last executing test programs:

1m42.590250283s ago: executing program 2 (id=3):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="667fc399ba7b0f7f2612b0731b0cd8d9d2092034667a01bebd1223501f9abc27c1cc4c452d47e0c15589688e15e74946a652bb3324fba5b2", @ANYRES32, @ANYRES16, @ANYRESHEX=0x0, @ANYRES32, @ANYRES64], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="5ad1"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$sndseq(0xffffffffffffffff, &(0x7f0000000180), 0x0)
rt_tgsigqueueinfo(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000140)={0x30, 0x2, 0x6151})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14923e, 0x18)
fallocate(r4, 0x1, 0x0, 0x1001f0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r6=>0x0})
bind$can_raw(r5, &(0x7f00000005c0), 0x10)
r7 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
recvmmsg(r7, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000880)}}], 0x1, 0x600100a2, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r5, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
sendmsg$can_raw(r5, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r6}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x4040)
connect$unix(r4, &(0x7f0000000040)=@file={0x1, './file2\x00'}, 0x6e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='bcache_btree_write\x00', r4, 0x0, 0xb}, 0x16)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r8, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f00000009c0)={[{@errors_remount}, {@debug}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x2, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x3, 0x6b}, 0x9205, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0xfffffffe, 0x0, 0x20000006}, 0x0, 0xfffffffffffffffb, r9, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x0, 0x0)
preadv(r10, &(0x7f0000000000)=[{&(0x7f0000000080)=""/242, 0xf2}], 0x1, 0x2, 0x2)
fremovexattr(r9, &(0x7f0000000a40)=ANY=[@ANYBLOB="62747266732e6263616368655f62747265655f7772697465002688bd7b6090c3148bb34d6f5e9ef8214a5e7454eae397d23a2488c6b0fabe9e37d0814cc8e82d27d3c1c983cd3461199a123809a81dbf3626db9a40fbc10de72490786522bdbf2da5194f8e28eaf0a284972da72a3ce546fe4d854877cf4d383319f6a0a56923311cd254aca5155996f74fecbda33933dceee71da3b518d61187e975b565c7f3d1ea8faa8e0f0964b40e915aaf18dde7ed3fccbea6524ee4c9f54c1966d7bba96723280bfada6cca9f00"/214])
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)

1m42.212379113s ago: executing program 2 (id=7):
r0 = syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x80000, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
sendfile(r2, r2, &(0x7f0000000000)=0x2eb4, 0x2000007ff)
pipe2$9p(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdn-n\bo=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',msize=0x0000000000001000,k'])
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f00000001c0)={'wg1\x00'})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r6, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r0, &(0x7f0000000000)='./file0\x00', r6, &(0x7f0000000200)='./file0\x00', 0x4)

1m42.035505907s ago: executing program 2 (id=11):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfffffd9d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x2a)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000801000028000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000100"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1e, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095a0017f402fea17cf5136395e907dcbbe89c8fe11d350f064bbca7785ae7b6738d169974a9a3bbd99aa55514c044294e3003e001b5a62d95aa39996bb5230ca7a9c0c61ec68798b521881574af342767056beb12efb9f2e98449021b79d431250071ebc9fd8809500086d327cdbdd4a4a"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000004c0)='mm_page_free\x00', r4, 0x0, 0x178}, 0x18)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f0000000180)=0x13250, 0x4)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x1000}, 0x18)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x7101})
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd0a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0x1}, {0xffff, 0xffff}, {0xb, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x4c80c)
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002d40)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {}, {0xb, 0x10}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000001, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00'}, 0x10)

1m41.195118776s ago: executing program 2 (id=19):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d00010000000000000017cd4460bc08eab5569297d11e61828837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x69}], 0x1, 0x0, 0x0, 0x1f000801}, 0x840)
getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000200), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
setuid(0xee01)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000063119b010000000016000000000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f0000000100)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10, 0x0, 0xffffffffffffffff, 0xfcab}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='sys_enter\x00', r2, 0x0, 0x8001}, 0x18)
time(0x0)

1m41.194729946s ago: executing program 32 (id=19):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d00010000000000000017cd4460bc08eab5569297d11e61828837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x69}], 0x1, 0x0, 0x0, 0x1f000801}, 0x840)
getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000200), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
setuid(0xee01)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000063119b010000000016000000000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f0000000100)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10, 0x0, 0xffffffffffffffff, 0xfcab}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='sys_enter\x00', r2, 0x0, 0x8001}, 0x18)
time(0x0)

2.216195159s ago: executing program 1 (id=1950):
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x148, &(0x7f00000001c0)=0xa, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)
setuid(0xee00)
r0 = msgget$private(0x0, 0x184)
msgsnd(r0, &(0x7f0000002900)=ANY=[@ANYBLOB="03"], 0xfd1, 0x0)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000002880)={{0x2, 0xee00, 0x0, 0x0, 0x0, 0x1a, 0x7}, 0x0, 0x0, 0x3fd, 0x40000000001494, 0x10003, 0x4e, 0xffffffffffffffca, 0x8, 0x8580, 0x3})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20001880)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
close(r2)
socket$inet_udp(0x2, 0x2, 0x0)

1.96258583s ago: executing program 1 (id=1952):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

1.446597142s ago: executing program 5 (id=1960):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x82)
memfd_create(0x0, 0x3)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x1, 0x0, 0x0, 0x9, "00629a7d82090100000000000000f7fffffb00"})
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000080)=[{&(0x7f00000004c0)='|', 0x1}], 0x1, 0x4100000000000000)

1.362655029s ago: executing program 1 (id=1963):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xc, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r2, @ANYRES32], 0x50)

1.330610871s ago: executing program 1 (id=1965):
r0 = syz_io_uring_setup(0x10d, &(0x7f00000004c0)={0x0, 0x2b7a, 0x400, 0x2, 0x4}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000800)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$igmp(0x2, 0x3, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x8, 0x0, r3, 0x0, 0x0, 0x0, 0x44040})
unshare(0x22020600)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x200000000000006}, 0x18)
r5 = socket(0x2, 0x3, 0xff)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r5)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r5, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x80, r6, 0x300, 0x70bd2c, 0x25dfdbfc, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x10}, 0x24048000)
sendmsg$kcm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)}], 0x1}, 0x0)

1.252494728s ago: executing program 0 (id=1966):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r3)
sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f0000000600)={0x0, 0xffffffffffffff24, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=<r5=>0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)=@allocspi={0x100, 0x16, 0x200, 0x70bd28, 0x25dfdbfe, {{{@in6=@private2, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e24, 0x2, 0x4e23, 0x6, 0x2, 0x20, 0x80, 0x89}, {@in=@local, 0x4d4, 0x33}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {0x4, 0x4, 0xffffffffffff2290, 0x7fff, 0x1, 0xfffffffffffffffd, 0x9b79, 0x52ec8268}, {0xe15, 0xa, 0x1, 0x8}, {0x69, 0xc, 0xfffffff7}, 0x70bd2d, 0x3506, 0xa, 0x1, 0x2, 0x12}, 0x2, 0x3}, [@XFRMA_IF_ID={0x8, 0x1f, 0x2}]}, 0x100}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000540)=<r7=>0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$packet(0x11, 0x2, 0x300)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r10, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
r13 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r13, 0x8933, &(0x7f0000000c40)={'vxcan0\x00', <r14=>0x0})
sendmsg$can_raw(r13, &(0x7f0000000340)={&(0x7f00000004c0)={0x1d, r14}, 0x10, &(0x7f0000000200)={&(0x7f0000000100)=@can={{0x4, 0x0, 0x0, 0x1}, 0x8, 0x1, 0x0, 0x0, "270200"}, 0x10}}, 0x811)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r11, 0x0, 0xfffffffffffffffd}, 0x18)
setsockopt$packet_tx_ring(r9, 0x107, 0x5, &(0x7f00000000c0)=@req={0x5, 0x7, 0x4, 0xb}, 0x10)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f0000000100)=@req3={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x861}, 0x1c)
r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r16 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r15)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r16, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r7, @ANYBLOB='\"'], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, r4, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x10}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x30}, @NFC_ATTR_TM_PROTOCOLS={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x4}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x60}]}, 0x64}, 0x1, 0x0, 0x0, 0x14}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r17 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r17, @ANYBLOB="010000000000000000000474090608d7249923be57e40002000000000014000600620300000000000000"], 0x30}, 0x1, 0xffffffff00000003}, 0x0)

1.145239727s ago: executing program 1 (id=1967):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0), 0x4)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
syz_open_dev$evdev(&(0x7f0000000000), 0x8873, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt', 0x0, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r3, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x1c0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r4, 0x5607, 0x3)
ioctl$VT_ACTIVATE(r4, 0x5606, 0x4)
ioctl$TIOCSWINSZ(r4, 0x5414, &(0x7f0000000180)={0x9, 0x0, 0x3, 0x7fff})
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, @remote, @empty, 0x7800, 0x80, 0xfffffffc, 0xdc67}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000040)={'syztnl1\x00', 0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wg0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@deltclass={0x68, 0x29, 0x800, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xe}, {0xd, 0xb}, {0xfff1, 0xf}}, [@TCA_RATE={0x6, 0x5, {0xb, 0xfe}}, @TCA_RATE={0x6, 0x5, {0x8, 0x74}}, @tclass_kind_options=@c_htb={{0x8}, {0x10, 0x2, [@TCA_HTB_CEIL64={0xc, 0x7, 0x2}]}}, @TCA_RATE={0x6, 0x5, {0xff, 0x4}}, @tclass_kind_options=@c_mqprio={0xb}, @TCA_RATE={0x6, 0x5, {0x3, 0x7}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20004001}, 0x4000840)
r7 = socket$nl_route(0x10, 0x3, 0x0)
close_range(r5, r5, 0x2)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x2)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000380)=ANY=[@ANYBLOB="0300000004000000010000336353e8c0d69d8a99", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0xc)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="170700000700"/20, @ANYRES32=0x0, @ANYBLOB="20000100", @ANYRES32=0x0, @ANYBLOB="000002000000000000000000000000000000000108000000"], 0x38}}, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x40)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r8, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
r9 = openat(0xffffffffffffff9c, &(0x7f0000000700)='mnt/encrypted_dir/file\x00', 0x42, 0x180)
write(r9, &(0x7f0000000740)='foo', 0x3)

1.136272087s ago: executing program 0 (id=1968):
socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000003780), 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000540)=ANY=[@ANYBLOB="113bb9ee20cfb13201948af787b3284840d0cabac9c5cd29ac40417fb679db446a9102319bebc1eda7f12c54e29a0f82fe67d30eb03ba9481c2e7d55188d1f3feba94aabf286549a8af5c339174c7a5db887f41da89dc3dc270774afb285701b151ccff30c5506a9b6df2fd04f94fcacf4fe76d26cdb6c85fcf18616540ccd1904d054f7a194ca77f73ff14ea7f5d12d03208101afa5413b44badf45a4e2fc38b9410b09faed034838572853232335eae726cf67d403dd9059cec1133c4fd002806800000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff0000001100a200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x13, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000b3fd713aa16262d6d8a3bc22000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000d7dbc24b8500000073b7ba11b3f80ebd919aef52152587e3c1fbc20a06cc7e2bc0cbc9eb30bfc0de862f78ba40260400ea29fdcce017b301ec92d539d64de63ccf858790f3c814540c30a19bddcc813e92f3ac32287fb85064b7ba15f31de829733b78ece11d1aedf5326cd0eda8cef07cda910e42899b2b3f9e342b68f4338ac3491071849f4897ed9a3bdcc1664faec8c4a450996f4edf0a5508779b93c483644ffb75a961897721877c0648f060e72c158d3c34b6f8544cab"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
perf_event_open(&(0x7f00000002c0)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x11002}, 0x0, 0xf, r1, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa10000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000b04c4a601412a9a800000000002fe93743a82df89f000000"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r3}, &(0x7f0000000040), &(0x7f0000000080)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='percpu_free_percpu\x00', r5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x20000000000000fb, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='percpu_free_percpu\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})

893.264907ms ago: executing program 4 (id=1972):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

764.471147ms ago: executing program 3 (id=1974):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x178}, 0x18)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

758.084208ms ago: executing program 0 (id=1975):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xc, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r2, @ANYRES32], 0x50)

656.828386ms ago: executing program 0 (id=1976):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r4, 0x84, 0x84, &(0x7f0000000000), 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3, 0x0, 0x8}, 0x18)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x4, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)

656.177446ms ago: executing program 0 (id=1977):
r0 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x1c, 0x0, 0xa, 0x5, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWFLOWTABLE={0xd4, 0x16, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK={0xa8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'gre0\x00'}, {0x14, 0x1, 'netdevsim0\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'ip6gretap0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1ff}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'netdevsim0\x00'}, {0x14, 0x1, 'pim6reg1\x00'}, {0x14, 0x1, 'pim6reg\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0xc0, 0x5, 0xa, 0xb02, 0x0, 0x0, {0x6, 0x0, 0x6}, [@NFTA_CHAIN_HOOK={0x88, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'syz_tun\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'erspan0\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x59502071}, @NFTA_HOOK_DEV={0x14, 0x3, 'gre0\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'batadv_slave_0\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_HOOK_DEV={0x14, 0x3, 'netdevsim0\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x199df0f3}]}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_CHAIN_USERDATA={0x1c, 0xc, "d9cef4e9f0f6c55cc12466d4cdf83487689dc576591e5f63"}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x1d8}}, 0x40054)
r4 = syz_open_dev$usbfs(&(0x7f0000000040), 0x9, 0x101000)
ioctl$USBDEVFS_ALLOW_SUSPEND(r4, 0x5522)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5430, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x1, 0x7}, 0x2, 0x10, 0x80000001, 0x7, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x3fffff)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180100000000000000000000000000001812"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r11}, 0x10)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r12}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r9, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r8}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r6, 0x0, 0x200000000000006}, 0x18)
write$binfmt_script(r0, &(0x7f00000001c0)={'#! ', './file0'}, 0xb)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

655.481487ms ago: executing program 4 (id=1978):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000000914010000007c0000000000080001"], 0x18}}, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, &(0x7f0000000000)=0xfe8e, 0x12)
sendto$rxrpc(r1, &(0x7f0000000000)="c0dc5aa5090c7c0ccdaccbb2e6a06056787be08f50f434dc60590ded678df3cbcb9c76b1e98ebbd8279343e3a11b52c935a9c713c8c5c4748acc41f90d12874efad9de12a969dc98d3f5de1cc32b304af2b24a8d691bbe620438373a7a900f0c69bc0a085551b0bd22c61ecfad316811fe7a14f7dea3327bf04608c54f1f9f3f7032ad3120cc89822e0ab08e3c5bff02d90f411345da9bee1b3e250d4b0fc8b95865fb7782e5fc63373f2c114da32373ff0c707152cdda9ec1b4c54680ed74ea69602cf7a89bbb6078cd73c74b911bc0b0305d7b5ce590ba55b5ef3c51a2948c4fc4a32afa6f012d5ef748b73407fe", 0xef, 0x20000010, &(0x7f00000001c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, '\x00', 0x28}, 0x100}}, 0x24)
socket(0xf, 0x1, 0x101)

576.231783ms ago: executing program 0 (id=1979):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0400000000000001000000000000040000000000da32b76e63a4f9b1c60511859e668f32", @ANYRES32=0x0, @ANYBLOB="ffffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x15, 0x22, &(0x7f0000000880)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xffff7ffd}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @cb_func={0x18, 0x2, 0x4, 0x0, 0xfffffffffffffffd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0xd4167395fc7b8afb}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
execve(0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080))
perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x592, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={0x0, 0x1a}, 0x4868, 0x10000, 0x0, 0x1, 0x401, 0x20003, 0xb, 0x0, 0xfffffffd, 0x0, 0x2}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x2)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
socket$packet(0x11, 0x3, 0x300)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000380)=ANY=[@ANYBLOB="30000000051401"], 0x30}, 0x1, 0x0, 0x0, 0x4048014}, 0x20044800)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r7)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r8, 0x0)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r9, &(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
statx(r10, &(0x7f0000000680)='.\x00', 0x0, 0x0, &(0x7f0000000080))
accept(r8, 0x0, 0x0)

575.733753ms ago: executing program 4 (id=1980):
fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='snd_soc_jack_irq\x00', r0, 0x0, 0x5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRESDEC=r1], 0x48)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCCONS(r2, 0x541d)
set_mempolicy(0x4005, &(0x7f0000000040)=0x1001, 0x4)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@map=0x1, 0xb, 0x0, 0x3, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000100), &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)}, 0x40)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000240)={{0x1, 0x1, 0xffffffffffffff1e, 0xffffffffffffffff, {0x6}}, './file2\x00'})
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
mmap(&(0x7f00004c7000/0x3000)=nil, 0x3000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0x7, 0x44, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x2, 0x44, 0x0)
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
writev(r3, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000f00)="e692af", 0x3}], 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='xen_cpu_write_idt_entry\x00', 0xffffffffffffffff, 0x0, 0x81}, 0x18)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000380), 0x101000, 0x0)

539.548596ms ago: executing program 5 (id=1981):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r4=>r3}, './file0\x00'})
write$evdev(r4, &(0x7f0000000080)=[{{}, 0x14, 0xfff9, 0x7}, {{}, 0x17, 0x1, 0x400}], 0x30)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)

493.3527ms ago: executing program 4 (id=1982):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000700008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x8}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'macvlan1\x00', <r3=>0x0})
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r5=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000001000030500000000fddbdf0000000002", @ANYRES32=0x0, @ANYBLOB="02880100373004002000128008000100687372001400028008000100", @ANYRES32=r3, @ANYBLOB="08000200", @ANYRES32=r5], 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x4008054)

413.008696ms ago: executing program 5 (id=1983):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)

411.897286ms ago: executing program 3 (id=1984):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x4)
r1 = timerfd_create(0x8, 0x0)
timerfd_settime(r1, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r2, &(0x7f0000001bc0)=[{{&(0x7f0000000240)={0xa, 0x4f21, 0x400, @private0, 0x3}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000440)="14", 0x1}], 0x1}}], 0x1, 0x931766f6319eed40)
shutdown(r2, 0x1)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
setsockopt$PNPIPE_INITSTATE(0xffffffffffffffff, 0x113, 0x4, &(0x7f0000000000)=0x1, 0x4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

362.18709ms ago: executing program 5 (id=1985):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r2], 0x18}, 0x8810)
sendmsg$unix(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r2], 0x18}, 0x0)

344.659412ms ago: executing program 3 (id=1986):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}, 0x1, 0x300}, 0x4)
timerfd_create(0x8, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r1, &(0x7f0000001bc0), 0x0, 0x931766f6319eed40)
shutdown(r1, 0x1)
getsockopt$bt_hci(r1, 0x84, 0x80, &(0x7f0000000640)=""/4139, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
setsockopt$PNPIPE_INITSTATE(0xffffffffffffffff, 0x113, 0x4, &(0x7f0000000000)=0x1, 0x4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

315.043984ms ago: executing program 4 (id=1987):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x1400)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f00000004c0)=""/181}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001500)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000200000000000026b0ee39739e5ce3000000000002000000030000000000000000000006040000000000"], &(0x7f0000000080)=""/236, 0x3e, 0xec, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r4, 0x29, 0x37, &(0x7f0000000140)=ANY=[], 0x8)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r6=>0x0)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r6, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r5, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
unshare(0x2c060000)
unshare(0x2c020400)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)

314.524324ms ago: executing program 5 (id=1988):
r0 = openat(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0x40086610, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'bond_slave_0\x00', 0x1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x9a, 0x80000000}, 0x80, 0x8, 0x2800, 0x1, 0x8, 0x20805, 0xb, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xc, r0, 0x2)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000580), 0x10000, 0x0)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757815"], 0x65)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x54, 0x0, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x10000, 0x10001, 0xe, 0x1, 0x8, 0xfffffffd, 0x1, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
syz_io_uring_setup(0x3681, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r3, 0x31, &(0x7f0000000240)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x0, 0x0, 0xfffffffffffffe9a, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000004c0)={r5}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f13df33c9f7b986", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1004004, &(0x7f0000000300), 0x1, 0x572, &(0x7f0000000e40)="$eJzs3d9rW+UbAPDnpMl+dPt+18EYKiKFXTiZS9fWHxO8mJeiw4Hez9BmZTRdRpOOtQ62Xbgbb2QIIg7Ee733cvgP+FcMdDB0FHfhTeWkJ23aJm23Zm1mPh845XnPe9L3PDnnffOenIQE0LeG0z+5iJcj4usk4khEJFldPrLK4eXtFh/fmEiXJJaWPv0zaWyXlpv/q/m4Q1nhpYj49cuIU7mN7dbmF6ZLlUp5NiuP1GeujtTmF05fnilNlafKV8bGx8++PT723rvvdC3XNy48+e6T+x+e/erE4rc/Pzx6N4lzcTira81jB261FoZjOHtOCnFueVW+WTfahcZ6SbLVBjd3Zz94OgPZSVmIdAw4EgOrpyjwH5cOy0tAn0r0f+hTzXlA89q+S9fBL4xHHyxfAG3MP7/83kgcaFwbDS4ma66M0uvdoS60n7bxyx/37qZLdO99CIAt3bodEWfy+Y3jX5KNf8/uzDa2Wd+G8Q92z/10/vNmu/lPbmX+E23mP4fa9N1nsXX/zz3sQjMdpfO/99vOf1duWg0NZKX/NeZ8heTS5Uo5Hdv+HxEno7A/LW92P+fs4oOlTnWt8790SdtvzgWz/XiY37/2MZOlemknObd6dDvilbbz32Tl+Cdtjn/6fFzYZhvHy/de61S3df7P19KPEa+3Pf6rd7SSze9PjjTOh5HmWZH6a00bf985/lun9vc6//T4D26e/1DSer+29vRt/HDgn/KaFYXVcE3+sf3zf1/yWSPel627XqrXZ0cj9iUfb1w/tvrYZrm5fZr/yRObj3/tzv+DEfH5NvO/c+ynVzvV9cLxn3yq478+eNK5KgsefPTF953a397491YjOpmt2c74t8nurAl28twBAAAAAABAr8lFxOFIcsWVOJcrFpc/33EsBnOVaq1+6lJ17spkNL4rOxSFXPNO95GWz0OMZp+HbZbH1pXHI+JoRHwzcLBRLk5UK5N7nTwAAAAAAAAAAAAAAAAAAAD0iEMdvv+f+n1gr/cOeO785Df0r7b9/2ZL3I1fegJ6ktd/6F/6P/Qv/R/6l/4P/Wt9/x/co/0Adp/Xf+hf+j/0L/0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAuurC+fPpsrT4+MZEWp68Nj83Xb12erJcmy7OzE0UJ6qzV4tT1epUpVycqM5s9f8q1erV0bGYuz5SL9fqI7X5hYsz1bkr9YuXZ0pT5Yvlwq5kBQAAAAAAAAAAAAAAAAAAAC+W2vzCdKlSKc8KBM8U5HtjNwRdDvZ6ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAVf8GAAD//46AOjY=")

257.608319ms ago: executing program 1 (id=1989):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1fff}]})
msgrcv(0x0, 0x0, 0x0, 0x1, 0x3000)

220.624981ms ago: executing program 3 (id=1990):
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socket$kcm(0x29, 0x7, 0x0) (fail_nth: 4)

200.631564ms ago: executing program 5 (id=1991):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040), 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD")
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x28, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x6}]}, 0x28}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000880)='./bus\x00', 0x1c5042, 0x82)
write(r3, &(0x7f0000000740)="cc", 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x444, &(0x7f0000000980)="$eJzs3MtvG8UfAPDv2nHS5y/5lfJoaCFQEBGPpEkf9MAFBBIHkJC4FHEKSVqFpg1qgkSrCAKHcESVuCOOSPwFnOCCgBMSV7ijShXKpYWT0dq7qZvYaZw4del+PtLGM96xZr67O/bsjJ0ACmso/ZNE7IuI3yOiv569vcBQ/eHmyuLk3yuLk0lUq2//ldTK3VhZnMyL5q/bW89Uq1m+r0m9y+9GTMzOTl/K8qMLFz4Ynb985YWZCxPnps9NXxw/ffrE8SO9p8ZPdiTONK4bgx/PHT70+jtX35w8c/W9n79N27sv298YR6cM1Y9uU09XOl1bd+1vSCc9XWwIbSlHRHq6KrX+3x/l2L26rz9e+6yrjQN2VLVarTb7fM4sVYH7WBLdbgHQHfkHfXr/m293aehxT7j+cv0GKI37ZrbV9/REKStTWXN/20lDEXFm6Z+v0i12aB4CAKDR9+n45/lm479SPNRQ7n/ZGspARPw/Ig5ExAMRcTAiHoyolX04Ih5ps/61KyTrxz+la1sKbJPS8d9L2drW7eO/fPQXA+Ust78WfyU5OzM7fSw7JsNR6UvzYxvU8cOrv33Ral/j+C/d0vrzsWDWjms9aybopiYWJrYTc6Prn0YM9jSLP4l8GSeJiEMRMbjFOmae/eZwq313jn8DHVhnqn4d8Uz9/C/FmvhzScv1ybEXT42fHN0Vs9PHRvOrYr1ffl1+q1X924q/A9Lzv6fp9b8a/0CyK2L+8pXztfXa+fbrWP7j85b3NFu7/mdWG9ebPX40sbBwaSyiN3lj/fPjt16b5/PyafzDR5v3/wNx60g8GhHpRXwkIh6LiMeztj8REU9GxNEN4v/plafebz/+DWblOyiNf+pO5z8az3/7ifL5H79rP/5cev5P1FLD2TObef/bbAO3c+wAAADgv6JU+w58UhpZTZdKIyP17/AfjD1LMTe/8NzZuQ8vTtW/Kz8QlVI+09XfMB86ls0N5/nxNfnj2bzxl+XdtfzI5NzsVLeDh4Lb26L/p/4sd7t1wI7zey0oLv0fikv/h+LS/6G49H8ormb9/5MutAO4+3z+Q3Hp/1Bc+j8Ul/4PhdTyt/Glbf3kf7uJpBuVSrSTiNI90Yz7P9Gz6X9mscVEX9Nd3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ix/AwAA//+UFuN0")
r4 = open(&(0x7f00000000c0)='.\x00', 0xc8000, 0x0)
pipe(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000b80)={0x20000016})
getdents(r6, 0x0, 0xfcf5)
getdents(r4, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0x3ffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="000000000000004185d20e9ab800b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024000000952174eba261c8a077012907000d221c5d68ee25feed95e4343636ce6169b980ae303815f4faf6a5759decab8c2659d170a95fdaf364ceb491aadc26aa9ac4736110bb0cf59caae01cbc7fcbc57225c60014a79fa1c9098c557eecc9bec543115ed4a049c823fdf82ee046ab701f0cf081cabe8b56d3e5c051e5e6493337a76071b6ff186dca05616b86406bfe75fcfed2a56cf44343f55ee764cc58188b8aab80a4c42693cc14c9e4b8"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r7}, 0x18)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

161.295437ms ago: executing program 3 (id=1992):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22}, 0x2e)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000180), 0x40010)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0xe0, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000180), &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000240), &(0x7f0000000280), 0x8, 0x8b, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000340)={r2, 0x1, 0x6, @local}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), r1)
sendmsg$ETHTOOL_MSG_RINGS_GET(r1, &(0x7f00000016c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001680)={&(0x7f0000001580)={0xc4, r3, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x4}]}, 0xc4}, 0x1, 0x0, 0x0, 0x2ac27b029f4e06cf}, 0x4000000)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000400)=[{&(0x7f0000000000)="390000001000111867090707a640400f0021ff3f31000000170a001700000000040037000900030001372564b758b9a64411f6bb744dc48f57", 0x39}], 0x1)

160.118777ms ago: executing program 4 (id=1993):
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000280)={'syztnl2\x00', &(0x7f0000000300)={'ip6tnl0\x00', 0x0, 0x29, 0x7, 0x8, 0xb, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1, 0x7, 0x0, 0xa74, 0x3}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r2 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f0000000000)={[{@noquota}, {@mblk_io_submit}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}], [{@seclabel}]}, 0x2, 0x4f0, &(0x7f0000000d40)="$eJzs3c9vG1kdAPDvOHGTtFmcBQ7LSiwVLEpXUDvZsmzEoRQJwakSpVw4hZA4URQ7jmKnbawKpeIPQEL8Epw4cUHijJBQ/wSEVAnuCCFQBW05cACMxhnTEBzHUeM4rT8f6WXevDee73ux/TxvZmQHMLIuR8SNiBiLiHciopCV57IUe/sp3e7pk/vLaUqiNXH7r0kkWVlnX0m2vJQ9bDIivvrliG8m/x+3vtvcWKpUytvZeqlR3SrVd5tX16tLa/mscOH9hfcW5k6tr9e/+KcffOdnX7r+60/f/cPiX658K23WdFZ3sB/92Otzu/2u59v/i47xiNg+SbBzbCzrT37YDQEAoC/pMf4HI+LjEfHsx8NuDQAAADAIrc9Pxz+TiBYAAADwysq174FNcsXsXoDpyOWKxf17eD8cF3OVWr3xqdXazubK/r2yM5HPra5XynPZvcIzkU/S9fl2/vn6u4fWr0XE6xHxvcJUe724XKusDPvkBwAAAIyIS4fm/38v7M//e5g4s8YBAAAAp2dm2A0AAAAABs78HwAAAF59R87/k/GzbQgAAAAwCF+5eTNNrc7vX6/c2d3ZqN25ulKubxSrO8vF5dr2VnGtVltrf2df9bj9VWq1rc/E5s69UqNcb5Tqu83Fam1ns7G4Xl1aKy+WW4Uz6RYAAABwwOsfe/j7JCL2PjfVTqkLWV3++IffGGzrgEHKnWzzpL9hAXgZjA27AcDQuMEXRpeDeSDpXf39Q+snPG0AAACcB7MfeaHr/8dMG4DzzEQeRpfr/zC6XP+H0eX6P4y4ieM3mTyq4jen3BYAAGBgptspyRWza4HTkcsVixGvtX8WIJ+srlfKcxHxgYj4XSE/ka7PD7vRAAAAAAAAAAAAAAAAAAAAAAAAAPCSabWSaAEAAACvtIjcn5Psh/xnC29PHz4/cCH5R6G9jIi7P7n9w3tLjcb2fFr+t/+WN36Ulb/bKUl9/YzPZAAAAAAdnXl6Zx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfp6ZP7y510lnEffyEiZrrFH4/J9nLyl4WIuPgsifEDj0siYuwU4u89iIg3usVP0mbFTNaKw/FzETE15PiXTiE+jLKH6fhzI33/5Q+9/3Jxub3s/v4bz9KLenz5qPEv1xn/2uNct/Hvtd67nuxk3nz0i9KR8R9EvDneffzpxE+6xb/Qfx+/8bVm86i61k8jZo/5/EnjlxrVrVJ9t3l1vbq0Vl4rb167Nv/ZhfcX3luYK62uV8rZ364xvvvRX/27V/8vdo2/P/4e2f+IeLvP/v/r0b0nH+oR/8onuj//b/SIn74mPpl9DqT1s5383n7+oLd+/tu3evV/5Yj+93z+I+JKn/1/59a3/9jnpgDAGajvNjeWKpXy9kAyUwPbs8xuMz0EH2Yz8tlr6Hz8N2Q6mYmDJbeyJ+nE+xnioAQAAAzE84P+wzUnuMADAAAAAAAAAAAAAAAAAAAAvJCBfxvZxP9+s8Dk8LoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDTfwIAAP//VarKxQ==")
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="4800000010000100"/20, @ANYRES32, @ANYBLOB="0000000000000000280012800e00010069703667726574612e7c000014000280"], 0x48}}, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x4, 0x0, 'queue0\x00'})
write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
getxattr(&(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="627472667305000000000000005f6c6fcd6b"], 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'lo\x00', <r5=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = getpid()
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$tipc(r9, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000005c0)='kfree_skb\x00', r10}, 0x18)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000540)=ANY=[@ANYRESHEX=r5, @ANYRESOCT=r7, @ANYRES64=r3, @ANYRES16=r6, @ANYRESHEX=r11, @ANYRESOCT=r6, @ANYRES16=r6, @ANYRESOCT=r2, @ANYRES64=r2], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x404000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r12}, 0x10)
close(r8)
r13 = syz_pidfd_open(r6, 0x0)
pidfd_getfd(r13, r13, 0x0)

0s ago: executing program 3 (id=1994):
mq_unlink(&(0x7f0000000000)='eth0\x00')
r0 = creat(&(0x7f0000000600)='./file0\x00', 0xe5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
write$qrtrtun(r0, &(0x7f0000001880)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e84b928ecb96e0e4e781bfca4c928c956321dd51400000000000020011584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26cfbb2eb91e40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a63d070000930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299dea6c08073dd0c47b9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8303985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725436101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35cfe7d498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c17d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f91", 0x45c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
r5 = socket$pptp(0x18, 0x1, 0x2)
r6 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6})
ioctl$MON_IOCX_MFETCH(r6, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r6, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
close_range(r5, 0xffffffffffffffff, 0x0)
r7 = dup2(r0, r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r8, 0x0, 0x0}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001e00)={r1, 0xe0, &(0x7f0000001d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000400)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480), 0x0, 0x64, 0x0, 0x0, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x38, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)

kernel console output (not intermixed with test programs):

239214 (level 1)
[  110.667441][ T7456] EXT4-fs (loop1): 1 truncate cleaned up
[  110.687358][ T7469] __nla_validate_parse: 1 callbacks suppressed
[  110.687373][ T7469] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1390'.
[  110.690254][ T7456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  110.749456][ T7325] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  110.766745][ T7456] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.1.1384: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  110.869320][ T7485] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1392'.
[  110.913315][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.928168][ T7493] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1392'.
[  110.957605][ T7489] loop0: detected capacity change from 0 to 128
[  110.995031][ T7489] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  111.125196][ T7489] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.179274][ T7349] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.199780][ T7500] netlink: 'syz.3.1401': attribute type 21 has an invalid length.
[  111.250175][ T7505] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1403'.
[  111.309516][ T7509] loop4: detected capacity change from 0 to 128
[  111.335008][ T7509] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  111.378108][ T7514] lo speed is unknown, defaulting to 1000
[  111.394848][ T7509] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.488645][ T7529] loop5: detected capacity change from 0 to 128
[  111.496634][ T7529] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  111.521037][ T7349] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.527189][ T7533] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1407'.
[  111.544848][ T7529] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.564922][ T7535] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1413'.
[  111.579312][ T7532] loop0: detected capacity change from 0 to 2048
[  111.605026][ T7349] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.609159][ T7535] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1413'.
[  111.659224][ T7532] EXT4-fs (loop0): failed to initialize system zone (-117)
[  111.673809][ T7532] EXT4-fs (loop0): mount failed
[  111.679350][   T29] kauditd_printk_skb: 1261 callbacks suppressed
[  111.679371][   T29] audit: type=1326 audit(1754137166.952:9496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7537 comm="syz.5.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2ae502d61f code=0x7ffc0000
[  111.734586][   T29] audit: type=1326 audit(1754137166.972:9497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6e8a835b27 code=0x7ffc0000
[  111.774414][   T29] audit: type=1326 audit(1754137166.972:9498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e8a7dad69 code=0x7ffc0000
[  111.805193][   T29] audit: type=1326 audit(1754137166.972:9499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  111.833848][   T29] audit: type=1326 audit(1754137166.972:9500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6e8a835b27 code=0x7ffc0000
[  111.861125][   T29] audit: type=1326 audit(1754137166.972:9501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e8a7dad69 code=0x7ffc0000
[  111.862616][ T7540] loop5: detected capacity change from 0 to 128
[  111.888553][   T29] audit: type=1326 audit(1754137166.972:9502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  111.888593][   T29] audit: type=1326 audit(1754137166.972:9503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6e8a835b27 code=0x7ffc0000
[  111.930230][ T7540] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  111.960080][   T29] audit: type=1326 audit(1754137166.972:9504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e8a7dad69 code=0x7ffc0000
[  111.960120][   T29] audit: type=1326 audit(1754137166.972:9505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7521 comm="syz.1.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  112.033696][ T7540] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  112.146024][ T7319] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  112.314326][ T3489] udevd[3489]: failed to send result of seq 13485 to main daemon: Connection refused
[  112.448134][ T7559] lo speed is unknown, defaulting to 1000
[  112.486435][ T7572] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  112.496122][ T7570] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1425'.
[  112.498377][ T7572] SELinux: failed to load policy
[  112.544588][ T7570] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1425'.
[  112.615116][ T7577] lo speed is unknown, defaulting to 1000
[  112.633262][ T7583] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1430'.
[  112.762236][ T7591] loop3: detected capacity change from 0 to 128
[  112.776569][ T7591] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  112.823733][ T7591] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  112.891775][ T7333] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  112.989765][ T7612] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  112.999785][ T7612] FAULT_INJECTION: forcing a failure.
[  112.999785][ T7612] name failslab, interval 1, probability 0, space 0, times 0
[  113.014656][ T7612] CPU: 1 UID: 0 PID: 7612 Comm: syz.3.1439 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  113.014686][ T7612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  113.014702][ T7612] Call Trace:
[  113.014710][ T7612]  <TASK>
[  113.014720][ T7612]  __dump_stack+0x1d/0x30
[  113.014778][ T7612]  dump_stack_lvl+0xe8/0x140
[  113.014804][ T7612]  dump_stack+0x15/0x1b
[  113.014836][ T7612]  should_fail_ex+0x265/0x280
[  113.014869][ T7612]  should_failslab+0x8c/0xb0
[  113.014893][ T7612]  kmem_cache_alloc_noprof+0x50/0x310
[  113.014969][ T7612]  ? skb_clone+0x151/0x1f0
[  113.014991][ T7612]  ? skb_put+0xa9/0xf0
[  113.015028][ T7612]  skb_clone+0x151/0x1f0
[  113.015049][ T7612]  netlink_trim+0x13b/0x200
[  113.015119][ T7612]  netlink_broadcast_filtered+0x5c/0xc60
[  113.015159][ T7612]  ? gnet_stats_finish_copy+0x24b/0x2b0
[  113.015182][ T7612]  ? tc_fill_qdisc+0x7f6/0x990
[  113.015263][ T7612]  nlmsg_notify+0xcf/0x170
[  113.015315][ T7612]  rtnetlink_send+0x48/0x60
[  113.015363][ T7612]  qdisc_notify+0x244/0x280
[  113.015391][ T7612]  tc_modify_qdisc+0x125d/0x1420
[  113.015450][ T7612]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  113.015512][ T7612]  rtnetlink_rcv_msg+0x65a/0x6d0
[  113.015607][ T7612]  netlink_rcv_skb+0x123/0x220
[  113.015643][ T7612]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  113.015679][ T7612]  rtnetlink_rcv+0x1c/0x30
[  113.015782][ T7612]  netlink_unicast+0x5bd/0x690
[  113.015857][ T7612]  netlink_sendmsg+0x58b/0x6b0
[  113.015893][ T7612]  ? __pfx_netlink_sendmsg+0x10/0x10
[  113.015942][ T7612]  __sock_sendmsg+0x142/0x180
[  113.015971][ T7612]  ____sys_sendmsg+0x31e/0x4e0
[  113.016028][ T7612]  ___sys_sendmsg+0x17b/0x1d0
[  113.016082][ T7612]  __x64_sys_sendmsg+0xd4/0x160
[  113.016129][ T7612]  x64_sys_call+0x191e/0x2ff0
[  113.016223][ T7612]  do_syscall_64+0xd2/0x200
[  113.016249][ T7612]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  113.016277][ T7612]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  113.016304][ T7612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.016331][ T7612] RIP: 0033:0x7f58458ceb69
[  113.016353][ T7612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.016372][ T7612] RSP: 002b:00007f5843f37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.016412][ T7612] RAX: ffffffffffffffda RBX: 00007f5845af5fa0 RCX: 00007f58458ceb69
[  113.016428][ T7612] RDX: 0000000000044080 RSI: 0000200000000040 RDI: 0000000000000007
[  113.016444][ T7612] RBP: 00007f5843f37090 R08: 0000000000000000 R09: 0000000000000000
[  113.016459][ T7612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.016474][ T7612] R13: 0000000000000000 R14: 00007f5845af5fa0 R15: 00007ffeb4c995a8
[  113.016498][ T7612]  </TASK>
[  113.406528][ T7620] SELinux: ebitmap: truncated map
[  113.412825][ T7620] SELinux: failed to load policy
[  113.457620][ T7626] loop1: detected capacity change from 0 to 128
[  113.467230][ T7628] loop3: detected capacity change from 0 to 1024
[  113.467496][ T7626] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  113.488328][ T7626] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  113.501834][ T7628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.518603][ T7628] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1446: Allocating blocks 385-513 which overlap fs metadata
[  113.566090][ T7627] EXT4-fs (loop3): pa ffff888106e86310: logic 16, phys. 129, len 24
[  113.575092][ T7627] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  113.598669][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.664181][ T7644] loop3: detected capacity change from 0 to 1024
[  113.675583][ T7644] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  113.687808][ T7644] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  113.701034][ T7644] JBD2: no valid journal superblock found
[  113.707950][ T7644] EXT4-fs (loop3): Could not load journal inode
[  113.822836][ T7653] lo speed is unknown, defaulting to 1000
[  113.834355][ T7656] SELinux: ebitmap: truncated map
[  113.842095][ T7656] SELinux: failed to load policy
[  113.871206][ T7659] loop3: detected capacity change from 0 to 128
[  113.907264][ T7659] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  113.927028][ T7659] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  113.996846][ T7668] loop0: detected capacity change from 0 to 1024
[  114.005642][ T7668] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  114.017228][ T7668] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  114.057490][ T7668] JBD2: no valid journal superblock found
[  114.064156][ T7668] EXT4-fs (loop0): Could not load journal inode
[  114.075218][ T7370] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  114.130412][ T7669] lo speed is unknown, defaulting to 1000
[  114.243900][ T7689] lo speed is unknown, defaulting to 1000
[  114.296410][ T7693] lo speed is unknown, defaulting to 1000
[  114.538441][ T7708] loop5: detected capacity change from 0 to 512
[  114.561611][ T7710] loop0: detected capacity change from 0 to 512
[  114.569822][ T7708] EXT4-fs (loop5): orphan cleanup on readonly fs
[  114.576654][ T7708] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  114.604806][ T7710] EXT4-fs (loop0): orphan cleanup on readonly fs
[  114.611558][ T7710] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  114.627894][ T7708] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  114.648289][ T7708] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.1476: attempt to clear invalid blocks 2 len 1
[  114.667330][ T7708] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1476: invalid indirect mapped block 1819239214 (level 0)
[  114.668192][ T7710] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  114.684593][ T7708] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1476: invalid indirect mapped block 1819239214 (level 1)
[  114.719267][ T7708] EXT4-fs (loop5): 1 truncate cleaned up
[  114.726069][ T7708] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.730080][ T7710] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.1477: attempt to clear invalid blocks 2 len 1
[  114.755723][ T7708] EXT4-fs error (device loop5): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.5.1476: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  114.757217][ T7710] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1477: invalid indirect mapped block 1819239214 (level 0)
[  114.799551][ T7710] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1477: invalid indirect mapped block 1819239214 (level 1)
[  114.828345][ T7710] EXT4-fs (loop0): 1 truncate cleaned up
[  114.836469][ T7710] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.837951][ T3524] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.936915][ T7710] EXT4-fs error (device loop0): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.0.1477: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  115.005193][ T7736] loop4: detected capacity change from 0 to 128
[  115.005787][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.052200][ T7738] lo speed is unknown, defaulting to 1000
[  115.083267][ T7743] loop5: detected capacity change from 0 to 512
[  115.097231][ T7743] EXT4-fs (loop5): orphan cleanup on readonly fs
[  115.106058][ T7743] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.1485: corrupted in-inode xattr: overlapping e_value 
[  115.127445][ T7743] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1485: couldn't read orphan inode 15 (err -117)
[  115.143115][ T7743] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  115.168491][ T7749] loop3: detected capacity change from 0 to 128
[  115.178695][ T7749] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  115.197671][ T7749] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  115.240251][ T7319] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  115.273048][ T3524] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.304743][ T7756] lo speed is unknown, defaulting to 1000
[  115.378396][ T7773] netlink: 'syz.1.1497': attribute type 9 has an invalid length.
[  115.379392][ T7771] loop5: detected capacity change from 0 to 128
[  115.393555][ T7773] netlink: 'syz.1.1497': attribute type 9 has an invalid length.
[  115.468328][ T7782] loop4: detected capacity change from 0 to 128
[  115.477503][ T7782] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  115.492109][ T7782] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  115.534755][ T7783] lo speed is unknown, defaulting to 1000
[  115.578091][ T7319] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  115.671813][ T7793] loop3: detected capacity change from 0 to 512
[  115.691823][ T7795] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  115.704753][ T7793] EXT4-fs (loop3): orphan cleanup on readonly fs
[  115.809921][ T7793] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.1504: corrupted in-inode xattr: overlapping e_value 
[  115.829099][ T7793] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1504: couldn't read orphan inode 15 (err -117)
[  115.859335][ T7793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  115.895053][ T7805] loop4: detected capacity change from 0 to 1024
[  115.904281][ T7805] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  115.916387][ T7805] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  115.929682][ T7805] JBD2: no valid journal superblock found
[  115.935997][ T7805] EXT4-fs (loop4): Could not load journal inode
[  115.985799][ T7809] __nla_validate_parse: 10 callbacks suppressed
[  115.985819][ T7809] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1512'.
[  116.006729][ T7811] loop4: detected capacity change from 0 to 128
[  116.015185][ T7811] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.030032][ T7811] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.039461][ T7812] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1511'.
[  116.065502][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.065854][ T7349] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.198720][ T7828] loop4: detected capacity change from 0 to 128
[  116.209212][ T7828] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.250388][ T7828] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.284073][ T7833] loop0: detected capacity change from 0 to 128
[  116.303485][ T7833] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.316875][ T7370] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.327392][ T7833] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.346443][ T7837] loop4: detected capacity change from 0 to 128
[  116.364663][ T7349] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.378603][ T7839] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1524'.
[  116.391108][ T7839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.411911][ T7839] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.429152][ T7839] netlink: 'syz.3.1524': attribute type 9 has an invalid length.
[  116.438224][ T7839] netlink: 'syz.3.1524': attribute type 9 has an invalid length.
[  116.450256][ T7845] loop4: detected capacity change from 0 to 128
[  116.458023][ T7845] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.476165][ T7845] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.486377][ T7846] loop0: detected capacity change from 0 to 512
[  116.498213][ T7846] EXT4-fs (loop0): orphan cleanup on readonly fs
[  116.505851][ T7846] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.1525: corrupted in-inode xattr: overlapping e_value 
[  116.523483][ T7846] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1525: couldn't read orphan inode 15 (err -117)
[  116.536591][ T7349] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.537518][ T7846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  116.681872][ T7860] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1532'.
[  116.694926][ T7860] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  116.751385][ T7865] loop4: detected capacity change from 0 to 128
[  116.761130][ T7865] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.774950][ T7865] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.802972][ T7333] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.866764][ T7876] loop1: detected capacity change from 0 to 128
[  116.874680][ T7876] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.891752][ T7876] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.920228][ T7366] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.942234][   T29] kauditd_printk_skb: 1164 callbacks suppressed
[  116.942252][   T29] audit: type=1326 audit(1754137172.212:10670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  116.983359][ T7879] loop1: detected capacity change from 0 to 128
[  116.991420][ T7879] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  117.004885][ T7879] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.041574][ T7370] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.057015][   T29] audit: type=1326 audit(1754137172.262:10671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.085460][   T29] audit: type=1326 audit(1754137172.262:10672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.101136][ T7877] lo speed is unknown, defaulting to 1000
[  117.114255][   T29] audit: type=1326 audit(1754137172.262:10673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.151356][   T29] audit: type=1326 audit(1754137172.262:10674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.178408][   T29] audit: type=1326 audit(1754137172.262:10675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.204544][   T29] audit: type=1326 audit(1754137172.262:10676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.232186][   T29] audit: type=1326 audit(1754137172.262:10677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.260043][   T29] audit: type=1326 audit(1754137172.262:10678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.286833][   T29] audit: type=1326 audit(1754137172.262:10679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7878 comm="syz.1.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  117.330682][ T7884] 9pnet: p9_errstr2errno: server reported unknown error 
[  117.415550][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.522495][ T7907] loop3: detected capacity change from 0 to 128
[  117.565806][ T7912] loop4: detected capacity change from 0 to 128
[  117.580493][ T7912] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  117.595623][ T7914] loop0: detected capacity change from 0 to 128
[  117.607142][ T7914] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  117.619804][ T7912] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.633868][ T7918] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1553'.
[  117.635142][ T7914] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.667135][ T7921] loop5: detected capacity change from 0 to 512
[  117.676878][ T7918] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1553'.
[  117.692994][ T7921] EXT4-fs (loop5): orphan cleanup on readonly fs
[  117.700590][ T7921] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.1554: corrupted in-inode xattr: overlapping e_value 
[  117.717055][ T7333] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.746530][ T7349] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.778003][ T7926] loop4: detected capacity change from 0 to 128
[  117.786287][ T7926] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  117.797300][ T7921] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1554: couldn't read orphan inode 15 (err -117)
[  117.822842][ T7926] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.835009][ T7921] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  117.855683][ T7928] loop3: detected capacity change from 0 to 512
[  117.865438][ T7928] EXT4-fs: Ignoring removed orlov option
[  117.873235][ T7928] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  117.894878][ T7349] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.914924][ T7928] EXT4-fs (loop3): orphan cleanup on readonly fs
[  117.931456][ T7928] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1558: bg 0: block 248: padding at end of block bitmap is not set
[  117.956861][ T7935] loop4: detected capacity change from 0 to 512
[  117.965108][ T7928] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1558: Failed to acquire dquot type 1
[  117.989544][ T7935] EXT4-fs (loop4): orphan cleanup on readonly fs
[  117.998494][ T7935] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  118.010651][ T7928] EXT4-fs (loop3): 1 truncate cleaned up
[  118.019593][ T7940] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1562'.
[  118.032436][ T7935] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  118.050462][ T7940] FAULT_INJECTION: forcing a failure.
[  118.050462][ T7940] name failslab, interval 1, probability 0, space 0, times 0
[  118.055574][ T7928] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  118.067098][ T7940] CPU: 0 UID: 0 PID: 7940 Comm: syz.0.1562 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  118.067139][ T7940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.067156][ T7940] Call Trace:
[  118.067168][ T7940]  <TASK>
[  118.067247][ T7940]  __dump_stack+0x1d/0x30
[  118.067276][ T7940]  dump_stack_lvl+0xe8/0x140
[  118.067369][ T7940]  dump_stack+0x15/0x1b
[  118.067392][ T7940]  should_fail_ex+0x265/0x280
[  118.067437][ T7940]  should_failslab+0x8c/0xb0
[  118.067488][ T7940]  kmem_cache_alloc_node_noprof+0x57/0x320
[  118.067527][ T7940]  ? __alloc_skb+0x101/0x320
[  118.067568][ T7940]  __alloc_skb+0x101/0x320
[  118.067679][ T7940]  netlink_ack+0xfd/0x500
[  118.067710][ T7940]  netlink_rcv_skb+0x192/0x220
[  118.067737][ T7940]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  118.067762][ T7940]  rtnetlink_rcv+0x1c/0x30
[  118.067901][ T7940]  netlink_unicast+0x5bd/0x690
[  118.067950][ T7940]  netlink_sendmsg+0x58b/0x6b0
[  118.067997][ T7940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.068098][ T7940]  __sock_sendmsg+0x142/0x180
[  118.068130][ T7940]  ____sys_sendmsg+0x31e/0x4e0
[  118.068198][ T7940]  ___sys_sendmsg+0x17b/0x1d0
[  118.068259][ T7940]  __x64_sys_sendmsg+0xd4/0x160
[  118.068328][ T7940]  x64_sys_call+0x191e/0x2ff0
[  118.068357][ T7940]  do_syscall_64+0xd2/0x200
[  118.068390][ T7940]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.068422][ T7940]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  118.068471][ T7940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.068500][ T7940] RIP: 0033:0x7fe7997deb69
[  118.068521][ T7940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.068545][ T7940] RSP: 002b:00007fe797e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  118.068570][ T7940] RAX: ffffffffffffffda RBX: 00007fe799a05fa0 RCX: 00007fe7997deb69
[  118.068588][ T7940] RDX: 000000002000c040 RSI: 00002000000000c0 RDI: 0000000000000004
[  118.068694][ T7940] RBP: 00007fe797e47090 R08: 0000000000000000 R09: 0000000000000000
[  118.068709][ T7940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.068789][ T7940] R13: 0000000000000000 R14: 00007fe799a05fa0 R15: 00007ffca9ce9e38
[  118.068815][ T7940]  </TASK>
[  118.107359][ T7935] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.1559: attempt to clear invalid blocks 2 len 1
[  118.111336][ T7928] EXT4-fs: Ignoring removed orlov option
[  118.116178][ T7935] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1559: invalid indirect mapped block 1819239214 (level 0)
[  118.121095][ T7928] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  118.127116][ T7935] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1559: invalid indirect mapped block 1819239214 (level 1)
[  118.417963][ T7928] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  118.419060][ T7935] EXT4-fs (loop4): 1 truncate cleaned up
[  118.437302][ T7935] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  118.459739][ T7928] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1558: Abort forced by user
[  118.465467][ T7935] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.4.1559: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  118.501955][ T7928] EXT4-fs (loop3): Remounting filesystem read-only
[  118.504975][ T7946] loop0: detected capacity change from 0 to 128
[  118.512650][ T7928] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  118.531554][ T7928] ext4 filesystem being remounted at /326/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  118.557302][ T3524] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.571426][ T7928] FAULT_INJECTION: forcing a failure.
[  118.571426][ T7928] name failslab, interval 1, probability 0, space 0, times 0
[  118.585654][ T7928] CPU: 1 UID: 0 PID: 7928 Comm: syz.3.1558 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  118.585728][ T7928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.585740][ T7928] Call Trace:
[  118.585746][ T7928]  <TASK>
[  118.585755][ T7928]  __dump_stack+0x1d/0x30
[  118.585782][ T7928]  dump_stack_lvl+0xe8/0x140
[  118.585834][ T7928]  dump_stack+0x15/0x1b
[  118.585853][ T7928]  should_fail_ex+0x265/0x280
[  118.585899][ T7928]  should_failslab+0x8c/0xb0
[  118.585928][ T7928]  kmem_cache_alloc_node_noprof+0x57/0x320
[  118.585982][ T7928]  ? __alloc_skb+0x101/0x320
[  118.586021][ T7928]  __alloc_skb+0x101/0x320
[  118.586131][ T7928]  netlink_alloc_large_skb+0xba/0xf0
[  118.586170][ T7928]  netlink_sendmsg+0x3cf/0x6b0
[  118.586213][ T7928]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.586302][ T7928]  __sock_sendmsg+0x142/0x180
[  118.586326][ T7928]  ____sys_sendmsg+0x31e/0x4e0
[  118.586371][ T7928]  ___sys_sendmsg+0x17b/0x1d0
[  118.586454][ T7928]  __x64_sys_sendmsg+0xd4/0x160
[  118.586496][ T7928]  x64_sys_call+0x191e/0x2ff0
[  118.586519][ T7928]  do_syscall_64+0xd2/0x200
[  118.586542][ T7928]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.586617][ T7928]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  118.586690][ T7928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.586732][ T7928] RIP: 0033:0x7f58458ceb69
[  118.586751][ T7928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.586775][ T7928] RSP: 002b:00007f5843f37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  118.586795][ T7928] RAX: ffffffffffffffda RBX: 00007f5845af5fa0 RCX: 00007f58458ceb69
[  118.586811][ T7928] RDX: 0000000020000000 RSI: 00002000000000c0 RDI: 000000000000000d
[  118.586826][ T7928] RBP: 00007f5843f37090 R08: 0000000000000000 R09: 0000000000000000
[  118.586840][ T7928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.586891][ T7928] R13: 0000000000000000 R14: 00007f5845af5fa0 R15: 00007ffeb4c995a8
[  118.586913][ T7928]  </TASK>
[  118.587416][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.629244][ T7950] loop5: detected capacity change from 0 to 256
[  118.679752][ T7952] loop0: detected capacity change from 0 to 128
[  118.683197][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.699087][ T7952] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  118.708442][ T7950] vfat: Unknown parameter 'shor•name'
[  118.711445][ T7952] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  118.732825][ T7950] loop5: detected capacity change from 0 to 128
[  118.813474][ T7956] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1568'.
[  118.825761][ T7959] loop1: detected capacity change from 0 to 128
[  118.838584][ T7950] EXT4-fs: Ignoring removed mblk_io_submit option
[  118.841417][ T7959] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  118.848500][ T7319] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  118.857191][ T7959] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  118.868644][ T7950] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  118.918674][ T7956] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1568'.
[  118.931960][ T7370] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  118.944980][ T7950] ext4 filesystem being mounted at /276/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  119.043450][ T7965] lo speed is unknown, defaulting to 1000
[  119.126474][ T7973] loop3: detected capacity change from 0 to 128
[  119.178961][ T7977] loop1: detected capacity change from 0 to 128
[  119.186288][ T7977] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  119.202257][ T7977] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.242940][ T7981] loop0: detected capacity change from 0 to 128
[  119.252215][ T7370] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.266251][ T7981] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  119.339706][ T7981] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.491483][ T7370] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.570987][ T7992] loop1: detected capacity change from 0 to 128
[  119.604226][ T7992] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  119.654437][ T7992] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.742487][ T7995] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  119.756836][ T7370] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.805219][ T3524] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  119.940312][ T8009] loop5: detected capacity change from 0 to 1024
[  119.952721][ T8009] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  119.967593][ T8009] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  119.993187][ T8009] JBD2: no valid journal superblock found
[  120.002435][ T8009] EXT4-fs (loop5): Could not load journal inode
[  120.086977][ T8017] loop4: detected capacity change from 0 to 512
[  120.110066][ T8017] EXT4-fs: dax option not supported
[  120.206084][ T8017] loop4: detected capacity change from 0 to 1024
[  120.238806][ T8017] EXT4-fs: Invalid want_extra_isize 0
[  120.316198][ T8017] lo speed is unknown, defaulting to 1000
[  120.386959][ T8039] loop5: detected capacity change from 0 to 128
[  120.407242][ T8039] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  120.421487][ T8035] vlan0: entered allmulticast mode
[  120.446265][ T8039] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  120.533436][ T7370] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  120.553546][ T8045] loop0: detected capacity change from 0 to 512
[  120.566782][ T8045] EXT4-fs (loop0): orphan cleanup on readonly fs
[  120.574593][ T8045] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  120.590221][ T8045] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  120.606662][ T8045] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.1600: attempt to clear invalid blocks 2 len 1
[  120.622265][ T8045] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1600: invalid indirect mapped block 1819239214 (level 0)
[  120.639802][ T8045] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1600: invalid indirect mapped block 1819239214 (level 1)
[  120.659695][ T8045] EXT4-fs (loop0): 1 truncate cleaned up
[  120.666809][ T8045] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  120.682590][ T8045] EXT4-fs error (device loop0): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.0.1600: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  120.720122][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.936100][ T8065] loop4: detected capacity change from 0 to 128
[  120.944626][ T8065] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  120.960045][ T8065] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  120.991703][ T7349] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  121.047146][ T8076] loop4: detected capacity change from 0 to 128
[  121.056122][ T8076] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  121.070580][ T8076] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  121.103802][ T7366] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  121.140412][ T8082] lo speed is unknown, defaulting to 1000
[  121.225588][ T8088] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1616'.
[  121.239843][ T8090] loop4: detected capacity change from 0 to 128
[  121.249690][ T8090] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  121.265578][ T8090] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  121.287610][ T8088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1616'.
[  121.299704][ T7366] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  121.397477][ T8101] lo speed is unknown, defaulting to 1000
[  121.455373][ T8109] loop5: detected capacity change from 0 to 128
[  121.502498][ T8112] lo speed is unknown, defaulting to 1000
[  121.565857][ T8119] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1627'.
[  121.592670][ T8119] bridge0: entered promiscuous mode
[  121.600406][ T8119] bridge0: port 5(macvlan2) entered blocking state
[  121.608379][ T8119] bridge0: port 5(macvlan2) entered disabled state
[  121.617250][ T8119] macvlan2: entered allmulticast mode
[  121.625856][ T8119] bridge0: entered allmulticast mode
[  121.637452][ T8119] macvlan2: left allmulticast mode
[  121.643653][ T8119] bridge0: left allmulticast mode
[  121.705183][ T8119] bridge0: left promiscuous mode
[  121.941789][ T8146] loop4: detected capacity change from 0 to 512
[  121.950046][   T29] kauditd_printk_skb: 804 callbacks suppressed
[  121.950061][   T29] audit: type=1400 audit(1754137177.212:11482): avc:  denied  { create } for  pid=8147 comm="syz.5.1638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  121.980309][   T29] audit: type=1400 audit(1754137177.212:11483): avc:  denied  { setopt } for  pid=8147 comm="syz.5.1638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  121.995909][ T8146] EXT4-fs (loop4): orphan cleanup on readonly fs
[  122.012302][ T8146] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  122.020725][   T29] audit: type=1400 audit(1754137177.232:11484): avc:  denied  { append } for  pid=8147 comm="syz.5.1638" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  122.024751][ T8146] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  122.090620][ T8146] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.1637: attempt to clear invalid blocks 2 len 1
[  122.105660][ T8146] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1637: invalid indirect mapped block 1819239214 (level 0)
[  122.129755][ T8146] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1637: invalid indirect mapped block 1819239214 (level 1)
[  122.146068][ T8146] EXT4-fs (loop4): 1 truncate cleaned up
[  122.153269][ T8146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  122.172928][ T8146] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.4.1637: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  122.217449][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.256633][   T29] audit: type=1326 audit(1754137177.532:11485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  122.301007][ T8154] loop1: detected capacity change from 0 to 128
[  122.310680][ T8154] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  122.324670][   T29] audit: type=1326 audit(1754137177.572:11486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  122.351513][   T29] audit: type=1326 audit(1754137177.572:11487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  122.377441][   T29] audit: type=1326 audit(1754137177.572:11488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  122.385074][ T8154] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  122.404609][   T29] audit: type=1326 audit(1754137177.572:11489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  122.441354][   T29] audit: type=1326 audit(1754137177.572:11490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  122.471250][   T29] audit: type=1326 audit(1754137177.572:11491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  122.516960][ T7325] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  122.606789][ T8167] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1646'.
[  122.627402][ T8167] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1646'.
[  122.788096][ T8184] loop1: detected capacity change from 0 to 512
[  122.802667][ T8184] EXT4-fs (loop1): orphan cleanup on readonly fs
[  122.809905][ T8184] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  122.820465][ T8184] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  122.839204][ T8184] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.1652: attempt to clear invalid blocks 2 len 1
[  122.855859][ T8184] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1652: invalid indirect mapped block 1819239214 (level 0)
[  122.872869][ T8184] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1652: invalid indirect mapped block 1819239214 (level 1)
[  122.889909][ T8184] EXT4-fs (loop1): 1 truncate cleaned up
[  122.898545][ T8184] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  122.917337][ T8184] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.1.1652: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  122.955262][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.065620][ T8188] sg_write: data in/out 11329/120 bytes for SCSI command 0x0-- guessing data in;
[  123.065620][ T8188]    program syz.0.1662 not setting count and/or reply_len properly
[  123.127591][ T8199] loop1: detected capacity change from 0 to 128
[  123.148105][ T8199] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  123.167735][ T8199] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  123.195881][ T8203] loop3: detected capacity change from 0 to 128
[  123.220104][ T7325] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  123.269488][ T8211] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1659'.
[  123.282015][ T8212] loop3: detected capacity change from 0 to 128
[  123.327423][ T8211] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1659'.
[  123.346824][ T8218] loop4: detected capacity change from 0 to 512
[  123.365915][ T8218] EXT4-fs (loop4): orphan cleanup on readonly fs
[  123.374248][ T8218] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  123.374390][ T8220] loop3: detected capacity change from 0 to 1024
[  123.392915][ T8220] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  123.404899][ T8220] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  123.417637][ T8218] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  123.434566][ T8220] JBD2: no valid journal superblock found
[  123.441719][ T8220] EXT4-fs (loop3): Could not load journal inode
[  123.451915][ T8218] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.1665: attempt to clear invalid blocks 2 len 1
[  123.474753][ T8218] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1665: invalid indirect mapped block 1819239214 (level 0)
[  123.494292][ T8223] loop1: detected capacity change from 0 to 128
[  123.503430][ T8223] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  123.519951][ T8223] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  123.534640][ T8218] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1665: invalid indirect mapped block 1819239214 (level 1)
[  123.559343][ T7366] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  123.573069][ T8218] EXT4-fs (loop4): 1 truncate cleaned up
[  123.580680][ T8218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  123.596455][ T8218] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.4.1665: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  123.634532][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.691456][ T8229] lo speed is unknown, defaulting to 1000
[  123.706080][ T8235] loop4: detected capacity change from 0 to 128
[  123.719049][ T8235] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  123.740014][ T8235] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  123.762633][ T8237] loop3: detected capacity change from 0 to 128
[  123.775810][ T8237] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  123.800981][ T8241] loop5: detected capacity change from 0 to 128
[  123.837867][ T7366] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  123.850790][ T8237] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  123.934615][ T8234] lo speed is unknown, defaulting to 1000
[  123.979129][ T7319] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  124.009670][ T8250] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1678'.
[  124.052434][ T8254] FAULT_INJECTION: forcing a failure.
[  124.052434][ T8254] name failslab, interval 1, probability 0, space 0, times 0
[  124.052862][ T8252] lo speed is unknown, defaulting to 1000
[  124.067694][ T8254] CPU: 1 UID: 0 PID: 8254 Comm: syz.3.1680 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  124.067729][ T8254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  124.067747][ T8254] Call Trace:
[  124.067757][ T8254]  <TASK>
[  124.067769][ T8254]  __dump_stack+0x1d/0x30
[  124.067952][ T8254]  dump_stack_lvl+0xe8/0x140
[  124.067979][ T8254]  dump_stack+0x15/0x1b
[  124.068001][ T8254]  should_fail_ex+0x265/0x280
[  124.068079][ T8254]  ? __request_module+0x1c4/0x3e0
[  124.068109][ T8254]  should_failslab+0x8c/0xb0
[  124.068152][ T8254]  ? crypto_alg_mod_lookup+0xe4/0x490
[  124.068268][ T8254]  __kmalloc_cache_noprof+0x4c/0x320
[  124.068309][ T8254]  ? crypto_alg_mod_lookup+0xe4/0x490
[  124.068354][ T8254]  __request_module+0x1c4/0x3e0
[  124.068437][ T8254]  crypto_alg_mod_lookup+0xe4/0x490
[  124.068488][ T8254]  crypto_alloc_tfm_node+0xb5/0x2b0
[  124.068513][ T8254]  ? tls_set_sw_offload+0x284/0xba0
[  124.068561][ T8254]  crypto_alloc_aead+0x2d/0x40
[  124.068623][ T8254]  tls_set_sw_offload+0x65a/0xba0
[  124.068675][ T8254]  tls_setsockopt+0xa02/0xce0
[  124.068721][ T8254]  sock_common_setsockopt+0x66/0x80
[  124.068755][ T8254]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  124.068812][ T8254]  __sys_setsockopt+0x181/0x200
[  124.068876][ T8254]  __x64_sys_setsockopt+0x64/0x80
[  124.068918][ T8254]  x64_sys_call+0x20ec/0x2ff0
[  124.068974][ T8254]  do_syscall_64+0xd2/0x200
[  124.069024][ T8254]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.069056][ T8254]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  124.069085][ T8254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.069121][ T8254] RIP: 0033:0x7f58458ceb69
[  124.069191][ T8254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.069216][ T8254] RSP: 002b:00007f5843f37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  124.069241][ T8254] RAX: ffffffffffffffda RBX: 00007f5845af5fa0 RCX: 00007f58458ceb69
[  124.069322][ T8254] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000006
[  124.069334][ T8254] RBP: 00007f5843f37090 R08: 0000000000000038 R09: 0000000000000000
[  124.069345][ T8254] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  124.069356][ T8254] R13: 0000000000000000 R14: 00007f5845af5fa0 R15: 00007ffeb4c995a8
[  124.069375][ T8254]  </TASK>
[  124.192655][ T8250] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1678'.
[  124.542322][ T8280] loop5: detected capacity change from 0 to 512
[  124.586057][ T8280] EXT4-fs (loop5): orphan cleanup on readonly fs
[  124.607003][ T8280] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.1685: corrupted in-inode xattr: overlapping e_value 
[  124.625676][ T8283] lo speed is unknown, defaulting to 1000
[  124.634210][ T8280] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1685: couldn't read orphan inode 15 (err -117)
[  124.646468][ T8285] loop3: detected capacity change from 0 to 128
[  124.661460][ T8285] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  124.680198][ T8285] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  124.738744][ T7349] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  124.781464][ T8292] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.791372][ T8292] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.802983][ T8292] bridge0: entered allmulticast mode
[  124.816412][ T8292] bridge_slave_1: left allmulticast mode
[  124.822458][ T8292] bridge_slave_1: left promiscuous mode
[  124.828997][ T8292] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.843177][ T8292] bridge_slave_0: left allmulticast mode
[  124.850814][ T8292] bridge_slave_0: left promiscuous mode
[  124.857095][ T8292] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.936913][ T8300] FAULT_INJECTION: forcing a failure.
[  124.936913][ T8300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.951297][ T8300] CPU: 1 UID: 0 PID: 8300 Comm: syz.5.1693 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  124.951335][ T8300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  124.951352][ T8300] Call Trace:
[  124.951362][ T8300]  <TASK>
[  124.951405][ T8300]  __dump_stack+0x1d/0x30
[  124.951501][ T8300]  dump_stack_lvl+0xe8/0x140
[  124.951527][ T8300]  dump_stack+0x15/0x1b
[  124.951599][ T8300]  should_fail_ex+0x265/0x280
[  124.951640][ T8300]  should_fail+0xb/0x20
[  124.951724][ T8300]  should_fail_usercopy+0x1a/0x20
[  124.951749][ T8300]  fpu__restore_sig+0x12d/0xaa0
[  124.951788][ T8300]  ? should_fail_ex+0xdb/0x280
[  124.951914][ T8300]  __ia32_sys_rt_sigreturn+0x29f/0x350
[  124.951958][ T8300]  x64_sys_call+0x2d3c/0x2ff0
[  124.951984][ T8300]  do_syscall_64+0xd2/0x200
[  124.952099][ T8300]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.952129][ T8300]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  124.952213][ T8300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.952239][ T8300] RIP: 0033:0x7f2ae502eb69
[  124.952257][ T8300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.952278][ T8300] RSP: 002b:00007f2ae368f038 EFLAGS: 00000246
[  124.952366][ T8300] RAX: 0000000000000001 RBX: 00007f2ae5255fa0 RCX: 00007f2ae502eb69
[  124.952387][ T8300] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 00007f2ae5d8e000
[  124.952408][ T8300] RBP: 00007f2ae368f090 R08: 0000000000000000 R09: 0000000000000000
[  124.952423][ T8300] R10: 0000200000001340 R11: 0000000000000246 R12: 0000000000000001
[  124.952438][ T8300] R13: 0000000000000000 R14: 00007f2ae5255fa0 R15: 00007ffd5a4877c8
[  124.952531][ T8300]  </TASK>
[  125.220599][ T8303] loop1: detected capacity change from 0 to 512
[  125.259961][ T8306] FAULT_INJECTION: forcing a failure.
[  125.259961][ T8306] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.274751][ T8306] CPU: 1 UID: 0 PID: 8306 Comm: syz.5.1696 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  125.274782][ T8306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.274798][ T8306] Call Trace:
[  125.274808][ T8306]  <TASK>
[  125.274817][ T8306]  __dump_stack+0x1d/0x30
[  125.274869][ T8306]  dump_stack_lvl+0xe8/0x140
[  125.274916][ T8306]  dump_stack+0x15/0x1b
[  125.274932][ T8306]  should_fail_ex+0x265/0x280
[  125.275036][ T8306]  should_fail+0xb/0x20
[  125.275073][ T8306]  should_fail_usercopy+0x1a/0x20
[  125.275098][ T8306]  _copy_from_user+0x1c/0xb0
[  125.275128][ T8306]  __sys_bpf+0x178/0x7b0
[  125.275164][ T8306]  __x64_sys_bpf+0x41/0x50
[  125.275196][ T8306]  x64_sys_call+0x2aea/0x2ff0
[  125.275232][ T8306]  do_syscall_64+0xd2/0x200
[  125.275262][ T8306]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.275371][ T8306]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  125.275392][ T8306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.275417][ T8306] RIP: 0033:0x7f2ae502eb69
[  125.275441][ T8306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.275474][ T8306] RSP: 002b:00007f2ae368f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  125.275541][ T8306] RAX: ffffffffffffffda RBX: 00007f2ae5255fa0 RCX: 00007f2ae502eb69
[  125.275556][ T8306] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[  125.275569][ T8306] RBP: 00007f2ae368f090 R08: 0000000000000000 R09: 0000000000000000
[  125.275585][ T8306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.275600][ T8306] R13: 0000000000000000 R14: 00007f2ae5255fa0 R15: 00007ffd5a4877c8
[  125.275624][ T8306]  </TASK>
[  125.291152][ T8303] EXT4-fs (loop1): orphan cleanup on readonly fs
[  125.367530][ T8311] loop4: detected capacity change from 0 to 512
[  125.369018][ T8303] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  125.532828][ T8311] EXT4-fs (loop4): orphan cleanup on readonly fs
[  125.537979][ T8316] lo speed is unknown, defaulting to 1000
[  125.543598][ T8303] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  125.579814][ T8311] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1698: corrupted in-inode xattr: overlapping e_value 
[  125.606873][ T8303] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.1695: attempt to clear invalid blocks 2 len 1
[  125.626700][ T8320] loop3: detected capacity change from 0 to 128
[  125.642477][ T8303] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1695: invalid indirect mapped block 1819239214 (level 0)
[  125.674108][ T8311] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1698: couldn't read orphan inode 15 (err -117)
[  125.677250][ T8322] loop5: detected capacity change from 0 to 128
[  125.701745][ T8322] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  125.716760][ T8303] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1695: invalid indirect mapped block 1819239214 (level 1)
[  125.720377][ T8322] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  125.816130][ T8303] EXT4-fs (loop1): 1 truncate cleaned up
[  125.829058][ T8303] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.1.1695: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  125.972092][ T7370] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.062406][ T8334] loop4: detected capacity change from 0 to 1024
[  126.064810][ T8336] loop1: detected capacity change from 0 to 128
[  126.079814][ T8338] netlink: 'syz.5.1704': attribute type 28 has an invalid length.
[  126.084570][ T8334] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  126.103269][ T8334] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  126.115591][ T8336] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  126.136798][ T8336] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.148641][ T8334] JBD2: no valid journal superblock found
[  126.155492][ T8334] EXT4-fs (loop4): Could not load journal inode
[  126.183964][ T7349] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.283880][ T8349] lo speed is unknown, defaulting to 1000
[  126.388402][ T8360] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1717'.
[  126.445395][ T8360] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1717'.
[  126.459184][ T8365] loop3: detected capacity change from 0 to 128
[  126.467361][ T8365] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  126.485629][ T8365] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.542472][ T7370] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.585598][ T8370] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  126.682620][ T8375] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1724'.
[  126.697321][ T8376] netlink: 'syz.3.1721': attribute type 28 has an invalid length.
[  126.805184][ T8385] loop1: detected capacity change from 0 to 512
[  126.814066][ T8385] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  126.846428][ T8385] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.874531][ T8397] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  126.937095][ T8405] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  126.965713][ T8401] lo speed is unknown, defaulting to 1000
[  126.994349][   T29] kauditd_printk_skb: 703 callbacks suppressed
[  126.994366][   T29] audit: type=1326 audit(1754137182.272:12195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.048001][ T8407] loop1: detected capacity change from 0 to 128
[  127.053394][   T29] audit: type=1326 audit(1754137182.312:12196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.091123][   T29] audit: type=1326 audit(1754137182.312:12197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.131640][   T29] audit: type=1326 audit(1754137182.312:12198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.162807][   T29] audit: type=1326 audit(1754137182.312:12199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.172633][ T8407] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  127.191487][   T29] audit: type=1326 audit(1754137182.312:12200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.239219][   T29] audit: type=1326 audit(1754137182.312:12201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.267090][   T29] audit: type=1326 audit(1754137182.312:12202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.300336][   T29] audit: type=1326 audit(1754137182.312:12203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.300424][ T8407] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  127.331725][   T29] audit: type=1326 audit(1754137182.322:12204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8406 comm="syz.1.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  127.433399][ T7370] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  127.770175][ T8435] loop1: detected capacity change from 0 to 1024
[  127.868837][ T8435] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  127.882677][ T8435] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  127.899358][ T8435] JBD2: no valid journal superblock found
[  127.906265][ T8435] EXT4-fs (loop1): Could not load journal inode
[  127.941175][ T8443] loop5: detected capacity change from 0 to 128
[  127.950120][ T8443] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  127.965604][ T8443] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  127.996767][ T7325] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  128.017221][ T8449] FAULT_INJECTION: forcing a failure.
[  128.017221][ T8449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.031565][ T8449] CPU: 1 UID: 0 PID: 8449 Comm: syz.5.1752 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  128.031602][ T8449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  128.031617][ T8449] Call Trace:
[  128.031623][ T8449]  <TASK>
[  128.031671][ T8449]  __dump_stack+0x1d/0x30
[  128.031698][ T8449]  dump_stack_lvl+0xe8/0x140
[  128.031760][ T8449]  dump_stack+0x15/0x1b
[  128.031781][ T8449]  should_fail_ex+0x265/0x280
[  128.031823][ T8449]  should_fail+0xb/0x20
[  128.031853][ T8449]  should_fail_usercopy+0x1a/0x20
[  128.031877][ T8449]  strncpy_from_user+0x25/0x230
[  128.032012][ T8449]  ? kmem_cache_alloc_noprof+0x186/0x310
[  128.032042][ T8449]  ? getname_flags+0x80/0x3b0
[  128.032077][ T8449]  getname_flags+0xae/0x3b0
[  128.032111][ T8449]  user_path_at+0x28/0x130
[  128.032179][ T8449]  __se_sys_mount+0x25b/0x2e0
[  128.032225][ T8449]  __x64_sys_mount+0x67/0x80
[  128.032254][ T8449]  x64_sys_call+0x2b4d/0x2ff0
[  128.032357][ T8449]  do_syscall_64+0xd2/0x200
[  128.032383][ T8449]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  128.032448][ T8449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.032515][ T8449] RIP: 0033:0x7f2ae502eb69
[  128.032532][ T8449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.032554][ T8449] RSP: 002b:00007f2ae368f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  128.032584][ T8449] RAX: ffffffffffffffda RBX: 00007f2ae5255fa0 RCX: 00007f2ae502eb69
[  128.032600][ T8449] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[  128.032616][ T8449] RBP: 00007f2ae368f090 R08: 0000200000000340 R09: 0000000000000000
[  128.032631][ T8449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.032667][ T8449] R13: 0000000000000000 R14: 00007f2ae5255fa0 R15: 00007ffd5a4877c8
[  128.032686][ T8449]  </TASK>
[  128.302038][ T8453] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.355605][ T8460] netlink: 'syz.5.1755': attribute type 16 has an invalid length.
[  128.364568][ T8460] netlink: 'syz.5.1755': attribute type 17 has an invalid length.
[  128.386000][ T8460] syz.5.1755 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  128.403854][ T8453] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.442529][ T8462] loop1: detected capacity change from 0 to 128
[  128.456879][ T8462] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  128.477628][ T8462] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  128.497833][ T8453] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.526568][ T7325] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  128.548279][ T8453] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.601556][ T8472] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1760'.
[  128.632699][ T7370] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.659693][ T8472] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1760'.
[  128.673532][ T7370] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.683912][ T7370] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.703368][ T7370] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.786552][ T8476] loop4: detected capacity change from 0 to 128
[  128.805562][ T8476] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  128.858072][ T8476] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  128.867157][ T8478] loop3: detected capacity change from 0 to 736
[  128.904320][ T8478] iso9660: Bad value for 'session'
[  128.939785][ T8478] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1763'.
[  128.983911][ T7370] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  129.027827][ T8482] loop4: detected capacity change from 0 to 1024
[  129.061127][ T8482] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  129.082624][ T8482] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  129.104763][ T8486] loop3: detected capacity change from 0 to 128
[  129.105552][ T8482] JBD2: no valid journal superblock found
[  129.139012][ T8482] EXT4-fs (loop4): Could not load journal inode
[  129.267342][ T8493] loop4: detected capacity change from 0 to 512
[  129.295195][ T8492] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1769'.
[  129.315845][ T8493] EXT4-fs (loop4): orphan cleanup on readonly fs
[  129.326143][ T8493] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1770: corrupted in-inode xattr: overlapping e_value 
[  129.354567][ T8493] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1770: couldn't read orphan inode 15 (err -117)
[  129.565524][ T8509] loop4: detected capacity change from 0 to 128
[  129.604390][ T8509] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  129.631961][ T8509] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  129.665946][ T8516] loop1: detected capacity change from 0 to 512
[  129.758423][ T8518] FAULT_INJECTION: forcing a failure.
[  129.758423][ T8518] name failslab, interval 1, probability 0, space 0, times 0
[  129.773497][ T8518] CPU: 0 UID: 0 PID: 8518 Comm: syz.0.1780 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  129.773625][ T8518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  129.773647][ T8518] Call Trace:
[  129.773654][ T8518]  <TASK>
[  129.773664][ T8518]  __dump_stack+0x1d/0x30
[  129.773688][ T8518]  dump_stack_lvl+0xe8/0x140
[  129.773758][ T8518]  dump_stack+0x15/0x1b
[  129.773778][ T8518]  should_fail_ex+0x265/0x280
[  129.773955][ T8518]  ? legacy_init_fs_context+0x31/0x80
[  129.774026][ T8518]  should_failslab+0x8c/0xb0
[  129.774054][ T8518]  __kmalloc_cache_noprof+0x4c/0x320
[  129.774084][ T8518]  legacy_init_fs_context+0x31/0x80
[  129.774112][ T8518]  alloc_fs_context+0x3ec/0x4e0
[  129.774178][ T8518]  fs_context_for_mount+0x22/0x30
[  129.774252][ T8518]  do_new_mount+0xe9/0x5e0
[  129.774273][ T8518]  ? security_capable+0x83/0x90
[  129.774294][ T8518]  path_mount+0x4a4/0xb20
[  129.774319][ T8518]  ? user_path_at+0x109/0x130
[  129.774390][ T8518]  __se_sys_mount+0x28f/0x2e0
[  129.774418][ T8518]  ? fput+0x8f/0xc0
[  129.774451][ T8518]  __x64_sys_mount+0x67/0x80
[  129.774472][ T8518]  x64_sys_call+0x2b4d/0x2ff0
[  129.774573][ T8518]  do_syscall_64+0xd2/0x200
[  129.774602][ T8518]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.774638][ T8518]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  129.774665][ T8518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.774692][ T8518] RIP: 0033:0x7fe7997deb69
[  129.774788][ T8518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.774808][ T8518] RSP: 002b:00007fe797e47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  129.774826][ T8518] RAX: ffffffffffffffda RBX: 00007fe799a05fa0 RCX: 00007fe7997deb69
[  129.774902][ T8518] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[  129.774918][ T8518] RBP: 00007fe797e47090 R08: 0000200000000680 R09: 0000000000000000
[  129.775008][ T8518] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  129.775020][ T8518] R13: 0000000000000000 R14: 00007fe799a05fa0 R15: 00007ffca9ce9e38
[  129.775037][ T8518]  </TASK>
[  130.069386][ T8516] EXT4-fs (loop1): orphan cleanup on readonly fs
[  130.078184][ T8516] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  130.109340][ T8516] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  130.113929][ T8521] loop5: detected capacity change from 0 to 128
[  130.136036][ T8516] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.1779: attempt to clear invalid blocks 2 len 1
[  130.202093][ T8516] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1779: invalid indirect mapped block 1819239214 (level 0)
[  130.222391][ T8516] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1779: invalid indirect mapped block 1819239214 (level 1)
[  130.257940][ T8527] netlink: 4 bytes leftover after parsing attributes in process `wg1'.
[  130.279098][ T8516] EXT4-fs (loop1): 1 truncate cleaned up
[  130.288497][ T8527] ipvlan2: entered promiscuous mode
[  130.301573][ T8516] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.1.1779: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  130.362669][ T8537] loop5: detected capacity change from 0 to 512
[  130.374757][ T8537] EXT4-fs (loop5): orphan cleanup on readonly fs
[  130.382829][ T8537] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.1786: corrupted in-inode xattr: overlapping e_value 
[  130.403703][ T8537] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1786: couldn't read orphan inode 15 (err -117)
[  130.444966][ T8547] loop3: detected capacity change from 0 to 128
[  130.462563][ T8547] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  130.480150][ T8547] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  130.487443][ T8549] lo speed is unknown, defaulting to 1000
[  130.557923][ T8552] bridge0: port 4(team0) entered disabled state
[  130.565849][ T8552] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.575235][ T8552] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.587023][ T8552] bridge0: entered allmulticast mode
[  130.592379][ T7349] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  130.630193][ T8557] bridge0: port 4(team0) entered disabled state
[  130.641114][ T8557] batadv0: left allmulticast mode
[  130.647289][ T8558] loop3: detected capacity change from 0 to 128
[  130.647852][ T8558] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  130.654964][ T8557] batadv0: left promiscuous mode
[  130.674956][ T8557] bridge0: port 3(batadv0) entered disabled state
[  130.675264][ T8558] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  130.739026][ T8557] bridge_slave_1: left allmulticast mode
[  130.746750][ T8557] bridge_slave_1: left promiscuous mode
[  130.754895][ T8557] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.785602][ T8557] bridge_slave_0: left allmulticast mode
[  130.797046][ T8557] bridge_slave_0: left promiscuous mode
[  130.803812][ T8557] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.819648][ T7366] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  130.998085][ T8571] loop5: detected capacity change from 0 to 512
[  131.013048][ T8571] EXT4-fs (loop5): orphan cleanup on readonly fs
[  131.020838][ T8571] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  131.033215][ T8571] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  131.052859][ T8571] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.1798: attempt to clear invalid blocks 2 len 1
[  131.068917][ T8571] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1798: invalid indirect mapped block 1819239214 (level 0)
[  131.085194][ T8571] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1798: invalid indirect mapped block 1819239214 (level 1)
[  131.103934][ T8571] EXT4-fs (loop5): 1 truncate cleaned up
[  131.112031][ T8571] EXT4-fs mount: 14 callbacks suppressed
[  131.112051][ T8571] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  131.137135][ T8571] EXT4-fs error (device loop5): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.5.1798: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  131.149388][ T8578] FAULT_INJECTION: forcing a failure.
[  131.149388][ T8578] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  131.177392][ T8578] CPU: 0 UID: 0 PID: 8578 Comm: syz.0.1800 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  131.177430][ T8578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  131.177444][ T8578] Call Trace:
[  131.177451][ T8578]  <TASK>
[  131.177459][ T8578]  __dump_stack+0x1d/0x30
[  131.177482][ T8578]  dump_stack_lvl+0xe8/0x140
[  131.177573][ T8578]  dump_stack+0x15/0x1b
[  131.177589][ T8578]  should_fail_ex+0x265/0x280
[  131.177623][ T8578]  should_fail_alloc_page+0xf2/0x100
[  131.177650][ T8578]  __alloc_frozen_pages_noprof+0xff/0x360
[  131.177743][ T8578]  alloc_pages_mpol+0xb3/0x250
[  131.177780][ T8578]  alloc_migration_target_by_mpol+0x11b/0x280
[  131.177839][ T8578]  migrate_pages_batch+0x300/0x1a30
[  131.177877][ T8578]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  131.177965][ T8578]  ? __folio_put+0x5e/0x150
[  131.177994][ T8578]  ? hugetlb_cgroup_migrate+0x190/0x1b0
[  131.178042][ T8578]  migrate_pages+0xf5f/0x1770
[  131.178081][ T8578]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  131.178114][ T8578]  __se_sys_mbind+0x975/0xac0
[  131.178170][ T8578]  __x64_sys_mbind+0x78/0x90
[  131.178205][ T8578]  x64_sys_call+0x2932/0x2ff0
[  131.178254][ T8578]  do_syscall_64+0xd2/0x200
[  131.178277][ T8578]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.178307][ T8578]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  131.178335][ T8578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.178362][ T8578] RIP: 0033:0x7fe7997deb69
[  131.178382][ T8578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.178409][ T8578] RSP: 002b:00007fe797e47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  131.178449][ T8578] RAX: ffffffffffffffda RBX: 00007fe799a05fa0 RCX: 00007fe7997deb69
[  131.178461][ T8578] RDX: 0000000000000000 RSI: 0100000000004000 RDI: 00002000005b4000
[  131.178473][ T8578] RBP: 00007fe797e47090 R08: 0000000000000000 R09: 0000000000000002
[  131.178485][ T8578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.178562][ T8578] R13: 0000000000000000 R14: 00007fe799a05fa0 R15: 00007ffca9ce9e38
[  131.178580][ T8578]  </TASK>
[  131.449088][ T3524] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.489116][ T8583] FAULT_INJECTION: forcing a failure.
[  131.489116][ T8583] name failslab, interval 1, probability 0, space 0, times 0
[  131.504410][ T8583] CPU: 1 UID: 0 PID: 8583 Comm: syz.0.1803 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  131.504503][ T8583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  131.504516][ T8583] Call Trace:
[  131.504577][ T8583]  <TASK>
[  131.504587][ T8583]  __dump_stack+0x1d/0x30
[  131.504613][ T8583]  dump_stack_lvl+0xe8/0x140
[  131.504635][ T8583]  dump_stack+0x15/0x1b
[  131.504651][ T8583]  should_fail_ex+0x265/0x280
[  131.504717][ T8583]  should_failslab+0x8c/0xb0
[  131.504749][ T8583]  kmem_cache_alloc_noprof+0x50/0x310
[  131.504782][ T8583]  ? getname_flags+0x80/0x3b0
[  131.504817][ T8583]  getname_flags+0x80/0x3b0
[  131.504848][ T8583]  do_sys_openat2+0x60/0x110
[  131.504877][ T8583]  __x64_sys_openat+0xf2/0x120
[  131.504938][ T8583]  x64_sys_call+0x2e9c/0x2ff0
[  131.504956][ T8583]  do_syscall_64+0xd2/0x200
[  131.505048][ T8583]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.505073][ T8583]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  131.505091][ T8583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.505110][ T8583] RIP: 0033:0x7fe7997deb69
[  131.505123][ T8583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.505265][ T8583] RSP: 002b:00007fe797e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  131.505283][ T8583] RAX: ffffffffffffffda RBX: 00007fe799a05fa0 RCX: 00007fe7997deb69
[  131.505294][ T8583] RDX: 0000000000105042 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  131.505304][ T8583] RBP: 00007fe797e47090 R08: 0000000000000000 R09: 0000000000000000
[  131.505370][ T8583] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  131.505380][ T8583] R13: 0000000000000000 R14: 00007fe799a05fa0 R15: 00007ffca9ce9e38
[  131.505397][ T8583]  </TASK>
[  131.771159][ T8585] loop3: detected capacity change from 0 to 1024
[  131.814979][ T8585] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  131.829024][ T8585] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  131.841293][ T8594] loop5: detected capacity change from 0 to 128
[  131.844469][ T8585] JBD2: no valid journal superblock found
[  131.855815][ T8585] EXT4-fs (loop3): Could not load journal inode
[  131.865394][ T8594] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  131.880605][ T8594] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  131.913691][ T8598] netlink: 4 bytes leftover after parsing attributes in process `wg1'.
[  131.942133][ T7366] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  131.972293][ T8598] ipvlan2: entered promiscuous mode
[  131.996778][ T8596] lo speed is unknown, defaulting to 1000
[  132.057829][ T8605] loop3: detected capacity change from 0 to 512
[  132.070872][ T8605] EXT4-fs (loop3): orphan cleanup on readonly fs
[  132.078439][ T8605] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.1811: corrupted in-inode xattr: overlapping e_value 
[  132.123036][   T29] kauditd_printk_skb: 365 callbacks suppressed
[  132.123116][   T29] audit: type=1326 audit(1754137187.392:12570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8607 comm="syz.0.1817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe799811425 code=0x7ffc0000
[  132.183481][ T8605] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1811: couldn't read orphan inode 15 (err -117)
[  132.214919][ T8605] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  132.219231][   T29] audit: type=1326 audit(1754137187.402:12571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8595 comm="syz.0.1817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7997deb69 code=0x7ffc0000
[  132.258498][   T29] audit: type=1326 audit(1754137187.402:12572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8595 comm="syz.0.1817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7997deb69 code=0x7ffc0000
[  132.312256][   T29] audit: type=1326 audit(1754137187.562:12573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8607 comm="syz.0.1817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fe7997deb69 code=0x7ffc0000
[  132.383185][ T8609] lo speed is unknown, defaulting to 1000
[  132.396099][ T8614] loop5: detected capacity change from 0 to 128
[  132.448260][ T8616] lo speed is unknown, defaulting to 1000
[  132.458970][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.491223][   T29] audit: type=1400 audit(1754137187.762:12574): avc:  denied  { read } for  pid=8622 comm="syz.3.1818" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  132.517723][   T29] audit: type=1400 audit(1754137187.762:12575): avc:  denied  { open } for  pid=8622 comm="syz.3.1818" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  132.552061][   T29] audit: type=1400 audit(1754137187.762:12576): avc:  denied  { ioctl } for  pid=8622 comm="syz.3.1818" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  132.590593][ T8631] loop3: detected capacity change from 0 to 128
[  132.597882][   T29] audit: type=1326 audit(1754137187.862:12577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8632 comm="syz.1.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  132.625093][   T29] audit: type=1326 audit(1754137187.862:12578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8632 comm="syz.1.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  132.626593][ T8631] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  132.651601][   T29] audit: type=1326 audit(1754137187.862:12579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8632 comm="syz.1.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8a83eb69 code=0x7ffc0000
[  132.659856][ T8635] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1821'.
[  132.666785][ T8631] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  132.759044][ T8637] loop1: detected capacity change from 0 to 128
[  132.766394][ T7349] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  132.792447][ T8641] bridge0: entered allmulticast mode
[  132.826384][ T8646] bridge0: port 3(team0) entered disabled state
[  132.834280][ T8646] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.842248][ T8646] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.850636][ T8646] bridge0: entered allmulticast mode
[  132.856069][ T8648] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1823'.
[  132.879317][ T8641] pim6reg: entered allmulticast mode
[  132.916121][ T8650] loop3: detected capacity change from 0 to 128
[  132.968524][ T8653] loop3: detected capacity change from 0 to 512
[  132.979901][ T8653] EXT4-fs (loop3): orphan cleanup on readonly fs
[  132.986735][ T8653] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  132.996606][ T8653] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  133.014229][ T8653] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.1828: attempt to clear invalid blocks 2 len 1
[  133.029644][ T8653] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1828: invalid indirect mapped block 1819239214 (level 0)
[  133.047211][ T8653] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1828: invalid indirect mapped block 1819239214 (level 1)
[  133.065393][ T8653] EXT4-fs (loop3): 1 truncate cleaned up
[  133.071988][ T8653] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  133.086652][ T8653] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.3.1828: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  133.133893][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.334668][ T8646] bridge0: port 3(team0) entered disabled state
[  133.344212][ T8646] bridge_slave_1: left allmulticast mode
[  133.350367][ T8646] bridge_slave_1: left promiscuous mode
[  133.357080][ T8646] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.369297][ T8646] bridge_slave_0: left allmulticast mode
[  133.376201][ T8646] bridge_slave_0: left promiscuous mode
[  133.383031][ T8646] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.447688][ T8671] loop4: detected capacity change from 0 to 128
[  133.501026][ T8674] loop5: detected capacity change from 0 to 128
[  133.509317][ T8674] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  133.519601][ T8678] loop4: detected capacity change from 0 to 1024
[  133.533908][ T8678] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  133.534181][ T8674] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  133.547190][ T8678] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  133.572545][ T8678] JBD2: no valid journal superblock found
[  133.579317][ T8678] EXT4-fs (loop4): Could not load journal inode
[  133.669340][ T8688] lo speed is unknown, defaulting to 1000
[  134.074831][ T8712] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.085362][ T8712] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.132122][ T8712] bridge_slave_1: left allmulticast mode
[  134.141972][ T8712] bridge_slave_1: left promiscuous mode
[  134.149015][ T8712] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.173521][ T8712] bridge_slave_0: left promiscuous mode
[  134.182027][ T8712] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.398430][ T8721] loop5: detected capacity change from 0 to 128
[  134.451285][ T8721] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  134.475918][ T8723] loop3: detected capacity change from 0 to 1024
[  134.516181][ T8723] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  134.531066][ T8723] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  134.556282][ T8721] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  134.631418][ T8723] JBD2: no valid journal superblock found
[  134.649532][ T8723] EXT4-fs (loop3): Could not load journal inode
[  135.203076][ T8753] loop5: detected capacity change from 0 to 128
[  135.213121][ T8753] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  135.227476][ T8753] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  135.274595][ T8755] loop3: detected capacity change from 0 to 512
[  135.303568][ T7370] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  135.336907][ T8755] EXT4-fs (loop3): orphan cleanup on readonly fs
[  135.344607][ T8755] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  135.368313][ T8755] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  135.413807][ T8758] loop5: detected capacity change from 0 to 128
[  135.446223][ T8755] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.1863: attempt to clear invalid blocks 2 len 1
[  135.505174][ T8755] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1863: invalid indirect mapped block 1819239214 (level 0)
[  135.525921][ T8755] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1863: invalid indirect mapped block 1819239214 (level 1)
[  135.563367][ T8755] EXT4-fs (loop3): 1 truncate cleaned up
[  135.580849][ T8771] FAULT_INJECTION: forcing a failure.
[  135.580849][ T8771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.603453][ T8771] CPU: 1 UID: 0 PID: 8771 Comm: syz.5.1868 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  135.603488][ T8771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  135.603558][ T8771] Call Trace:
[  135.603566][ T8771]  <TASK>
[  135.603576][ T8771]  __dump_stack+0x1d/0x30
[  135.603664][ T8771]  dump_stack_lvl+0xe8/0x140
[  135.603690][ T8771]  dump_stack+0x15/0x1b
[  135.603712][ T8771]  should_fail_ex+0x265/0x280
[  135.603748][ T8771]  should_fail+0xb/0x20
[  135.603779][ T8771]  should_fail_usercopy+0x1a/0x20
[  135.603798][ T8771]  _copy_to_user+0x20/0xa0
[  135.603904][ T8771]  simple_read_from_buffer+0xb5/0x130
[  135.603933][ T8771]  proc_fail_nth_read+0x10e/0x150
[  135.604011][ T8771]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  135.604075][ T8771]  vfs_read+0x1a0/0x6f0
[  135.604101][ T8771]  ? __rcu_read_unlock+0x4f/0x70
[  135.604203][ T8771]  ? __fget_files+0x184/0x1c0
[  135.604237][ T8771]  ksys_read+0xda/0x1a0
[  135.604273][ T8771]  __x64_sys_read+0x40/0x50
[  135.604301][ T8771]  x64_sys_call+0x27bc/0x2ff0
[  135.604326][ T8771]  do_syscall_64+0xd2/0x200
[  135.604349][ T8771]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  135.604448][ T8771]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  135.604472][ T8771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.604499][ T8771] RIP: 0033:0x7f2ae502d57c
[  135.604518][ T8771] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  135.604542][ T8771] RSP: 002b:00007f2ae368f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  135.604597][ T8771] RAX: ffffffffffffffda RBX: 00007f2ae5255fa0 RCX: 00007f2ae502d57c
[  135.604614][ T8771] RDX: 000000000000000f RSI: 00007f2ae368f0a0 RDI: 0000000000000004
[  135.604682][ T8771] RBP: 00007f2ae368f090 R08: 0000000000000000 R09: 0000000000000000
[  135.604696][ T8771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.604707][ T8771] R13: 0000000000000000 R14: 00007f2ae5255fa0 R15: 00007ffd5a4877c8
[  135.604729][ T8771]  </TASK>
[  135.880363][ T8755] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  135.903159][ T8755] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.3.1863: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  135.967414][ T8766] IPVS: set_ctl: invalid protocol: 115 172.20.20.170:20003
[  136.058886][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.162971][ T8796] loop3: detected capacity change from 0 to 128
[  136.178173][ T8796] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  136.218545][ T8790] lo speed is unknown, defaulting to 1000
[  136.236666][ T8796] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  136.322355][ T7325] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  136.448466][ T8814] loop4: detected capacity change from 0 to 1024
[  136.487365][ T8814] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  136.502579][ T8814] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  136.536207][ T8814] JBD2: no valid journal superblock found
[  136.547864][ T8814] EXT4-fs (loop4): Could not load journal inode
[  136.687909][ T8828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1893'.
[  136.719758][ T8824] lo speed is unknown, defaulting to 1000
[  136.865039][ T8835] capability: warning: `syz.1.1895' uses 32-bit capabilities (legacy support in use)
[  136.907801][ T8837] netlink: 'syz.0.1896': attribute type 10 has an invalid length.
[  136.944347][ T8839] loop1: detected capacity change from 0 to 128
[  136.954416][ T8839] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  136.975162][ T8837] team0: Port device dummy0 added
[  136.975716][ T8839] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  137.012239][ T8837] netlink: 'syz.0.1896': attribute type 10 has an invalid length.
[  137.038841][ T7319] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  137.057663][ T8837] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  137.078878][ T8846] loop1: detected capacity change from 0 to 512
[  137.103123][ T8846] EXT4-fs (loop1): orphan cleanup on readonly fs
[  137.111367][ T8846] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  137.137393][ T8837] team0: Failed to send options change via netlink (err -105)
[  137.157251][ T8846] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  137.179177][ T8837] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  137.184877][ T8846] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.1899: attempt to clear invalid blocks 2 len 1
[  137.224409][ T8846] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1899: invalid indirect mapped block 1819239214 (level 0)
[  137.224530][ T8837] team0: Port device dummy0 removed
[  137.231683][ T8837] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  137.274759][ T8846] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1899: invalid indirect mapped block 1819239214 (level 1)
[  137.311487][   T29] kauditd_printk_skb: 413 callbacks suppressed
[  137.311564][   T29] audit: type=1326 audit(1754137192.572:12993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.344556][ T8846] EXT4-fs (loop1): 1 truncate cleaned up
[  137.347617][   T29] audit: type=1326 audit(1754137192.572:12994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.364822][ T8846] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.380006][   T29] audit: type=1326 audit(1754137192.572:12995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.421129][   T29] audit: type=1326 audit(1754137192.572:12996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.447029][   T29] audit: type=1326 audit(1754137192.572:12997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.477646][   T29] audit: type=1326 audit(1754137192.572:12998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.505264][   T29] audit: type=1326 audit(1754137192.572:12999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.535473][   T29] audit: type=1326 audit(1754137192.572:13000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.546758][ T8846] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.1.1899: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  137.563288][   T29] audit: type=1326 audit(1754137192.572:13001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.563326][   T29] audit: type=1326 audit(1754137192.572:13002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8848 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9721eb69 code=0x7ffc0000
[  137.696777][ T8859] loop5: detected capacity change from 0 to 128
[  137.751587][ T8863] lo speed is unknown, defaulting to 1000
[  137.815870][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.837275][ T8861] loop4: detected capacity change from 0 to 128
[  137.862075][ T8861] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  137.897519][ T8869] loop5: detected capacity change from 0 to 4096
[  137.908573][ T8872] loop3: detected capacity change from 0 to 128
[  137.916998][ T8872] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  137.953080][ T8869] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.967809][ T8861] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  137.983303][ T8869] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.020970][ T8872] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  138.063703][ T8869] FAULT_INJECTION: forcing a failure.
[  138.063703][ T8869] name failslab, interval 1, probability 0, space 0, times 0
[  138.079444][ T8869] CPU: 1 UID: 0 PID: 8869 Comm: syz.5.1908 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  138.079478][ T8869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  138.079522][ T8869] Call Trace:
[  138.079529][ T8869]  <TASK>
[  138.079536][ T8869]  __dump_stack+0x1d/0x30
[  138.079557][ T8869]  dump_stack_lvl+0xe8/0x140
[  138.079587][ T8869]  dump_stack+0x15/0x1b
[  138.079608][ T8869]  should_fail_ex+0x265/0x280
[  138.079710][ T8869]  should_failslab+0x8c/0xb0
[  138.079871][ T8869]  kmem_cache_alloc_noprof+0x50/0x310
[  138.079897][ T8869]  ? __anon_vma_prepare+0x70/0x2f0
[  138.079931][ T8869]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  138.079990][ T8869]  __anon_vma_prepare+0x70/0x2f0
[  138.080080][ T8869]  do_wp_page+0x1926/0x24e0
[  138.080108][ T8869]  ? __lruvec_stat_mod_folio+0xd6/0x120
[  138.080141][ T8869]  ? css_rstat_updated+0xb7/0x240
[  138.080200][ T8869]  ? __rcu_read_lock+0x37/0x50
[  138.080225][ T8869]  handle_mm_fault+0x77d/0x2c20
[  138.080266][ T8869]  do_user_addr_fault+0x636/0x1090
[  138.080332][ T8869]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  138.080370][ T8869]  exc_page_fault+0x62/0xa0
[  138.080389][ T8869]  asm_exc_page_fault+0x26/0x30
[  138.080413][ T8869] RIP: 0033:0x7f2ae4ef0ce3
[  138.080431][ T8869] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  138.080529][ T8869] RSP: 002b:00007f2ae368e4a0 EFLAGS: 00010202
[  138.080544][ T8869] RAX: 0000000000000400 RBX: 00007f2ae368e540 RCX: 00007f2adb26f000
[  138.080556][ T8869] RDX: 00007f2ae368e6e0 RSI: 0000000000000011 RDI: 00007f2ae368e5e0
[  138.080567][ T8869] RBP: 00000000000000f9 R08: 000000000000000a R09: 00000000000003be
[  138.080581][ T8869] R10: 00000000000003cc R11: 00007f2ae368e540 R12: 0000000000000001
[  138.080596][ T8869] R13: 00007f2ae50cd940 R14: 0000000000000020 R15: 00007f2ae368e5e0
[  138.080619][ T8869]  </TASK>
[  138.080642][ T8869] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  138.257824][ T8882] lo speed is unknown, defaulting to 1000
[  138.299350][ T8869] loop5: detected capacity change from 0 to 512
[  138.326493][ T7370] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  138.344700][ T7366] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  138.363878][ T8869] EXT4-fs: Ignoring removed nobh option
[  138.435881][ T8869] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.1908: corrupted inode contents
[  138.472561][ T8869] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.1908: mark_inode_dirty error
[  138.515860][ T8869] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.1908: corrupted inode contents
[  138.574044][ T8869] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.1908: mark_inode_dirty error
[  138.590468][ T8869] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1908: Failed to acquire dquot type 0
[  138.625026][ T8869] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1908: corrupted inode contents
[  138.662316][ T8869] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.1908: mark_inode_dirty error
[  138.684104][ T8869] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1908: corrupted inode contents
[  138.698789][ T8903] loop3: detected capacity change from 0 to 1024
[  138.708682][ T8903] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  138.722127][ T8903] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  138.734285][ T8903] JBD2: no valid journal superblock found
[  138.740635][ T8903] EXT4-fs (loop3): Could not load journal inode
[  138.749069][ T8869] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.1908: mark_inode_dirty error
[  138.762734][ T8869] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1908: corrupted inode contents
[  138.779063][ T8869] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  138.790859][ T8869] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.1908: corrupted inode contents
[  138.805344][ T8869] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.1908: mark_inode_dirty error
[  138.819777][ T8869] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  138.834559][ T8869] EXT4-fs (loop5): 1 truncate cleaned up
[  138.842071][ T8869] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.877468][ T8869] ext4 filesystem being mounted at /351/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.912587][ T8869] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.132563][ T8924] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1923'.
[  139.143268][ T8924] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1923'.
[  139.172937][ T8925] FAULT_INJECTION: forcing a failure.
[  139.172937][ T8925] name failslab, interval 1, probability 0, space 0, times 0
[  139.187473][ T8925] CPU: 1 UID: 0 PID: 8925 Comm: syz.3.1927 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  139.187530][ T8925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  139.187547][ T8925] Call Trace:
[  139.187556][ T8925]  <TASK>
[  139.187566][ T8925]  __dump_stack+0x1d/0x30
[  139.187588][ T8925]  dump_stack_lvl+0xe8/0x140
[  139.187607][ T8925]  dump_stack+0x15/0x1b
[  139.187655][ T8925]  should_fail_ex+0x265/0x280
[  139.187765][ T8925]  should_failslab+0x8c/0xb0
[  139.187797][ T8925]  kmem_cache_alloc_node_noprof+0x57/0x320
[  139.187827][ T8925]  ? __alloc_skb+0x101/0x320
[  139.187856][ T8925]  __alloc_skb+0x101/0x320
[  139.187973][ T8925]  nexthop_notify+0x1b7/0x2d0
[  139.188001][ T8925]  remove_nexthop+0x4e/0x110
[  139.188021][ T8925]  rtm_del_nexthop+0x356/0x370
[  139.188044][ T8925]  ? __pfx_rtm_del_nexthop+0x10/0x10
[  139.188066][ T8925]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  139.188132][ T8925]  netlink_rcv_skb+0x123/0x220
[  139.188229][ T8925]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  139.188257][ T8925]  rtnetlink_rcv+0x1c/0x30
[  139.188319][ T8925]  netlink_unicast+0x5bd/0x690
[  139.188359][ T8925]  netlink_sendmsg+0x58b/0x6b0
[  139.188439][ T8925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.188479][ T8925]  __sock_sendmsg+0x142/0x180
[  139.188544][ T8925]  ____sys_sendmsg+0x31e/0x4e0
[  139.188590][ T8925]  ___sys_sendmsg+0x17b/0x1d0
[  139.188650][ T8925]  __x64_sys_sendmsg+0xd4/0x160
[  139.188958][ T8925]  x64_sys_call+0x191e/0x2ff0
[  139.188989][ T8925]  do_syscall_64+0xd2/0x200
[  139.189099][ T8925]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  139.189131][ T8925]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  139.189157][ T8925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.189254][ T8925] RIP: 0033:0x7f58458ceb69
[  139.189273][ T8925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.189297][ T8925] RSP: 002b:00007f5843f37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.189321][ T8925] RAX: ffffffffffffffda RBX: 00007f5845af5fa0 RCX: 00007f58458ceb69
[  139.189337][ T8925] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000008
[  139.189353][ T8925] RBP: 00007f5843f37090 R08: 0000000000000000 R09: 0000000000000000
[  139.189368][ T8925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.189392][ T8925] R13: 0000000000000000 R14: 00007f5845af5fa0 R15: 00007ffeb4c995a8
[  139.189411][ T8925]  </TASK>
[  139.531621][ T8936] loop3: detected capacity change from 0 to 1024
[  139.539993][ T8936] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  139.551556][ T8936] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  139.565009][ T8936] JBD2: no valid journal superblock found
[  139.571339][ T8936] EXT4-fs (loop3): Could not load journal inode
[  139.591297][ T8938] 9pnet: Unknown protocol version Pp2000
[  139.821102][ T8961] loop3: detected capacity change from 0 to 512
[  139.835833][ T8961] EXT4-fs (loop3): orphan cleanup on readonly fs
[  139.843042][ T8961] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  139.904206][ T8961] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  139.963744][ T8961] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.1941: attempt to clear invalid blocks 2 len 1
[  140.017379][ T8976] FAULT_INJECTION: forcing a failure.
[  140.017379][ T8976] name failslab, interval 1, probability 0, space 0, times 0
[  140.032677][ T8976] CPU: 0 UID: 0 PID: 8976 Comm: syz.4.1947 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  140.032712][ T8976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  140.032727][ T8976] Call Trace:
[  140.032735][ T8976]  <TASK>
[  140.032744][ T8976]  __dump_stack+0x1d/0x30
[  140.032766][ T8976]  dump_stack_lvl+0xe8/0x140
[  140.032785][ T8976]  dump_stack+0x15/0x1b
[  140.032800][ T8976]  should_fail_ex+0x265/0x280
[  140.032837][ T8976]  should_failslab+0x8c/0xb0
[  140.032871][ T8976]  kmem_cache_alloc_noprof+0x50/0x310
[  140.032902][ T8976]  ? vm_area_dup+0x33/0x2c0
[  140.032939][ T8976]  vm_area_dup+0x33/0x2c0
[  140.032981][ T8976]  __split_vma+0xe9/0x650
[  140.033012][ T8976]  ? mas_find+0x5d5/0x700
[  140.033036][ T8976]  vms_gather_munmap_vmas+0x2a5/0x7a0
[  140.033063][ T8976]  mmap_region+0x53f/0x1630
[  140.033105][ T8976]  ? sidtab_context_to_sid+0x5d/0x5e0
[  140.033144][ T8976]  ? mls_compute_sid+0x139/0x560
[  140.033176][ T8976]  ? mls_context_isvalid+0x85/0x1f0
[  140.033230][ T8976]  do_mmap+0x9b3/0xbe0
[  140.033273][ T8976]  vm_mmap_pgoff+0x17a/0x2e0
[  140.033332][ T8976]  ksys_mmap_pgoff+0x2d0/0x310
[  140.033375][ T8976]  x64_sys_call+0x14a3/0x2ff0
[  140.033400][ T8976]  do_syscall_64+0xd2/0x200
[  140.033430][ T8976]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  140.033461][ T8976]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  140.033488][ T8976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.033515][ T8976] RIP: 0033:0x7fce9721eb69
[  140.033534][ T8976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.033556][ T8976] RSP: 002b:00007fce95887038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  140.033579][ T8976] RAX: ffffffffffffffda RBX: 00007fce97445fa0 RCX: 00007fce9721eb69
[  140.033594][ T8976] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000200000000000
[  140.033609][ T8976] RBP: 00007fce95887090 R08: ffffffffffffffff R09: 0000000000000000
[  140.033623][ T8976] R10: 0000000000042073 R11: 0000000000000246 R12: 0000000000000001
[  140.033639][ T8976] R13: 0000000000000000 R14: 00007fce97445fa0 R15: 00007fffc1ea3708
[  140.033664][ T8976]  </TASK>
[  140.033780][ T8961] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1941: invalid indirect mapped block 1819239214 (level 0)
[  140.246583][ T8981] lo speed is unknown, defaulting to 1000
[  140.331379][ T8961] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1941: invalid indirect mapped block 1819239214 (level 1)
[  140.359099][ T8961] EXT4-fs (loop3): 1 truncate cleaned up
[  140.387719][ T8961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  140.420170][ T8992] loop5: detected capacity change from 0 to 512
[  140.434484][ T8992] EXT4-fs (loop5): orphan cleanup on readonly fs
[  140.444478][ T8992] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  140.457558][ T8961] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.3.1941: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  140.458872][ T8992] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  140.507684][ T8992] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.1953: attempt to clear invalid blocks 2 len 1
[  140.534482][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.534657][ T8992] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1953: invalid indirect mapped block 1819239214 (level 0)
[  140.570778][ T8992] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1953: invalid indirect mapped block 1819239214 (level 1)
[  140.627066][ T9006] loop4: detected capacity change from 0 to 128
[  140.629690][ T8992] EXT4-fs (loop5): 1 truncate cleaned up
[  140.679724][ T8992] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  140.738312][ T8992] EXT4-fs error (device loop5): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.5.1953: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  140.831696][ T3524] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.894194][ T9012] loop4: detected capacity change from 0 to 1024
[  140.903511][ T9012] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.911263][ T9012] EXT4-fs: Ignoring removed nobh option
[  140.917346][ T9012] EXT4-fs: Ignoring removed bh option
[  140.943602][ T9012] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.057476][ T9028] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1966'.
[  141.107151][ T9028] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1966'.
[  141.166919][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.184594][ T9035] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.197248][ T9035] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.204434][ T9037] loop4: detected capacity change from 0 to 128
[  141.206212][ T9035] bridge0: entered allmulticast mode
[  141.233191][ T9040] loop3: detected capacity change from 0 to 512
[  141.255137][ T9040] EXT4-fs (loop3): orphan cleanup on readonly fs
[  141.263380][ T9040] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  141.273894][ T9040] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  141.291953][ T9035] bridge_slave_1: left allmulticast mode
[  141.292922][ T9040] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.1970: attempt to clear invalid blocks 2 len 1
[  141.298470][ T9035] bridge_slave_1: left promiscuous mode
[  141.323205][ T9035] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.331037][ T9040] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1970: invalid indirect mapped block 1819239214 (level 0)
[  141.346903][ T9035] bridge_slave_0: left allmulticast mode
[  141.354040][ T9035] bridge_slave_0: left promiscuous mode
[  141.355140][ T9040] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1970: invalid indirect mapped block 1819239214 (level 1)
[  141.360489][ T9035] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.387585][ T9040] EXT4-fs (loop3): 1 truncate cleaned up
[  141.398866][ T9040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.423647][ T9040] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.3.1970: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0
[  141.459038][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.704626][ T9070] loop4: detected capacity change from 0 to 128
[  141.720144][ T9067] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1979'.
[  141.726584][ T9070] openvswitch: netlink: Message has 6 unknown bytes.
[  141.825814][ T9075] macvlan1: entered promiscuous mode
[  141.835159][ T9075] ipvlan0: entered promiscuous mode
[  141.850962][ T9075] ipvlan0: left promiscuous mode
[  141.867012][ T9075] macvlan1: left promiscuous mode
[  141.893521][ T9079] loop3: detected capacity change from 0 to 128
[  141.901940][ T9079] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  141.916151][ T9079] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  141.945624][ T7370] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  141.994440][ T9085] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  141.997662][ T9090] loop3: detected capacity change from 0 to 128
[  142.013912][ T9090] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  142.018696][ T9085] SELinux: failed to load policy
[  142.035081][ T9090] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  142.068470][ T7349] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  142.098308][ T9096] loop5: detected capacity change from 0 to 512
[  142.113485][ T9096] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.130659][ T9099] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1992'.
[  142.141708][ T9099] 0·: renamed from hsr0 (while UP)
[  142.149897][ T9099] 0·: entered allmulticast mode
[  142.155353][ T9099] hsr_slave_0: entered allmulticast mode
[  142.163774][ T9099] hsr_slave_1: entered allmulticast mode
[  142.170799][ T9099] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  142.199020][ T9101] loop4: detected capacity change from 0 to 512
[  142.206551][ T9101] EXT4-fs: Ignoring removed mblk_io_submit option
[  142.215787][ T9101] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  142.238494][ T9101] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.254409][ T9101] ext4 filesystem being mounted at /403/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.273200][ T9101] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.1993: corrupted xattr block 19: overlapping e_value 
[  142.290714][ T9101] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  142.301915][ T9101] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.1993: corrupted xattr block 19: overlapping e_value 
[  142.317137][ T9101] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  142.328220][   T29] kauditd_printk_skb: 414 callbacks suppressed
[  142.328225][ T9101] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.1993: corrupted xattr block 19: overlapping e_value 
[  142.328366][   T29] ==================================================================
[  142.328412][   T29] BUG: KCSAN: data-race in data_push_tail / string
[  142.328463][   T29] 
[  142.328472][   T29] write to 0xffffffff88e4fee0 of 1 bytes by task 9101 on cpu 1:
[  142.328488][   T29]  string+0x187/0x220
[  142.328515][   T29]  vsnprintf+0x532/0x890
[  142.328550][   T29]  vscnprintf+0x41/0x90
[  142.328582][   T29]  printk_sprint+0x30/0x2d0
[  142.328630][   T29]  vprintk_store+0x599/0x860
[  142.328668][   T29]  vprintk_emit+0x178/0x650
[  142.329076][   T29]  vprintk_default+0x26/0x30
[  142.329109][   T29]  vprintk+0x1d/0x30
[  142.329133][   T29]  _printk+0x79/0xa0
[  142.329162][   T29]  __ext4_error_inode+0x2ca/0x3f0
[  142.329201][   T29]  check_xattrs+0x25e/0x7d0
[  142.329229][   T29]  ext4_xattr_get+0x1ed/0x470
[  142.329254][   T29]  ext4_xattr_security_get+0x32/0x40
[  142.329276][   T29]  __vfs_getxattr+0x2aa/0x2c0
[  142.329298][   T29]  inode_doinit_use_xattr+0x7a/0x2d0
[  142.329326][   T29]  inode_doinit_with_dentry+0x596/0x7a0
[  142.329350][   T29]  selinux_inode_getxattr+0x102/0x210
[  142.329380][   T29]  security_inode_getxattr+0x7c/0xc0
[  142.329411][   T29]  vfs_getxattr+0x8c/0x250
[  142.329436][   T29]  do_getxattr+0x124/0x2a0
[  142.329461][   T29]  filename_getxattr+0xac/0x180
[  142.329487][   T29]  __x64_sys_getxattr+0x112/0x140
[  142.329516][   T29]  x64_sys_call+0x2f41/0x2ff0
[  142.329543][   T29]  do_syscall_64+0xd2/0x200
[  142.329572][   T29]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.329596][   T29] 
[  142.329603][   T29] read to 0xffffffff88e4fee0 of 8 bytes by task 29 on cpu 0:
[  142.329626][   T29]  data_push_tail+0xfd/0x420
[  142.329666][   T29]  data_alloc+0xbf/0x2b0
[  142.329697][   T29]  prb_reserve+0x808/0xaf0
[  142.329732][   T29]  vprintk_store+0x56d/0x860
[  142.329769][   T29]  vprintk_emit+0x178/0x650
[  142.329791][   T29]  _printk_deferred+0x82/0xb0
[  142.329823][   T29]  ___ratelimit+0x4b1/0x4f0
[  142.329845][   T29]  __printk_ratelimit+0x1c/0x30
[  142.329875][   T29]  kauditd_hold_skb+0x63/0x1c0
[  142.329896][   T29]  kauditd_send_queue+0x273/0x2c0
[  142.329934][   T29]  kauditd_thread+0x421/0x630
[  142.329972][   T29]  kthread+0x489/0x510
[  142.329995][   T29]  ret_from_fork+0xdd/0x150
[  142.330015][   T29]  ret_from_fork_asm+0x1a/0x30
[  142.330036][   T29] 
[  142.330041][   T29] value changed: 0x00000000ffffecfc -> 0x72747461785f3474
[  142.330054][   T29] 
[  142.330060][   T29] Reported by Kernel Concurrency Sanitizer on:
[  142.330077][   T29] CPU: 0 UID: 0 PID: 29 Comm: kauditd Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  142.330111][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  142.330128][   T29] ==================================================================
[  142.330236][   T29] audit: type=1400 audit(1754137197.602:13413): avc:  denied  { read } for  pid=9100 comm="syz.4.1993" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  142.341972][ T9101] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  142.755442][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.944042][ T3524] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.