an invalid length.
[  387.012284][T22460] netlink: 'syz.4.7132': attribute type 2 has an invalid length.
[  387.043086][   T29] kauditd_printk_skb: 90 callbacks suppressed
[  387.043106][   T29] audit: type=1326 audit(899.038:158785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.072428][   T29] audit: type=1326 audit(899.038:158786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.078713][T22458] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.095505][   T29] audit: type=1326 audit(899.038:158787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.131006][   T29] audit: type=1326 audit(899.038:158788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.154148][   T29] audit: type=1326 audit(899.038:158789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.177294][   T29] audit: type=1326 audit(899.038:158790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.200329][   T29] audit: type=1326 audit(899.038:158791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.201440][T22458] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.7131: corrupted inode contents
[  387.223549][   T29] audit: type=1326 audit(899.038:158792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.258427][   T29] audit: type=1326 audit(899.038:158793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.268780][T22458] EXT4-fs error (device loop7): ext4_dirty_inode:6509: inode #15: comm syz.7.7131: mark_inode_dirty error
[  387.281536][   T29] audit: type=1326 audit(899.038:158794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22464 comm="syz.4.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f7e8cd6eec9 code=0x7ffc0000
[  387.307559][T22467] netlink: 'syz.1.7134': attribute type 1 has an invalid length.
[  387.324902][T22458] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.7131: corrupted inode contents
[  387.337838][T22458] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.7131: mark_inode_dirty error
[  387.349908][T22458] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.7131: corrupted inode contents
[  387.362991][T22467] 8021q: adding VLAN 0 to HW filter on device bond17
[  387.379755][T22467] vlan5: entered allmulticast mode
[  387.384985][T22467] bond17: entered allmulticast mode
[  387.394157][T22458] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.7131: mark_inode_dirty error
[  387.405832][T22458] EXT4-fs error (device loop7): ext4_do_update_inode:5624: inode #15: comm syz.7.7131: corrupted inode contents
[  387.419314][T22458] EXT4-fs error (device loop7): ext4_truncate:4637: inode #15: comm syz.7.7131: mark_inode_dirty error
[  387.431296][T22458] EXT4-fs error (device loop7) in ext4_setattr:6042: Corrupt filesystem
[  387.446764][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.500930][T22480] loop4: detected capacity change from 0 to 4096
[  387.513120][T22480] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.513644][T14087] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.547609][T22480] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.7140: corrupted inode contents
[  387.566410][T22483] netlink: 'syz.0.7142': attribute type 1 has an invalid length.
[  387.566932][T22480] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #15: comm syz.4.7140: mark_inode_dirty error
[  387.574164][T22483] __nla_validate_parse: 9 callbacks suppressed
[  387.574198][T22483] netlink: 224 bytes leftover after parsing attributes in process `syz.0.7142'.
[  387.575648][T22483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7142'.
[  387.586078][T22480] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.7140: corrupted inode contents
[  387.621504][T22492] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7146'.
[  387.631000][T22480] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.7140: mark_inode_dirty error
[  387.649336][T22483] 8021q: adding VLAN 0 to HW filter on device bond11
[  387.663284][T22486] vlan1: entered allmulticast mode
[  387.668628][T22486] bond11: entered allmulticast mode
[  387.686813][T22495] 9pnet_fd: Insufficient options for proto=fd
[  387.694729][T22480] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.7140: corrupted inode contents
[  387.707452][T22480] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.7140: mark_inode_dirty error
[  387.726495][T22480] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.7140: corrupted inode contents
[  387.746385][T22480] EXT4-fs error (device loop4): ext4_truncate:4637: inode #15: comm syz.4.7140: mark_inode_dirty error
[  387.763047][T22480] EXT4-fs error (device loop4) in ext4_setattr:6042: Corrupt filesystem
[  387.796936][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.971436][T22524] 9pnet_fd: Insufficient options for proto=fd
[  388.002075][T22526] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7160'.
[  388.002291][T14087] syz_tun (unregistering): left allmulticast mode
[  388.139157][T22528] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7161'.
[  388.187295][T18618] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.261475][T22542] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7164'.
[  388.272001][T18618] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.317893][T22560] 9pnet_fd: Insufficient options for proto=fd
[  388.340056][T22563] 9pnet_fd: Insufficient options for proto=fd
[  388.370594][T22565] ipvlan0: entered allmulticast mode
[  388.375942][T22565] veth0_vlan: entered allmulticast mode
[  388.383909][T22565] team0: Device ipvlan0 failed to register rx_handler
[  388.401208][T18618] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.410130][T22565] loop5: detected capacity change from 0 to 136
[  388.417915][T22565] iso9660: Unknown parameter 'Q'
[  388.482125][T18618] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.504739][T22571] loop4: detected capacity change from 0 to 4096
[  388.556105][T22571] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.572933][T22577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7177'.
[  388.628512][T22571] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.7174: corrupted inode contents
[  388.653022][T18618] bridge_slave_0: left allmulticast mode
[  388.658826][T18618] bridge_slave_0: left promiscuous mode
[  388.664519][T18618] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.676476][T22571] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #15: comm syz.4.7174: mark_inode_dirty error
[  388.703766][T22597] FAULT_INJECTION: forcing a failure.
[  388.703766][T22597] name failslab, interval 1, probability 0, space 0, times 0
[  388.716516][T22597] CPU: 0 UID: 0 PID: 22597 Comm: syz.1.7183 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  388.716550][T22597] Tainted: [W]=WARN
[  388.716557][T22597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  388.716570][T22597] Call Trace:
[  388.716576][T22597]  <TASK>
[  388.716584][T22597]  __dump_stack+0x1d/0x30
[  388.716611][T22597]  dump_stack_lvl+0xe8/0x140
[  388.716707][T22597]  dump_stack+0x15/0x1b
[  388.716724][T22597]  should_fail_ex+0x265/0x280
[  388.716764][T22597]  ? __pfx_sock_alloc_inode+0x10/0x10
[  388.716907][T22597]  should_failslab+0x8c/0xb0
[  388.716940][T22597]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  388.716976][T22597]  ? sock_alloc_inode+0x34/0xa0
[  388.717003][T22597]  ? __pfx_sock_alloc_inode+0x10/0x10
[  388.717099][T22597]  sock_alloc_inode+0x34/0xa0
[  388.717124][T22597]  alloc_inode+0x40/0x170
[  388.717201][T22597]  __sock_create+0x122/0x5b0
[  388.717223][T22597]  __sys_socketpair+0x170/0x430
[  388.717248][T22597]  ? ksys_write+0x192/0x1a0
[  388.717277][T22597]  __x64_sys_socketpair+0x52/0x60
[  388.717378][T22597]  x64_sys_call+0x2bf6/0x3000
[  388.717398][T22597]  do_syscall_64+0xd2/0x200
[  388.717423][T22597]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  388.717515][T22597]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  388.717542][T22597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.717568][T22597] RIP: 0033:0x7fc192060e1a
[  388.717586][T22597] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.717612][T22597] RSP: 002b:00007fc190abef78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  388.717634][T22597] RAX: ffffffffffffffda RBX: 00007fc1922b5f00 RCX: 00007fc192060e1a
[  388.717646][T22597] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  388.717657][T22597] RBP: 00007fc190abf090 R08: 0000000000000000 R09: 0000000000000000
[  388.717672][T22597] R10: 00007fc190abef98 R11: 0000000000000246 R12: 0000000000000002
[  388.717687][T22597] R13: 00007fc1922b6038 R14: 00007fc1922b5fa0 R15: 00007ffd12855c88
[  388.717711][T22597]  </TASK>
[  388.717721][T22597] net_ratelimit: 30 callbacks suppressed
[  388.717775][T22597] socket: no more sockets
[  388.790960][T22571] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.7174: corrupted inode contents
[  388.946712][T22571] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.7174: mark_inode_dirty error
[  388.962423][T22571] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.7174: corrupted inode contents
[  388.984894][T22571] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.7174: mark_inode_dirty error
[  388.997820][T22571] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #15: comm syz.4.7174: corrupted inode contents
[  389.011127][T22571] EXT4-fs error (device loop4): ext4_truncate:4637: inode #15: comm syz.4.7174: mark_inode_dirty error
[  389.024099][T22571] EXT4-fs error (device loop4) in ext4_setattr:6042: Corrupt filesystem
[  389.042079][T18618] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  389.091599][T18618] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  389.111406][T18618] bond0 (unregistering): Released all slaves
[  389.120027][T19997] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.120697][T18618] bond1 (unregistering): Released all slaves
[  389.131595][T22610] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7186'.
[  389.146806][T18618] bond2 (unregistering): Released all slaves
[  389.158072][T18618] bond3 (unregistering): Released all slaves
[  389.166645][T18618] bond4 (unregistering): Released all slaves
[  389.175499][T18618] bond5 (unregistering): Released all slaves
[  389.184794][T18618] bond6 (unregistering): Released all slaves
[  389.185794][T22614] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  389.197335][T22614] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  389.205105][T22614] vhci_hcd vhci_hcd.0: Device attached
[  389.216129][T18618] bond7 (unregistering): Released all slaves
[  389.216208][T22614] loop4: detected capacity change from 0 to 256
[  389.230582][T22614] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF
[  389.239252][T22614] FAT-fs (loop4): Filesystem has been set read-only
[  389.241057][T18618] bond8 (unregistering): Released all slaves
[  389.254970][T18618] bond9 (unregistering): Released all slaves
[  389.264789][T18618] bond10 (unregistering): Released all slaves
[  389.275069][T18618] bond11 (unregistering): Released all slaves
[  389.285098][T18618] bond12 (unregistering): Released all slaves
[  389.295480][T18618] bond13 (unregistering): Released all slaves
[  389.306597][T18618] bond14 (unregistering): Released all slaves
[  389.316216][T18618] bond15 (unregistering): Released all slaves
[  389.327184][T18618] bond16 (unregistering): Released all slaves
[  389.339252][T18618] bond17 (unregistering): Released all slaves
[  389.348960][T18618] bond18 (unregistering): Released all slaves
[  389.360574][T18618] bond19 (unregistering): Released all slaves
[  389.371335][T18618] bond20 (unregistering): Released all slaves
[  389.380198][T18618] bond21 (unregistering): Released all slaves
[  389.390832][T18618] bond22 (unregistering): Released all slaves
[  389.400460][T18618] bond23 (unregistering): Released all slaves
[  389.406400][ T3398] vhci_hcd: vhci_device speed not set
[  389.411726][T18618] bond24 (unregistering): Released all slaves
[  389.425304][T18618] bond25 (unregistering): Released all slaves
[  389.436259][T18618] bond26 (unregistering): Released all slaves
[  389.447612][T18618] bond27 (unregistering): Released all slaves
[  389.456614][T18618] bond28 (unregistering): Released all slaves
[  389.465754][T18618] bond29 (unregistering): Released all slaves
[  389.474237][T18618] bond30 (unregistering): Released all slaves
[  389.476389][ T3398] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[  389.483487][T18618] bond31 (unregistering): Released all slaves
[  389.503534][T18618] bond32 (unregistering): Released all slaves
[  389.514898][T18618] bond33 (unregistering): Released all slaves
[  389.523662][T18618] bond34 (unregistering): Released all slaves
[  389.549071][T22530] chnl_net:caif_netlink_parms(): no params data found
[  389.598169][T18618] tipc: Left network mode
[  389.626219][T18618] hsr_slave_0: left promiscuous mode
[  389.631996][T18618] hsr_slave_1: left promiscuous mode
[  389.637637][T18618] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  389.645033][T18618] batman_adv: batadv0: Removing interface: batadv_slave_0
[  389.652594][T18618] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  389.660000][T18618] batman_adv: batadv0: Removing interface: batadv_slave_1
[  389.670259][T18618] veth1_macvtap: left promiscuous mode
[  389.675790][T18618] veth0_macvtap: left promiscuous mode
[  389.681374][T18618] veth1_vlan: left promiscuous mode
[  389.686634][T18618] veth0_vlan: left promiscuous mode
[  389.750482][T18618] team0 (unregistering): Port device team_slave_1 removed
[  389.760793][T18618] team0 (unregistering): Port device team_slave_0 removed
[  389.875721][T22530] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.882990][T22530] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.890478][T22530] bridge_slave_0: entered allmulticast mode
[  389.896574][T22615] vhci_hcd: connection reset by peer
[  389.897243][T22530] bridge_slave_0: entered promiscuous mode
[  389.906638][T18643] vhci_hcd: stop threads
[  389.911984][T18643] vhci_hcd: release socket
[  389.916471][T18643] vhci_hcd: disconnect device
[  389.920971][T22530] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.928401][T22530] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.937166][T22530] bridge_slave_1: entered allmulticast mode
[  389.943640][T22530] bridge_slave_1: entered promiscuous mode
[  389.973752][T22530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.991971][T22530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  390.035162][T22530] team0: Port device team_slave_0 added
[  390.043283][T22530] team0: Port device team_slave_1 added
[  390.080139][T22530] batman_adv: batadv0: Adding interface: batadv_slave_0
[  390.087191][T22530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  390.113153][T22530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  390.124766][T22530] batman_adv: batadv0: Adding interface: batadv_slave_1
[  390.131801][T22530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  390.135157][T22644] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7191'.
[  390.157793][T22530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  390.235246][T22530] hsr_slave_0: entered promiscuous mode
[  390.241662][T22530] hsr_slave_1: entered promiscuous mode
[  390.247697][T22530] debugfs: 'hsr0' already exists in 'hsr'
[  390.253466][T22530] Cannot create hsr debugfs directory
[  390.969714][T22530] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  390.980381][T22530] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  390.989775][T22530] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  391.003759][T22530] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  391.060603][T22677] loop5: detected capacity change from 0 to 4096
[  391.074115][T22677] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.080285][T22530] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.098970][T22677] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.7205: corrupted inode contents
[  391.106952][T22530] 8021q: adding VLAN 0 to HW filter on device team0
[  391.111105][T22677] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #15: comm syz.5.7205: mark_inode_dirty error
[  391.121554][T18614] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.135809][T18614] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.145380][T22677] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.7205: corrupted inode contents
[  391.158841][T18614] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.165969][T18614] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.173869][T22677] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.7205: mark_inode_dirty error
[  391.188884][T22677] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.7205: corrupted inode contents
[  391.213425][T22677] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.7205: mark_inode_dirty error
[  391.226687][T22677] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.7205: corrupted inode contents
[  391.245448][T22677] EXT4-fs error (device loop5): ext4_truncate:4637: inode #15: comm syz.5.7205: mark_inode_dirty error
[  391.257054][T22677] EXT4-fs error (device loop5) in ext4_setattr:6042: Corrupt filesystem
[  391.259069][T22684] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7206'.
[  391.281737][T22684] validate_nla: 5 callbacks suppressed
[  391.281782][T22684] netlink: 'syz.4.7206': attribute type 1 has an invalid length.
[  391.295121][T22684] netlink: 'syz.4.7206': attribute type 2 has an invalid length.
[  391.304431][T20218] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.321466][T22530] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.481275][T22530] veth0_vlan: entered promiscuous mode
[  391.489349][T22530] veth1_vlan: entered promiscuous mode
[  391.512220][T22530] veth0_macvtap: entered promiscuous mode
[  391.522403][T22530] veth1_macvtap: entered promiscuous mode
[  391.533479][T22530] batman_adv: batadv0: Interface activated: batadv_slave_0
[  391.545794][T22530] batman_adv: batadv0: Interface activated: batadv_slave_1
[  391.563451][T18614] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  391.574700][T18614] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  391.592629][T18614] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  391.602133][T18614] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  391.679106][T22729] netlink: 'syz.7.7158': attribute type 1 has an invalid length.
[  391.688159][T22729] 8021q: VLANs not supported on tunl0
[  391.774691][T22738] netlink: 'syz.7.7219': attribute type 1 has an invalid length.
[  391.782595][T22738] netlink: 'syz.7.7219': attribute type 2 has an invalid length.
[  392.193778][T22733] syz.7.7219 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  392.208130][T22733] CPU: 0 UID: 0 PID: 22733 Comm: syz.7.7219 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  392.208161][T22733] Tainted: [W]=WARN
[  392.208167][T22733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  392.208246][T22733] Call Trace:
[  392.208284][T22733]  <TASK>
[  392.208292][T22733]  __dump_stack+0x1d/0x30
[  392.208358][T22733]  dump_stack_lvl+0xe8/0x140
[  392.208376][T22733]  dump_stack+0x15/0x1b
[  392.208391][T22733]  dump_header+0x81/0x220
[  392.208530][T22733]  oom_kill_process+0x342/0x400
[  392.208630][T22733]  out_of_memory+0x979/0xb80
[  392.208662][T22733]  try_charge_memcg+0x5e6/0x9e0
[  392.208684][T22733]  ? bpf_trace_run4+0x134/0x1d0
[  392.208717][T22733]  obj_cgroup_charge_pages+0xa6/0x150
[  392.208872][T22733]  __memcg_kmem_charge_page+0x9f/0x170
[  392.208904][T22733]  __alloc_frozen_pages_noprof+0x188/0x360
[  392.208940][T22733]  alloc_pages_mpol+0xb3/0x260
[  392.208989][T22733]  alloc_pages_noprof+0x90/0x130
[  392.209006][T22733]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  392.209046][T22733]  __kvmalloc_node_noprof+0x483/0x670
[  392.209088][T22733]  ? ip_set_alloc+0x24/0x30
[  392.209110][T22733]  ? ip_set_alloc+0x24/0x30
[  392.209132][T22733]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  392.209220][T22733]  ip_set_alloc+0x24/0x30
[  392.209241][T22733]  hash_netiface_create+0x282/0x740
[  392.209277][T22733]  ? __pfx_hash_netiface_create+0x10/0x10
[  392.209302][T22733]  ip_set_create+0x3c9/0x970
[  392.209341][T22733]  nfnetlink_rcv_msg+0x4c6/0x590
[  392.209381][T22733]  netlink_rcv_skb+0x120/0x220
[  392.209446][T22733]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  392.209473][T22733]  nfnetlink_rcv+0x167/0x16c0
[  392.209492][T22733]  ? kmem_cache_free+0xe4/0x3d0
[  392.209557][T22733]  ? __kfree_skb+0x109/0x150
[  392.209593][T22733]  ? nlmon_xmit+0x4f/0x60
[  392.209627][T22733]  ? consume_skb+0x49/0x150
[  392.209655][T22733]  ? nlmon_xmit+0x4f/0x60
[  392.209684][T22733]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  392.209725][T22733]  ? __dev_queue_xmit+0x1200/0x2000
[  392.209943][T22733]  ? __dev_queue_xmit+0x182/0x2000
[  392.209988][T22733]  ? ref_tracker_free+0x37d/0x3e0
[  392.210037][T22733]  ? __netlink_deliver_tap+0x4dc/0x500
[  392.210081][T22733]  netlink_unicast+0x5bd/0x690
[  392.210150][T22733]  netlink_sendmsg+0x58b/0x6b0
[  392.210252][T22733]  ? __pfx_netlink_sendmsg+0x10/0x10
[  392.210318][T22733]  __sock_sendmsg+0x145/0x180
[  392.210342][T22733]  ____sys_sendmsg+0x31e/0x4e0
[  392.210373][T22733]  ___sys_sendmsg+0x17b/0x1d0
[  392.210414][T22733]  __x64_sys_sendmsg+0xd4/0x160
[  392.210480][T22733]  x64_sys_call+0x191e/0x3000
[  392.210501][T22733]  do_syscall_64+0xd2/0x200
[  392.210522][T22733]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  392.210549][T22733]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  392.210603][T22733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.210630][T22733] RIP: 0033:0x7fb4a700eec9
[  392.210671][T22733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.210698][T22733] RSP: 002b:00007fb4a5a6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  392.210726][T22733] RAX: ffffffffffffffda RBX: 00007fb4a7265fa0 RCX: 00007fb4a700eec9
[  392.210739][T22733] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  392.210756][T22733] RBP: 00007fb4a7091f91 R08: 0000000000000000 R09: 0000000000000000
[  392.210774][T22733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  392.210790][T22733] R13: 00007fb4a7266038 R14: 00007fb4a7265fa0 R15: 00007fff2d5d0a08
[  392.210872][T22733]  </TASK>
[  392.210878][T22733] memory: usage 307200kB, limit 307200kB, failcnt 287
[  392.563522][T22733] memory+swap: usage 307368kB, limit 9007199254740988kB, failcnt 0
[  392.571524][T22733] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[  392.578856][T22733] Memory cgroup stats for /syz7:
[  392.579222][T22733] cache 0
[  392.587181][T22733] rss 4096
[  392.590242][T22733] shmem 0
[  392.593194][T22733] mapped_file 0
[  392.596746][T22733] dirty 0
[  392.599805][T22733] writeback 0
[  392.603178][T22733] workingset_refault_anon 251
[  392.607933][T22733] workingset_refault_file 0
[  392.612409][T22742] 9pnet: p9_errstr2errno: server reported unknown error ����
[  392.612444][T22733] swap 172032
[  392.612456][T22733] swapcached 16384
[  392.626867][T22733] pgpgin 246763
[  392.630326][T22733] pgpgout 246758
[  392.633866][T22733] pgfault 241089
[  392.637417][T22733] pgmajfault 139
[  392.640980][T22733] inactive_anon 4096
[  392.644905][T22733] active_anon 12288
[  392.648731][T22733] inactive_file 0
[  392.652351][T22733] active_file 4096
[  392.656116][T22733] unevictable 0
[  392.659575][T22733] hierarchical_memory_limit 314572800
[  392.664934][T22733] hierarchical_memsw_limit 9223372036854771712
[  392.671152][T22733] total_cache 0
[  392.674708][T22733] total_rss 4096
[  392.678281][T22733] total_shmem 0
[  392.681726][T22733] total_mapped_file 0
[  392.685689][T22733] total_dirty 0
[  392.689181][T22733] total_writeback 0
[  392.692977][T22733] total_workingset_refault_anon 251
[  392.698196][T22733] total_workingset_refault_file 0
[  392.703205][T22733] total_swap 172032
[  392.707048][T22733] total_swapcached 16384
[  392.711295][T22733] total_pgpgin 246763
[  392.715335][T22733] total_pgpgout 246758
[  392.719530][T22733] total_pgfault 241089
[  392.723588][T22733] total_pgmajfault 139
[  392.727686][T22733] total_inactive_anon 4096
[  392.732091][T22733] total_active_anon 12288
[  392.736492][T22733] total_inactive_file 0
[  392.740698][T22733] total_active_file 4096
[  392.744947][T22733] total_unevictable 0
[  392.748938][T22733] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.7219,pid=22732,uid=0
[  392.763657][T22733] Memory cgroup out of memory: Killed process 22732 (syz.7.7219) total-vm:93884kB, anon-rss:1132kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  392.979184][T22756] netlink: 'syz.7.7229': attribute type 1 has an invalid length.
[  392.986974][T22756] __nla_validate_parse: 4 callbacks suppressed
[  392.987045][T22756] netlink: 224 bytes leftover after parsing attributes in process `syz.7.7229'.
[  393.002677][T22756] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7229'.
[  393.012311][T22756] 8021q: VLANs not supported on ip6_vti0
[  393.126623][T22766] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7234'.
[  393.182044][T22762] loop7: detected capacity change from 0 to 1024
[  393.188878][T22762] EXT4-fs: Ignoring removed orlov option
[  393.196959][T22762] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.805691][T22773] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7235'.
[  393.829527][   T29] kauditd_printk_skb: 75 callbacks suppressed
[  393.829544][   T29] audit: type=1400 audit(905.828:158870): avc:  denied  { mounton } for  pid=22771 comm="syz.4.7235" path="/syzcgroup/unified/syz4" dev="cgroup2" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  394.038041][T22780] loop5: detected capacity change from 0 to 8192
[  394.144651][   T29] audit: type=1326 audit(906.138:158871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.171947][T22783] ==================================================================
[  394.180055][T22783] BUG: KCSAN: data-race in delete_from_page_cache_batch / folio_mapping
[  394.188411][T22783] 
[  394.190737][T22783] write to 0xffffea000613be18 of 8 bytes by task 22784 on cpu 0:
[  394.198447][T22783]  delete_from_page_cache_batch+0x2f6/0x6f0
[  394.204336][T22783]  truncate_inode_pages_range+0x1ba/0x780
[  394.210055][T22783]  truncate_setsize+0x9b/0xc0
[  394.214732][T22783]  aio_free_ring+0x47/0x1e0
[  394.219260][T22783]  aio_setup_ring+0x5dc/0x760
[  394.223945][T22783]  ioctx_alloc+0x2c4/0x4e0
[  394.228364][T22783]  __se_sys_io_setup+0x6b/0x1b0
[  394.233213][T22783]  __x64_sys_io_setup+0x31/0x40
[  394.238077][T22783]  x64_sys_call+0x2f0e/0x3000
[  394.242750][T22783]  do_syscall_64+0xd2/0x200
[  394.247255][T22783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.253145][T22783] 
[  394.255462][T22783] read to 0xffffea000613be18 of 8 bytes by task 22783 on cpu 1:
[  394.263081][T22783]  folio_mapping+0xa1/0xe0
[  394.267498][T22783]  evict_folios+0xe05/0x3590
[  394.272087][T22783]  try_to_shrink_lruvec+0x5b5/0x950
[  394.277288][T22783]  shrink_lruvec+0x22e/0x1b50
[  394.281961][T22783]  shrink_node+0x686/0x2120
[  394.286464][T22783]  do_try_to_free_pages+0x3f6/0xcd0
[  394.291659][T22783]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  394.297552][T22783]  try_charge_memcg+0x358/0x9e0
[  394.302404][T22783]  obj_cgroup_charge_pages+0xa6/0x150
[  394.307782][T22783]  __memcg_kmem_charge_page+0x9f/0x170
[  394.313244][T22783]  __alloc_frozen_pages_noprof+0x188/0x360
[  394.319060][T22783]  alloc_pages_mpol+0xb3/0x260
[  394.323843][T22783]  alloc_pages_noprof+0x90/0x130
[  394.328774][T22783]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  394.334596][T22783]  __kvmalloc_node_noprof+0x483/0x670
[  394.339974][T22783]  ip_set_alloc+0x24/0x30
[  394.344303][T22783]  hash_netiface_create+0x282/0x740
[  394.349503][T22783]  ip_set_create+0x3c9/0x970
[  394.354096][T22783]  nfnetlink_rcv_msg+0x4c6/0x590
[  394.359055][T22783]  netlink_rcv_skb+0x120/0x220
[  394.363825][T22783]  nfnetlink_rcv+0x167/0x16c0
[  394.368509][T22783]  netlink_unicast+0x5bd/0x690
[  394.373267][T22783]  netlink_sendmsg+0x58b/0x6b0
[  394.378036][T22783]  __sock_sendmsg+0x145/0x180
[  394.382718][T22783]  ____sys_sendmsg+0x31e/0x4e0
[  394.387481][T22783]  ___sys_sendmsg+0x17b/0x1d0
[  394.392159][T22783]  __x64_sys_sendmsg+0xd4/0x160
[  394.397038][T22783]  x64_sys_call+0x191e/0x3000
[  394.401731][T22783]  do_syscall_64+0xd2/0x200
[  394.406235][T22783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.412122][T22783] 
[  394.414443][T22783] value changed: 0xffff88811a598640 -> 0x0000000000000000
[  394.421542][T22783] 
[  394.423857][T22783] Reported by Kernel Concurrency Sanitizer on:
[  394.430004][T22783] CPU: 1 UID: 0 PID: 22783 Comm: syz.5.7239 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  394.441369][T22783] Tainted: [W]=WARN
[  394.445161][T22783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  394.455220][T22783] ==================================================================
[  394.465910][   T29] audit: type=1326 audit(906.168:158872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.488939][   T29] audit: type=1326 audit(906.168:158873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.512162][   T29] audit: type=1326 audit(906.168:158874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.535420][   T29] audit: type=1326 audit(906.168:158875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.558512][   T29] audit: type=1326 audit(906.168:158876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.581600][   T29] audit: type=1326 audit(906.168:158877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.604733][   T29] audit: type=1326 audit(906.168:158878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.627830][   T29] audit: type=1326 audit(906.168:158879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22782 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ae8afeec9 code=0x7ffc0000
[  394.653301][ T3398] usb 9-1: enqueue for inactive port 0
[  394.658882][ T3398] usb 9-1: enqueue for inactive port 0
[  394.726416][ T3398] vhci_hcd: vhci_device speed not set
[  395.760739][T22530] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.