last executing test programs:

2.206070217s ago: executing program 4 (id=2738):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x60, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_NAT_SRC={0x4}]}, 0x60}}, 0x0)

2.021041721s ago: executing program 4 (id=2741):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x20}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.971430322s ago: executing program 1 (id=2742):
socket$inet(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
sendfile(r0, r0, 0x0, 0x800000009)

1.823206714s ago: executing program 4 (id=2743):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x20}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x108}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.618618158s ago: executing program 2 (id=2744):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1802000000000000000000000110000085100000010000009500000000000000180100002020732500000000002020207b1af8ff00000000bfa10000000000000500000000000000a502000008180000b703000000000028850000007600000018000000090000000000000005ebff0095"], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = syz_open_dev$usbfs(&(0x7f0000000380), 0xffffffff, 0x42080)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x8008551d, &(0x7f00000004c0)={0x181a, 0x6, [{0xb}, {0x1}, {0xc}, {}, {0x3}, {0x6c, 0x1}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0xf1, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000023"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r5}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)
r7 = syz_open_dev$rtc(&(0x7f0000000040), 0x0, 0x20000)
ioctl$RTC_UIE_ON(r7, 0x7003)

1.574044689s ago: executing program 4 (id=2745):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x26f2e217, 0x4ba}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x7ffff000)
fallocate(r2, 0x0, 0x0, 0x1001f0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)

1.569436539s ago: executing program 3 (id=2746):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_hsr\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}, {0x0, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x3000c81c)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
semget$private(0x0, 0x4000, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x12, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}, @sadb_x_nat_t_type={0x1, 0x14, 0x2}]}, 0x90}, 0x1, 0x7}, 0x0)

1.52202505s ago: executing program 1 (id=2747):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x26f2e217, 0x4ba}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x7ffff000)
fallocate(r2, 0x0, 0x0, 0x1001f0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)

1.470444541s ago: executing program 3 (id=2748):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000)
shmdt(r3)
rt_tgsigqueueinfo(0x0, 0x0, 0x9, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
write$P9_RGETLOCK(r2, &(0x7f0000000640)=ANY=[], 0x200002e6)
fcntl$setpipe(r2, 0x407, 0x7000000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
io_setup(0x3ff, &(0x7f0000000500))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001000000800000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000100000000000000000000000000000009dc446b2097f7d06bcec46e502ce44b04e5dfda79c48d274eaed09c820c65c96e0ca472329934a628e367cd27f45c8de2360182a8dbfdf7e9222fafe18e4a1521c475ee5ea3408db25c51bb9c221ebe74f63c77e3b882d156618c5e51f3c1624707f87a9b3b20954a0df1d176fe045e446fd1dac987903ffc89ecef55cfbaf21e3c098d02cef91c24152b42e94d685e5bfb1163ecd5edb3cda75005d5ea9d7d86b12616ebdae34f36140ddf0530d1065c1325c36f970709758166efce443cceec3bb"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000070000b7080000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xd, 0x0, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x40, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0xfe, 0x20, 0x0, 0x0, 0x7, 0x90540, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000000), 0x9}, 0x114894, 0x10000, 0x4, 0x7, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRESHEX=r1, @ANYRES16=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.305434345s ago: executing program 4 (id=2750):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket(0x18, 0x800, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x64, 0x0, 0x1, 0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}, @empty}, {0x11, 0x7c, 0x0, @multicast2}}}}}, 0x0)
sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f08", 0xd}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000e00)={[{@jqfmt_vfsold}, {@nojournal_checksum}, {@nodelalloc}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@jqfmt_vfsold}, {@journal_dev={'journal_dev', 0x3d, 0x800}}, {@nobh}, {@inlinecrypt}, {@grpquota}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = creat(&(0x7f0000000000)='./file1\x00', 0x14c)
fallocate(r3, 0x0, 0xbf5, 0x2000402)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x3, 0x4)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r5, 0x1, 0x8, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)

1.102865609s ago: executing program 0 (id=2751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
time(0x0)

1.03661061s ago: executing program 0 (id=2752):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
acct(0xfffffffffffffffe)

995.41775ms ago: executing program 0 (id=2753):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

965.282581ms ago: executing program 2 (id=2754):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

941.837571ms ago: executing program 3 (id=2755):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x5453, 0x200000000000000)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
pipe2(&(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
ppoll(&(0x7f00000000c0)=[{r5, 0x2292}], 0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
fcntl$setpipe(r4, 0x407, 0x8001a0)

922.978492ms ago: executing program 0 (id=2756):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

872.750803ms ago: executing program 0 (id=2757):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa, 0x1ff}, 0x1100, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="8b33000000000000000005"], 0x28}}, 0x0)

872.122283ms ago: executing program 1 (id=2758):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='kfree\x00', r0}, 0x18)
pipe(0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x4ffe6, 0x0)

871.115233ms ago: executing program 2 (id=2759):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x108}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0x7000000)

810.478434ms ago: executing program 0 (id=2760):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x8040)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
close(r3)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x8, &(0x7f00000000c0)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$caif_stream(0x25, 0x1, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/l2cap\x00')
preadv(r4, &(0x7f0000002540)=[{0x0}], 0x1, 0x47fff, 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001a00010000000000000000000a000000000000000000000006001d000000000006001c000000000008001900", @ANYRES32], 0x44}}, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x4182, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0xffffffff, 0xff}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x94eb2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0xd4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

810.291194ms ago: executing program 1 (id=2761):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x34, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x98}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close(r1)

794.152095ms ago: executing program 2 (id=2762):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
time(0x0)

776.567185ms ago: executing program 1 (id=2763):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x108}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

751.864965ms ago: executing program 2 (id=2764):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_hsr\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}, {0x0, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x3000c81c)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="0439000025"], 0x33fe0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
semget$private(0x0, 0x4000, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x12, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}, @sadb_x_nat_t_type={0x1, 0x14, 0x2}]}, 0x90}, 0x1, 0x7}, 0x0)

720.849876ms ago: executing program 2 (id=2765):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = gettid()
timer_create(0x9, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x9, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4ea1, @loopback}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffd74, 0x40004, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
socket$key(0xf, 0x3, 0x2)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="900000000002010400000000000000000a00fffc040001803c0003800c000280050001003a0000002c00018014000300e300000000000000000000000000000014000400000000000000000000000000000000003c0002800c00028005000100000000002c000180140003"], 0x90}, 0x1, 0x0, 0x0, 0x448c4}, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000001280)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES32], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x43d, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000000104010100000000000000000d0000040500010001"], 0x34}}, 0x44084)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, 0x1, 0x4, 0x401, 0x0, 0x0, {0x3, 0x0, 0x4}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x1}, @NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x20000040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x13)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fstatfs(0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000f2ffffff7a8af8ff00000000bfa200000000000007020000f8ffff04000300800000ec00b70400000001000085000000c300000095a833bc4646f64f1a7e8e7b1d0c9a189447f396947525cd641e0916bce298cec587a7dc4e40cfba431e1f7d6cea93443fdb0443645a5976ef9d2c5598b2c5ad5c664da7c574f1b10f79740c3049fa8e210cd551812c59d356aa493e00a0c6ce53306454d6577f4f6fadf083450c5d465bb286559f63ae69bd30c705625278b15df681b1c073465dde5c6a915cd24835ef8fc5d778b030b7c3262d7609126b09765a3a461de4da50fde5d0e8aa7d576d717e25c86263e08c74e6e75c885c3ec0212b842aa929992cf466e6e970a559e271173451f6833404bdf9f6e09e60c0eadedc81f8853d77d89f"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x54, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x8001}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x54}}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

681.582577ms ago: executing program 1 (id=2766):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r1)
syz_usb_connect(0x4, 0x24, &(0x7f0000000480)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r1, 0x40095505, 0x0)

240.579575ms ago: executing program 4 (id=2767):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x64, 0x0, 0x1, 0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}, @empty}, {0x11, 0x7c, 0x0, @multicast2}}}}}, 0x0)
sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000e00)={[{@jqfmt_vfsold}, {@nojournal_checksum}, {@nodelalloc}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@jqfmt_vfsold}, {@journal_dev={'journal_dev', 0x3d, 0x800}}, {@nobh}, {@inlinecrypt}, {@grpquota}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = creat(&(0x7f0000000000)='./file1\x00', 0x14c)
fallocate(r3, 0x0, 0xbf5, 0x2000402)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x3, 0x4)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, 0x0, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)

84.297168ms ago: executing program 3 (id=2768):
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000880)={[{@mblk_io_submit}, {@dioread_lock}, {@quota}, {@bsdgroups}], [{@fsmagic={'fsmagic', 0x3d, 0x4000}}, {@seclabel}, {@subj_user={'subj_user', 0x3d, '$[\xb7(^}-}%{-'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@audit}, {@pcr={'pcr', 0x3d, 0x25}}, {@permit_directio}, {@func={'func', 0x3d, 'PATH_CHECK'}}, {@fsuuid={'fsuuid', 0x3d, {[0x62, 0x30, 0x51, 0x62, 0x31, 0x37, 0x38, 0x66], 0x2d, [0x63, 0x33, 0x63, 0x66], 0x2d, [0x35, 0x36, 0x66, 0x65], 0x2d, [0x63, 0x30, 0x37, 0x34], 0x2d, [0x63, 0x0, 0x61, 0x37, 0x61, 0x0, 0x61, 0x63]}}}, {@euid_eq}]}, 0x2, 0x5ad, &(0x7f0000002340)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

24.410389ms ago: executing program 3 (id=2769):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

0s ago: executing program 3 (id=2770):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa, 0x1ff}, 0x1100, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="8b33000000000000000005"], 0x28}}, 0x0)

kernel console output (not intermixed with test programs):

0
[  188.519094][T10444]  ip_set_alloc+0x1f/0x30
[  188.519177][T10444]  hash_netiface_create+0x282/0x740
[  188.519203][T10444]  ? __pfx_hash_netiface_create+0x10/0x10
[  188.519226][T10444]  ip_set_create+0x3c9/0x960
[  188.519258][T10444]  ? __nla_parse+0x40/0x60
[  188.519307][T10444]  nfnetlink_rcv_msg+0x4c3/0x590
[  188.519379][T10444]  netlink_rcv_skb+0x123/0x220
[  188.519406][T10444]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  188.519497][T10444]  nfnetlink_rcv+0x16b/0x1690
[  188.519651][T10444]  ? nlmon_xmit+0x4f/0x60
[  188.519713][T10444]  ? consume_skb+0x49/0x150
[  188.519740][T10444]  ? nlmon_xmit+0x4f/0x60
[  188.519791][T10444]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  188.519827][T10444]  ? __dev_queue_xmit+0x1200/0x2000
[  188.519890][T10444]  ? __dev_queue_xmit+0x182/0x2000
[  188.519924][T10444]  ? ref_tracker_free+0x37d/0x3e0
[  188.519966][T10444]  ? __netlink_deliver_tap+0x4dc/0x500
[  188.520056][T10444]  netlink_unicast+0x5bd/0x690
[  188.520087][T10444]  netlink_sendmsg+0x58b/0x6b0
[  188.520120][T10444]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.520145][T10444]  __sock_sendmsg+0x145/0x180
[  188.520243][T10444]  ____sys_sendmsg+0x31e/0x4e0
[  188.520315][T10444]  ___sys_sendmsg+0x17b/0x1d0
[  188.520415][T10444]  __x64_sys_sendmsg+0xd4/0x160
[  188.520447][T10444]  x64_sys_call+0x191e/0x2ff0
[  188.520542][T10444]  do_syscall_64+0xd2/0x200
[  188.520646][T10444]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  188.520687][T10444]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  188.520724][T10444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.520847][T10444] RIP: 0033:0x7fe35c21eec9
[  188.520868][T10444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.520911][T10444] RSP: 002b:00007fe35ac87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  188.520936][T10444] RAX: ffffffffffffffda RBX: 00007fe35c475fa0 RCX: 00007fe35c21eec9
[  188.520974][T10444] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  188.520992][T10444] RBP: 00007fe35c2a1f91 R08: 0000000000000000 R09: 0000000000000000
[  188.521009][T10444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  188.521026][T10444] R13: 00007fe35c476038 R14: 00007fe35c475fa0 R15: 00007ffe060fb928
[  188.521052][T10444]  </TASK>
[  188.521062][T10444] memory: usage 307200kB, limit 307200kB, failcnt 714
[  188.873732][T10444] memory+swap: usage 307552kB, limit 9007199254740988kB, failcnt 0
[  188.881947][T10444] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  188.889520][T10444] Memory cgroup stats for /syz2:
[  188.890207][T10444] cache 0
[  188.898161][T10444] rss 0
[  188.900965][T10444] shmem 0
[  188.903991][T10444] mapped_file 0
[  188.907467][T10444] dirty 0
[  188.910554][T10444] writeback 0
[  188.913900][T10444] workingset_refault_anon 209
[  188.919189][T10444] workingset_refault_file 2029
[  188.924088][T10444] swap 360448
[  188.927398][T10444] swapcached 0
[  188.930818][T10444] pgpgin 169234
[  188.934506][T10444] pgpgout 169231
[  188.938189][T10444] pgfault 192951
[  188.941819][T10444] pgmajfault 156
[  188.945432][T10444] inactive_anon 0
[  188.949194][T10444] active_anon 0
[  188.952763][T10444] inactive_file 0
[  188.956568][T10444] active_file 12288
[  188.960639][T10444] unevictable 0
[  188.964451][T10444] hierarchical_memory_limit 314572800
[  188.969941][T10444] hierarchical_memsw_limit 9223372036854771712
[  188.976145][T10444] total_cache 0
[  188.979748][T10444] total_rss 0
[  188.983077][T10444] total_shmem 0
[  188.986567][T10444] total_mapped_file 0
[  188.987333][T10480] netlink: 'syz.1.2226': attribute type 30 has an invalid length.
[  188.990647][T10444] total_dirty 0
[  188.990659][T10444] total_writeback 0
[  188.990670][T10444] total_workingset_refault_anon 209
[  188.990717][T10444] total_workingset_refault_file 2029
[  189.016601][T10444] total_swap 360448
[  189.020514][T10444] total_swapcached 0
[  189.024626][T10444] total_pgpgin 169235
[  189.028697][T10444] total_pgpgout 169232
[  189.032846][T10444] total_pgfault 192960
[  189.037012][T10444] total_pgmajfault 156
[  189.041186][T10444] total_inactive_anon 0
[  189.045493][T10444] total_active_anon 0
[  189.049591][T10444] total_inactive_file 0
[  189.054279][T10444] total_active_file 12288
[  189.058773][T10444] total_unevictable 0
[  189.062886][T10444] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2215,pid=10443,uid=0
[  189.077935][T10444] Memory cgroup out of memory: Killed process 10443 (syz.2.2215) total-vm:93956kB, anon-rss:1132kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  189.228714][T10493] loop1: detected capacity change from 0 to 512
[  189.266169][T10493] ext4 filesystem being mounted at /442/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  189.290277][T10489] loop4: detected capacity change from 0 to 2048
[  189.404810][T10508] __nla_validate_parse: 1 callbacks suppressed
[  189.404830][T10508] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2236'.
[  189.641858][T10521] loop1: detected capacity change from 0 to 1024
[  189.659454][T10522] loop2: detected capacity change from 0 to 2048
[  189.660023][T10521] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  189.711482][T10526] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.2244'.
[  189.734362][T10524] loop4: detected capacity change from 0 to 2048
[  189.762118][T10526] loop1: detected capacity change from 0 to 1024
[  189.774144][T10526] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  189.785312][T10526] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  189.794096][T10526] EXT4-fs (loop1): orphan cleanup on readonly fs
[  189.800932][T10526] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  189.816233][T10526] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  189.830900][T10526] EXT4-fs (loop1): 1 truncate cleaned up
[  189.934607][T10537] loop1: detected capacity change from 0 to 2048
[  190.000496][T10542] loop2: detected capacity change from 0 to 512
[  190.016641][T10543] loop4: detected capacity change from 0 to 512
[  190.025393][T10542] ext4 filesystem being mounted at /486/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  190.051285][T10543] EXT4-fs warning (device loop4): ext4_xattr_inode_get:542: inode #11: comm syz.4.2248: ea_inode file size=4 entry size=6
[  190.072859][T10543] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2248: corrupted inode contents
[  190.101208][T10543] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #15: comm syz.4.2248: mark_inode_dirty error
[  190.118380][T10549] netlink: 14560 bytes leftover after parsing attributes in process `syz.3.2249'.
[  190.127567][T10543] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2248: corrupted inode contents
[  190.141779][T10543] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #15: comm syz.4.2248: mark_inode_dirty error
[  190.156307][T10543] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #15: comm syz.4.2248: mark inode dirty (error -117)
[  190.169458][T10543] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  190.171660][T10549] loop3: detected capacity change from 0 to 1024
[  190.180440][T10543] EXT4-fs (loop4): 1 orphan inode deleted
[  190.198153][T10549] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  190.232903][T10549] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  190.249470][T10549] EXT4-fs (loop3): orphan cleanup on readonly fs
[  190.292742][T10553] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2250'.
[  190.306283][T10549] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  190.320989][T10549] EXT4-fs (loop3): Cannot turn on quotas: error -5
[  190.329170][T10556] FAULT_INJECTION: forcing a failure.
[  190.329170][T10556] name failslab, interval 1, probability 0, space 0, times 0
[  190.342284][T10556] CPU: 1 UID: 0 PID: 10556 Comm: syz.4.2251 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  190.342319][T10556] Tainted: [W]=WARN
[  190.342334][T10556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  190.342352][T10556] Call Trace:
[  190.342380][T10556]  <TASK>
[  190.342389][T10556]  __dump_stack+0x1d/0x30
[  190.342411][T10556]  dump_stack_lvl+0xe8/0x140
[  190.342431][T10556]  dump_stack+0x15/0x1b
[  190.342452][T10556]  should_fail_ex+0x265/0x280
[  190.342583][T10556]  should_failslab+0x8c/0xb0
[  190.342610][T10556]  kmem_cache_alloc_noprof+0x50/0x310
[  190.342651][T10556]  ? getname_flags+0x80/0x3b0
[  190.342721][T10556]  getname_flags+0x80/0x3b0
[  190.342757][T10556]  __se_sys_acct+0x3d/0x490
[  190.342793][T10556]  __x64_sys_acct+0x1f/0x30
[  190.342883][T10556]  x64_sys_call+0x2f2b/0x2ff0
[  190.342905][T10556]  do_syscall_64+0xd2/0x200
[  190.342950][T10556]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  190.342981][T10556]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  190.343078][T10556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.343107][T10556] RIP: 0033:0x7faf77c9eec9
[  190.343127][T10556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.343150][T10556] RSP: 002b:00007faf76707038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  190.343184][T10556] RAX: ffffffffffffffda RBX: 00007faf77ef5fa0 RCX: 00007faf77c9eec9
[  190.343201][T10556] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 9999999999999999
[  190.343219][T10556] RBP: 00007faf76707090 R08: 0000000000000000 R09: 0000000000000000
[  190.343236][T10556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.343262][T10556] R13: 00007faf77ef6038 R14: 00007faf77ef5fa0 R15: 00007ffc827e3738
[  190.343294][T10556]  </TASK>
[  190.563425][T10549] EXT4-fs (loop3): 1 truncate cleaned up
[  190.650836][T10563] netlink: 14560 bytes leftover after parsing attributes in process `syz.3.2255'.
[  190.667948][T10560] usb usb9: usbfs: process 10560 (syz.1.2253) did not claim interface 0 before use
[  190.688791][T10563] loop3: detected capacity change from 0 to 1024
[  190.738704][T10563] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  190.776604][T10563] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  190.794390][T10563] EXT4-fs (loop3): orphan cleanup on readonly fs
[  190.811412][T10563] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  190.826318][T10563] EXT4-fs (loop3): Cannot turn on quotas: error -5
[  190.834068][T10570] netlink: 'syz.1.2257': attribute type 30 has an invalid length.
[  190.909201][T10563] EXT4-fs (loop3): 1 truncate cleaned up
[  190.922669][T10563] EXT4-fs mount: 148 callbacks suppressed
[  190.922689][T10563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  190.943064][T10575] netlink: 'syz.0.2259': attribute type 30 has an invalid length.
[  190.952832][   T29] kauditd_printk_skb: 74 callbacks suppressed
[  190.952847][   T29] audit: type=1326 audit(1759114229.915:8290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.007032][   T29] audit: type=1326 audit(1759114229.955:8291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.030838][   T29] audit: type=1326 audit(1759114229.955:8292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.056104][   T29] audit: type=1326 audit(1759114229.955:8293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.081407][   T29] audit: type=1326 audit(1759114229.955:8294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.106165][   T29] audit: type=1326 audit(1759114229.955:8295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.131001][   T29] audit: type=1326 audit(1759114229.955:8296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.155488][   T29] audit: type=1326 audit(1759114229.955:8297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.179518][   T29] audit: type=1326 audit(1759114229.955:8298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.188939][T10580] loop1: detected capacity change from 0 to 2048
[  191.203573][   T29] audit: type=1326 audit(1759114229.955:8299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10562 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  191.240978][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.281934][T10580] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.530519][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.586630][T10596] gretap1: entered allmulticast mode
[  191.624863][T10597] netlink: 14560 bytes leftover after parsing attributes in process `syz.2.2265'.
[  191.648640][T10599] loop1: detected capacity change from 0 to 512
[  191.661061][T10597] loop2: detected capacity change from 0 to 1024
[  191.675303][T10597] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  191.696943][T10582] can0: slcan on ttyS3.
[  191.710382][T10599] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2264: invalid indirect mapped block 4294967295 (level 1)
[  191.731868][T10597] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  191.735769][T10599] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2264: invalid indirect mapped block 4294967295 (level 1)
[  191.755654][T10599] EXT4-fs (loop1): 2 truncates cleaned up
[  191.759870][T10597] EXT4-fs (loop2): orphan cleanup on readonly fs
[  191.762363][T10599] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.832786][T10592] can0 (unregistered): slcan off ttyS3.
[  191.853916][T10597] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  191.868547][T10597] EXT4-fs (loop2): Cannot turn on quotas: error -5
[  191.878721][T10616] loop4: detected capacity change from 0 to 512
[  191.885966][T10616] EXT4-fs: Ignoring removed mblk_io_submit option
[  191.903330][T10597] EXT4-fs (loop2): 1 truncate cleaned up
[  191.909934][T10616] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  191.921724][T10597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  191.947695][T10616] EXT4-fs (loop4): 1 truncate cleaned up
[  191.972876][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.986925][T10616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.060725][T10628] loop3: detected capacity change from 0 to 1024
[  192.070093][T10626] loop2: detected capacity change from 0 to 1024
[  192.116102][T10628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.144179][T10626] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.157244][T10636] netlink: 'syz.4.2266': attribute type 39 has an invalid length.
[  192.180959][T10626] sch_fq: defrate 4294967295 ignored.
[  192.213930][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.228554][T10626] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2267: Allocating blocks 449-513 which overlap fs metadata
[  192.254363][T10625] EXT4-fs (loop2): pa ffff88810724a150: logic 48, phys. 177, len 21
[  192.262423][T10625] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  192.322234][T10644] loop3: detected capacity change from 0 to 1024
[  192.385630][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.398063][T10644] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.466898][T10648] loop2: detected capacity change from 0 to 1024
[  192.483809][T10644] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2269: Allocating blocks 449-513 which overlap fs metadata
[  192.502402][T10648] EXT4-fs: Ignoring removed nobh option
[  192.508120][T10648] EXT4-fs: inline encryption not supported
[  192.527599][T10643] EXT4-fs (loop3): pa ffff88810724a3f0: logic 48, phys. 177, len 21
[  192.535982][T10643] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  192.581560][T10648] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.609192][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.641072][T10656] pim6reg1: entered promiscuous mode
[  192.646705][T10656] pim6reg1: entered allmulticast mode
[  192.655156][T10648] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2271: Allocating blocks 497-513 which overlap fs metadata
[  192.691497][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.696321][T10648] EXT4-fs (loop2): pa ffff8881072b47e0: logic 16, phys. 129, len 24
[  192.708975][T10648] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  192.756272][T10660] loop1: detected capacity change from 0 to 2048
[  192.775622][T10660] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.817242][T10665] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.896726][T10665] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.936605][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.980215][T10665] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.025275][T10672] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.2278'.
[  193.049391][T10672] loop1: detected capacity change from 0 to 1024
[  193.058069][T10665] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.063288][T10672] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  193.090528][T10672] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  193.101067][T10672] EXT4-fs (loop1): orphan cleanup on readonly fs
[  193.108822][T10672] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  193.124027][T10672] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  193.131459][T10672] EXT4-fs (loop1): 1 truncate cleaned up
[  193.137722][T10672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.191213][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.217501][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.230352][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.232096][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.248975][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.291004][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.329869][T10678] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2279'.
[  193.347978][T10679] netlink: 14560 bytes leftover after parsing attributes in process `syz.2.2281'.
[  193.400373][T10679] loop2: detected capacity change from 0 to 1024
[  193.416939][T10681] netlink: 'syz.1.2282': attribute type 30 has an invalid length.
[  193.428339][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.445446][T10679] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  193.481484][T10679] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  193.503331][T10679] EXT4-fs (loop2): orphan cleanup on readonly fs
[  193.535296][T10679] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  193.550273][T10679] EXT4-fs (loop2): Cannot turn on quotas: error -5
[  193.569323][T10679] EXT4-fs (loop2): 1 truncate cleaned up
[  193.575572][T10679] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.595319][T10689] loop4: detected capacity change from 0 to 512
[  193.612109][T10689] EXT4-fs warning (device loop4): ext4_xattr_inode_get:542: inode #11: comm syz.4.2284: ea_inode file size=4 entry size=6
[  193.635707][T10689] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2284: corrupted inode contents
[  193.649021][T10693] loop1: detected capacity change from 0 to 2048
[  193.655391][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.670850][T10689] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #15: comm syz.4.2284: mark_inode_dirty error
[  193.696760][T10693] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.709208][T10696] loop3: detected capacity change from 0 to 2048
[  193.709674][T10689] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2284: corrupted inode contents
[  193.741011][T10689] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #15: comm syz.4.2284: mark_inode_dirty error
[  193.754719][T10689] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #15: comm syz.4.2284: mark inode dirty (error -117)
[  193.768877][T10689] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  193.778623][T10689] EXT4-fs (loop4): 1 orphan inode deleted
[  193.785271][T10689] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.793319][T10696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.824587][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.891266][T10709] loop2: detected capacity change from 0 to 1024
[  193.899006][T10709] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  193.928546][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.933643][T10707] netlink: 'syz.4.2289': attribute type 30 has an invalid length.
[  193.982051][T10714] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.2293'.
[  193.999724][T10714] loop1: detected capacity change from 0 to 1024
[  194.010408][T10714] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  194.029180][T10714] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  194.038972][T10714] EXT4-fs (loop1): orphan cleanup on readonly fs
[  194.046226][T10714] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  194.061065][T10714] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  194.071880][T10714] EXT4-fs (loop1): 1 truncate cleaned up
[  194.079811][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.100936][T10714] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.130856][T10722] loop4: detected capacity change from 0 to 1024
[  194.143474][T10722] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  194.174381][T10722] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  194.202851][T10722] EXT4-fs (loop4): orphan cleanup on readonly fs
[  194.210380][T10722] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  194.225271][T10722] EXT4-fs (loop4): Cannot turn on quotas: error -5
[  194.234807][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.251290][T10727] loop3: detected capacity change from 0 to 1024
[  194.260464][T10727] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  194.304837][T10722] EXT4-fs (loop4): 1 truncate cleaned up
[  194.312228][T10730] loop1: detected capacity change from 0 to 512
[  194.333864][T10722] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.350012][T10730] EXT4-fs warning (device loop1): ext4_xattr_inode_get:542: inode #11: comm syz.1.2300: ea_inode file size=4 entry size=6
[  194.376333][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.390909][T10730] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.2300: corrupted inode contents
[  194.405891][T10730] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #15: comm syz.1.2300: mark_inode_dirty error
[  194.420661][T10739] __nla_validate_parse: 2 callbacks suppressed
[  194.420677][T10739] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2303'.
[  194.437451][T10730] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.2300: corrupted inode contents
[  194.452719][T10730] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #15: comm syz.1.2300: mark_inode_dirty error
[  194.472168][T10741] loop4: detected capacity change from 0 to 2048
[  194.485367][T10730] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #15: comm syz.1.2300: mark inode dirty (error -117)
[  194.503612][T10730] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  194.513903][T10730] EXT4-fs (loop1): 1 orphan inode deleted
[  194.520475][T10730] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.534323][T10743] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2305'.
[  194.534535][T10741] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.586491][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.647332][T10759] loop3: detected capacity change from 0 to 1024
[  194.659498][T10759] EXT4-fs: Ignoring removed nobh option
[  194.665522][T10759] EXT4-fs: inline encryption not supported
[  194.686721][T10761] netlink: 'syz.0.2311': attribute type 30 has an invalid length.
[  194.700068][T10759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.716061][T10759] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2308: Allocating blocks 497-513 which overlap fs metadata
[  194.731710][T10759] EXT4-fs (loop3): pa ffff88810724a2a0: logic 16, phys. 129, len 24
[  194.739937][T10759] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  194.775812][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.813907][T10765] loop4: detected capacity change from 0 to 1024
[  194.824249][T10765] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  194.883296][T10770] loop4: detected capacity change from 0 to 512
[  194.895965][T10770] EXT4-fs warning (device loop4): ext4_xattr_inode_get:542: inode #11: comm syz.4.2314: ea_inode file size=4 entry size=6
[  194.915823][T10770] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2314: corrupted inode contents
[  194.928552][T10770] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #15: comm syz.4.2314: mark_inode_dirty error
[  194.942851][T10770] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2314: corrupted inode contents
[  194.955449][T10770] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #15: comm syz.4.2314: mark_inode_dirty error
[  194.969635][T10770] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #15: comm syz.4.2314: mark inode dirty (error -117)
[  194.982919][T10770] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  194.995956][T10770] EXT4-fs (loop4): 1 orphan inode deleted
[  195.003006][T10770] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.035078][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.044536][T10779] loop2: detected capacity change from 0 to 2048
[  195.074818][T10779] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.077970][T10782] loop4: detected capacity change from 0 to 2048
[  195.106025][T10782] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.246940][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.283925][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.293753][T10790] loop4: detected capacity change from 0 to 512
[  195.303940][T10790] EXT4-fs warning (device loop4): ext4_xattr_inode_get:542: inode #11: comm syz.4.2320: ea_inode file size=4 entry size=6
[  195.326674][T10790] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2320: corrupted inode contents
[  195.339323][T10790] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #15: comm syz.4.2320: mark_inode_dirty error
[  195.351385][T10790] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2320: corrupted inode contents
[  195.363999][T10790] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #15: comm syz.4.2320: mark_inode_dirty error
[  195.380963][T10790] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #15: comm syz.4.2320: mark inode dirty (error -117)
[  195.394184][T10790] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  195.403468][T10790] EXT4-fs (loop4): 1 orphan inode deleted
[  195.409907][T10790] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.416856][T10795] netlink: 'syz.2.2322': attribute type 30 has an invalid length.
[  195.445090][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.445666][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.513763][T10799] loop3: detected capacity change from 0 to 1024
[  195.522343][T10799] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  195.630730][T10802] loop4: detected capacity change from 0 to 1024
[  195.638996][T10802] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  195.689316][T10806] pim6reg1: entered promiscuous mode
[  195.694895][T10806] pim6reg1: entered allmulticast mode
[  195.736357][T10807] loop1: detected capacity change from 0 to 1024
[  195.744727][T10807] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  195.816995][T10809] loop3: detected capacity change from 0 to 1024
[  195.830973][T10807] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.920832][T10809] EXT4-fs: Ignoring removed nobh option
[  195.926835][T10809] EXT4-fs: inline encryption not supported
[  195.998201][T10814] netlink: 'syz.0.2329': attribute type 30 has an invalid length.
[  196.029300][T10809] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.167547][T10809] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2326: Allocating blocks 497-513 which overlap fs metadata
[  196.188178][T10809] EXT4-fs (loop3): pa ffff88810724a2a0: logic 16, phys. 129, len 24
[  196.196291][T10809] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  196.378536][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.399638][T10825] loop1: detected capacity change from 0 to 512
[  196.410685][T10825] EXT4-fs warning (device loop1): ext4_xattr_inode_get:542: inode #11: comm syz.1.2332: ea_inode file size=4 entry size=6
[  196.425375][T10825] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.2332: corrupted inode contents
[  196.437832][T10825] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #15: comm syz.1.2332: mark_inode_dirty error
[  196.450080][T10825] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.2332: corrupted inode contents
[  196.462428][T10825] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #15: comm syz.1.2332: mark_inode_dirty error
[  196.475082][T10825] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #15: comm syz.1.2332: mark inode dirty (error -117)
[  196.488658][T10825] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  196.498237][T10825] EXT4-fs (loop1): 1 orphan inode deleted
[  196.505788][T10825] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.519058][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.546410][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.578759][T10830] loop1: detected capacity change from 0 to 1024
[  196.586332][T10830] EXT4-fs: Ignoring removed nobh option
[  196.591983][T10830] EXT4-fs: inline encryption not supported
[  196.604585][T10830] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.624231][T10830] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2334: Allocating blocks 497-513 which overlap fs metadata
[  196.639588][T10830] EXT4-fs (loop1): pa ffff88810724a0e0: logic 16, phys. 129, len 24
[  196.647775][T10830] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  196.686367][T10828] can0: slcan on ttyS3.
[  196.743036][T10828] can0 (unregistered): slcan off ttyS3.
[  196.844894][   T29] kauditd_printk_skb: 26 callbacks suppressed
[  196.844971][   T29] audit: type=1326 audit(1759114235.805:8321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  196.887311][   T29] audit: type=1326 audit(1759114235.805:8322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  196.911070][   T29] audit: type=1326 audit(1759114235.805:8323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  196.935804][   T29] audit: type=1326 audit(1759114235.805:8324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  196.956580][T10863] loop3: detected capacity change from 0 to 2048
[  196.959583][   T29] audit: type=1326 audit(1759114235.805:8325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  196.989965][   T29] audit: type=1326 audit(1759114235.805:8326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  197.014544][   T29] audit: type=1326 audit(1759114235.805:8327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4519d8ef03 code=0x7ffc0000
[  197.038002][   T29] audit: type=1326 audit(1759114235.805:8328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4519d8ef03 code=0x7ffc0000
[  197.061630][   T29] audit: type=1326 audit(1759114235.805:8329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  197.085429][   T29] audit: type=1326 audit(1759114235.805:8330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10854 comm="syz.3.2337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  197.127692][T10863] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.173822][T10876] usb usb9: usbfs: process 10876 (syz.4.2340) did not claim interface 0 before use
[  197.239197][T10882] loop4: detected capacity change from 0 to 1024
[  197.252039][T10879] sch_fq: defrate 4294967295 ignored.
[  197.295086][T10882] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.312276][T10882] sch_fq: defrate 4294967295 ignored.
[  197.353354][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.354927][T10882] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2342: Allocating blocks 449-513 which overlap fs metadata
[  197.383243][T10880] EXT4-fs (loop4): pa ffff8881072b4540: logic 48, phys. 177, len 21
[  197.391312][T10880] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  197.430772][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.447204][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.473888][T10886] netlink: 'syz.3.2343': attribute type 30 has an invalid length.
[  197.493607][T10888] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  197.500274][T10888] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  197.507986][T10888] vhci_hcd vhci_hcd.0: Device attached
[  197.534557][T10889] vhci_hcd: connection closed
[  197.534741][   T12] vhci_hcd: stop threads
[  197.543878][   T12] vhci_hcd: release socket
[  197.546593][T10892] loop1: detected capacity change from 0 to 1024
[  197.548306][   T12] vhci_hcd: disconnect device
[  197.565652][T10892] EXT4-fs: Ignoring removed nobh option
[  197.571448][T10892] EXT4-fs: inline encryption not supported
[  197.639465][T10892] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.655437][T10892] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2345: Allocating blocks 497-513 which overlap fs metadata
[  197.673281][T10895] netlink: 'syz.2.2346': attribute type 30 has an invalid length.
[  197.685691][T10892] EXT4-fs (loop1): pa ffff8881072b4850: logic 16, phys. 129, len 24
[  197.693907][T10892] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  197.752675][T10904] loop3: detected capacity change from 0 to 1024
[  197.804319][T10904] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  197.853182][T10911] loop3: detected capacity change from 0 to 1024
[  197.860036][T10911] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  197.906118][T10915] usb usb9: usbfs: process 10915 (syz.3.2353) did not claim interface 0 before use
[  198.152158][T10922] loop4: detected capacity change from 0 to 1024
[  198.204640][T10922] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.224528][T10922] sch_fq: defrate 4294967295 ignored.
[  198.256568][T10922] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2355: Allocating blocks 449-513 which overlap fs metadata
[  198.280723][T10921] EXT4-fs (loop4): pa ffff88810724a0e0: logic 48, phys. 177, len 21
[  198.288928][T10921] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  198.324893][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.392289][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.723576][T10938] sch_fq: defrate 4294967295 ignored.
[  198.778014][T10918] syz.3.2354 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  198.792640][T10918] CPU: 0 UID: 0 PID: 10918 Comm: syz.3.2354 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  198.792751][T10918] Tainted: [W]=WARN
[  198.792765][T10918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  198.792781][T10918] Call Trace:
[  198.792787][T10918]  <TASK>
[  198.792855][T10918]  __dump_stack+0x1d/0x30
[  198.792884][T10918]  dump_stack_lvl+0xe8/0x140
[  198.792911][T10918]  dump_stack+0x15/0x1b
[  198.793000][T10918]  dump_header+0x81/0x220
[  198.793053][T10918]  oom_kill_process+0x342/0x400
[  198.793097][T10918]  out_of_memory+0x979/0xb80
[  198.793217][T10918]  try_charge_memcg+0x5e6/0x9e0
[  198.793259][T10918]  obj_cgroup_charge_pages+0xa6/0x150
[  198.793306][T10918]  __memcg_kmem_charge_page+0x9f/0x170
[  198.793407][T10918]  __alloc_frozen_pages_noprof+0x188/0x360
[  198.793535][T10918]  alloc_pages_mpol+0xb3/0x250
[  198.793626][T10918]  alloc_pages_noprof+0x90/0x130
[  198.793672][T10918]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  198.793784][T10918]  __kvmalloc_node_noprof+0x30f/0x4e0
[  198.793826][T10918]  ? ip_set_alloc+0x1f/0x30
[  198.793851][T10918]  ? ip_set_alloc+0x1f/0x30
[  198.793908][T10918]  ? __kmalloc_cache_noprof+0x189/0x320
[  198.793946][T10918]  ip_set_alloc+0x1f/0x30
[  198.793971][T10918]  hash_netiface_create+0x282/0x740
[  198.794015][T10918]  ? __pfx_hash_netiface_create+0x10/0x10
[  198.794046][T10918]  ip_set_create+0x3c9/0x960
[  198.794081][T10918]  ? __nla_parse+0x40/0x60
[  198.794120][T10918]  nfnetlink_rcv_msg+0x4c3/0x590
[  198.794220][T10918]  netlink_rcv_skb+0x123/0x220
[  198.794260][T10918]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  198.794301][T10918]  nfnetlink_rcv+0x16b/0x1690
[  198.794352][T10918]  ? __list_del_entry_valid_or_report+0x65/0x130
[  198.794451][T10918]  ? __rmqueue_pcplist+0x9d2/0xbd0
[  198.794542][T10918]  ? should_fail_ex+0x30/0x280
[  198.794572][T10918]  ? selinux_nlmsg_lookup+0x99/0x890
[  198.794657][T10918]  ? __rcu_read_unlock+0x34/0x70
[  198.794688][T10918]  ? __netlink_lookup+0x266/0x2a0
[  198.794722][T10918]  netlink_unicast+0x5bd/0x690
[  198.794798][T10918]  netlink_sendmsg+0x58b/0x6b0
[  198.794880][T10918]  ? __pfx_netlink_sendmsg+0x10/0x10
[  198.794970][T10918]  __sock_sendmsg+0x145/0x180
[  198.795014][T10918]  ____sys_sendmsg+0x31e/0x4e0
[  198.795050][T10918]  ___sys_sendmsg+0x17b/0x1d0
[  198.795136][T10918]  __x64_sys_sendmsg+0xd4/0x160
[  198.795176][T10918]  x64_sys_call+0x191e/0x2ff0
[  198.795257][T10918]  do_syscall_64+0xd2/0x200
[  198.795368][T10918]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  198.795397][T10918]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  198.795485][T10918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.795514][T10918] RIP: 0033:0x7f4519d8eec9
[  198.795532][T10918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.795608][T10918] RSP: 002b:00007f45187f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.795631][T10918] RAX: ffffffffffffffda RBX: 00007f4519fe5fa0 RCX: 00007f4519d8eec9
[  198.795709][T10918] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  198.795754][T10918] RBP: 00007f4519e11f91 R08: 0000000000000000 R09: 0000000000000000
[  198.795847][T10918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  198.795860][T10918] R13: 00007f4519fe6038 R14: 00007f4519fe5fa0 R15: 00007ffd76cd5fe8
[  198.795896][T10918]  </TASK>
[  198.795906][T10918] memory: usage 307200kB, limit 307200kB, failcnt 1990
[  199.140420][T10918] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  199.148950][T10918] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  199.156469][T10918] Memory cgroup stats for /syz3:
[  199.156915][T10918] cache 0
[  199.165293][T10918] rss 0
[  199.168378][T10918] shmem 0
[  199.171677][T10918] mapped_file 0
[  199.175188][T10918] dirty 0
[  199.178143][T10918] writeback 0
[  199.181708][T10918] workingset_refault_anon 354
[  199.186518][T10918] workingset_refault_file 3812
[  199.191310][T10918] swap 212992
[  199.194734][T10918] swapcached 0
[  199.198147][T10918] pgpgin 130730
[  199.201774][T10918] pgpgout 130726
[  199.205343][T10918] pgfault 150198
[  199.208954][T10918] pgmajfault 216
[  199.212544][T10918] inactive_anon 0
[  199.216259][T10918] active_anon 0
[  199.219828][T10918] inactive_file 16384
[  199.224026][T10918] active_file 0
[  199.227670][T10918] unevictable 0
[  199.231154][T10918] hierarchical_memory_limit 314572800
[  199.236674][T10918] hierarchical_memsw_limit 9223372036854771712
[  199.243165][T10918] total_cache 0
[  199.246649][T10918] total_rss 0
[  199.250057][T10918] total_shmem 0
[  199.253641][T10918] total_mapped_file 0
[  199.257791][T10918] total_dirty 0
[  199.261416][T10918] total_writeback 0
[  199.265282][T10918] total_workingset_refault_anon 354
[  199.270669][T10918] total_workingset_refault_file 3812
[  199.276565][T10918] total_swap 212992
[  199.280388][T10918] total_swapcached 0
[  199.284359][T10918] total_pgpgin 130730
[  199.288362][T10918] total_pgpgout 130726
[  199.292511][T10918] total_pgfault 150198
[  199.296604][T10918] total_pgmajfault 216
[  199.300846][T10918] total_inactive_anon 0
[  199.305050][T10918] total_active_anon 0
[  199.309134][T10918] total_inactive_file 16384
[  199.313786][T10918] total_active_file 0
[  199.317800][T10918] total_unevictable 0
[  199.321882][T10918] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2354,pid=10917,uid=0
[  199.324675][T10943] loop1: detected capacity change from 0 to 1024
[  199.336834][T10918] Memory cgroup out of memory: Killed process 10917 (syz.3.2354) total-vm:94088kB, anon-rss:1136kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[  199.368322][T10944] loop4: detected capacity change from 0 to 1024
[  199.370404][T10943] EXT4-fs: Ignoring removed nobh option
[  199.375382][T10944] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  199.380672][T10943] EXT4-fs: inline encryption not supported
[  199.482005][T10943] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2363: Allocating blocks 497-513 which overlap fs metadata
[  199.499601][T10955] netlink: 14560 bytes leftover after parsing attributes in process `syz.0.2367'.
[  199.523997][T10956] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2365'.
[  199.556709][T10957] EXT4-fs (loop1): pa ffff88810724a2a0: logic 16, phys. 129, len 24
[  199.564896][T10957] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  199.775533][T10966] can0: slcan on ttyS3.
[  199.822697][T10966] can0 (unregistered): slcan off ttyS3.
[  200.201701][T11009] loop1: detected capacity change from 0 to 1024
[  200.205156][T11011] pim6reg1: entered promiscuous mode
[  200.209530][T11009] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  200.213970][T11011] pim6reg1: entered allmulticast mode
[  200.259870][T11013] loop1: detected capacity change from 0 to 2048
[  200.611166][T11026] netlink: 14560 bytes leftover after parsing attributes in process `syz.3.2384'.
[  200.659309][T11026] loop3: detected capacity change from 0 to 1024
[  200.680404][T11026] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  200.722810][T11026] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  200.731005][T11026] EXT4-fs (loop3): orphan cleanup on readonly fs
[  200.784818][T11026] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  200.799637][T11026] EXT4-fs (loop3): Cannot turn on quotas: error -5
[  200.860742][T11026] EXT4-fs (loop3): 1 truncate cleaned up
[  200.951728][T11031] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2385'.
[  201.129518][T11035] loop3: detected capacity change from 0 to 1024
[  201.136770][T11035] EXT4-fs: Ignoring removed nobh option
[  201.142397][T11035] EXT4-fs: inline encryption not supported
[  201.172446][T11035] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2387: Allocating blocks 497-513 which overlap fs metadata
[  201.214003][T11035] EXT4-fs (loop3): pa ffff88810724a310: logic 16, phys. 129, len 24
[  201.222410][T11035] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  201.244594][T11044] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.2389'.
[  201.288405][T11044] loop1: detected capacity change from 0 to 1024
[  201.317532][T11044] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  201.338098][T11044] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  201.346504][T11044] EXT4-fs (loop1): orphan cleanup on readonly fs
[  201.354916][T11044] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  201.369557][T11044] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  201.378541][T11044] EXT4-fs (loop1): 1 truncate cleaned up
[  201.420810][T11051] loop1: detected capacity change from 0 to 2048
[  201.762439][T11064] loop2: detected capacity change from 0 to 1024
[  201.769666][T11064] EXT4-fs: Ignoring removed nobh option
[  201.775389][T11064] EXT4-fs: inline encryption not supported
[  201.800034][T11064] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2395: Allocating blocks 497-513 which overlap fs metadata
[  201.816074][T11064] EXT4-fs (loop2): pa ffff8881072b4770: logic 16, phys. 129, len 24
[  201.824203][T11064] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  201.856702][T11068] loop4: detected capacity change from 0 to 512
[  201.869828][T11068] EXT4-fs warning (device loop4): ext4_xattr_inode_get:542: inode #11: comm syz.4.2396: ea_inode file size=4 entry size=6
[  201.884626][T11068] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2396: corrupted inode contents
[  201.897227][T11068] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #15: comm syz.4.2396: mark_inode_dirty error
[  201.910448][T11068] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2396: corrupted inode contents
[  201.924421][T11068] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #15: comm syz.4.2396: mark_inode_dirty error
[  201.939205][T11068] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #15: comm syz.4.2396: mark inode dirty (error -117)
[  201.952328][T11068] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  201.961955][T11068] EXT4-fs (loop4): 1 orphan inode deleted
[  202.010994][T11075] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  202.021601][T11075] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  202.043876][T11073] netlink: 'syz.3.2397': attribute type 30 has an invalid length.
[  202.160818][T11080] loop4: detected capacity change from 0 to 512
[  202.175729][T11080] EXT4-fs warning (device loop4): ext4_xattr_inode_get:542: inode #11: comm syz.4.2400: ea_inode file size=4 entry size=6
[  202.210850][T11080] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2400: corrupted inode contents
[  202.233019][T11080] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #15: comm syz.4.2400: mark_inode_dirty error
[  202.246867][T11080] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.2400: corrupted inode contents
[  202.259542][T11080] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #15: comm syz.4.2400: mark_inode_dirty error
[  202.273294][T11080] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #15: comm syz.4.2400: mark inode dirty (error -117)
[  202.286777][T11080] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  202.297540][T11080] EXT4-fs (loop4): 1 orphan inode deleted
[  202.333892][T11089] loop4: detected capacity change from 0 to 1024
[  202.346832][T11085] can0: slcan on ttyS3.
[  202.369257][T11089] sch_fq: defrate 4294967295 ignored.
[  202.382814][T11085] can0 (unregistered): slcan off ttyS3.
[  202.394178][T11089] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2403: Allocating blocks 449-513 which overlap fs metadata
[  202.417263][T11088] EXT4-fs (loop4): pa ffff8881072b4620: logic 48, phys. 177, len 21
[  202.425584][T11088] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  202.459111][T11093] loop1: detected capacity change from 0 to 1024
[  202.513109][   T29] kauditd_printk_skb: 72 callbacks suppressed
[  202.513130][   T29] audit: type=1326 audit(1759114241.475:8401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  202.544474][   T29] audit: type=1326 audit(1759114241.475:8402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  202.568076][   T29] audit: type=1326 audit(1759114241.475:8403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  202.578191][T11093] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2404: Allocating blocks 449-513 which overlap fs metadata
[  202.592606][   T29] audit: type=1326 audit(1759114241.475:8404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  202.630981][   T29] audit: type=1326 audit(1759114241.475:8405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  202.655177][   T29] audit: type=1326 audit(1759114241.475:8406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  202.679373][   T29] audit: type=1326 audit(1759114241.475:8407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  202.703842][   T29] audit: type=1326 audit(1759114241.475:8408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4519d8ef03 code=0x7ffc0000
[  202.727803][   T29] audit: type=1326 audit(1759114241.475:8409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4519d8ef03 code=0x7ffc0000
[  202.751862][   T29] audit: type=1326 audit(1759114241.475:8410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11094 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  202.778682][T11101] netlink: 'syz.4.2407': attribute type 30 has an invalid length.
[  202.796442][T11092] EXT4-fs (loop1): pa ffff8881072b4700: logic 48, phys. 177, len 21
[  202.804848][T11092] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  202.841994][T11105] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2408'.
[  202.858460][T11106] loop3: detected capacity change from 0 to 2048
[  202.906484][T11108] netlink: 'syz.2.2410': attribute type 30 has an invalid length.
[  203.024194][T11117] loop4: detected capacity change from 0 to 1024
[  203.076055][T11117] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2413: Allocating blocks 449-513 which overlap fs metadata
[  203.122068][T11116] EXT4-fs (loop4): pa ffff8881072b4620: logic 48, phys. 177, len 21
[  203.130822][T11116] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  203.254310][T11126] can0: slcan on ttyS3.
[  203.287068][T11135] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2418'.
[  203.312812][T11126] can0 (unregistered): slcan off ttyS3.
[  203.501197][T11150] netlink: 'syz.3.2420': attribute type 30 has an invalid length.
[  203.624722][T11161] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2421'.
[  203.769558][T11177] loop3: detected capacity change from 0 to 512
[  203.805837][T11177] ext4 filesystem being mounted at /439/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  203.942967][T11189] loop2: detected capacity change from 0 to 2048
[  203.970850][T11193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2429'.
[  203.980427][T11193] netlink: 'syz.3.2429': attribute type 30 has an invalid length.
[  204.027158][ T1475] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  204.050181][ T1475] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  204.061909][T11197] loop1: detected capacity change from 0 to 512
[  204.080535][ T1475] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  204.093756][ T3428] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  204.114402][T11197] ext4 filesystem being mounted at /481/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  204.155768][T11202] loop3: detected capacity change from 0 to 1024
[  204.185778][T11204] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2432'.
[  204.226790][T11206] loop1: detected capacity change from 0 to 2048
[  204.254964][T11208] loop2: detected capacity change from 0 to 2048
[  204.498659][T11236] loop1: detected capacity change from 0 to 2048
[  204.508715][T11238] netlink: 14560 bytes leftover after parsing attributes in process `syz.2.2442'.
[  204.534043][T11238] loop2: detected capacity change from 0 to 1024
[  204.540708][T11239] loop4: detected capacity change from 0 to 1024
[  204.548387][T11238] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  204.549941][T11239] EXT4-fs: Ignoring removed nobh option
[  204.564779][T11239] EXT4-fs: inline encryption not supported
[  204.593959][T11239] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2440: Allocating blocks 497-513 which overlap fs metadata
[  204.609732][T11238] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  204.618264][T11238] EXT4-fs (loop2): orphan cleanup on readonly fs
[  204.626358][T11239] EXT4-fs (loop4): pa ffff88810724a230: logic 16, phys. 129, len 24
[  204.634487][T11239] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  204.647514][T11238] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  204.662348][T11238] EXT4-fs (loop2): Cannot turn on quotas: error -5
[  204.670238][T11238] EXT4-fs (loop2): 1 truncate cleaned up
[  204.710117][T11248] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2443'.
[  204.722279][T11248] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2443'.
[  204.731920][T11248] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2443'.
[  204.765197][T11251] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2444'.
[  204.777595][T11253] loop2: detected capacity change from 0 to 1024
[  204.811107][T11257] loop1: detected capacity change from 0 to 2048
[  204.928475][T11262] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2447'.
[  205.069251][T11266] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2448'.
[  205.088811][T11266] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2448'.
[  205.148025][T11268] FAULT_INJECTION: forcing a failure.
[  205.148025][T11268] name failslab, interval 1, probability 0, space 0, times 0
[  205.161133][T11268] CPU: 1 UID: 0 PID: 11268 Comm: syz.1.2449 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  205.161242][T11268] Tainted: [W]=WARN
[  205.161249][T11268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  205.161262][T11268] Call Trace:
[  205.161339][T11268]  <TASK>
[  205.161348][T11268]  __dump_stack+0x1d/0x30
[  205.161374][T11268]  dump_stack_lvl+0xe8/0x140
[  205.161400][T11268]  dump_stack+0x15/0x1b
[  205.161422][T11268]  should_fail_ex+0x265/0x280
[  205.161450][T11268]  should_failslab+0x8c/0xb0
[  205.161483][T11268]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  205.161525][T11268]  ? sidtab_sid2str_get+0xa0/0x130
[  205.161682][T11268]  ? skb_put+0xa9/0xf0
[  205.161709][T11268]  kmemdup_noprof+0x2b/0x70
[  205.161861][T11268]  sidtab_sid2str_get+0xa0/0x130
[  205.161891][T11268]  security_sid_to_context_core+0x1eb/0x2e0
[  205.161916][T11268]  security_sid_to_context+0x27/0x40
[  205.161940][T11268]  avc_audit_post_callback+0x9d/0x520
[  205.162058][T11268]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  205.162118][T11268]  common_lsm_audit+0x1bb/0x230
[  205.162160][T11268]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  205.162191][T11268]  ? avc_denied+0xe4/0x100
[  205.162261][T11268]  slow_avc_audit+0x104/0x140
[  205.162298][T11268]  avc_has_perm+0x13a/0x180
[  205.162328][T11268]  selinux_socket_sendmsg+0x175/0x1b0
[  205.162387][T11268]  security_socket_sendmsg+0x48/0x80
[  205.162510][T11268]  __sock_sendmsg+0x30/0x180
[  205.162549][T11268]  __sys_sendto+0x268/0x330
[  205.162586][T11268]  __x64_sys_sendto+0x76/0x90
[  205.162644][T11268]  x64_sys_call+0x2d05/0x2ff0
[  205.162701][T11268]  do_syscall_64+0xd2/0x200
[  205.162751][T11268]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  205.162780][T11268]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  205.162853][T11268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.162889][T11268] RIP: 0033:0x7f84e80beec9
[  205.162909][T11268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.162928][T11268] RSP: 002b:00007f84e6b27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  205.163024][T11268] RAX: ffffffffffffffda RBX: 00007f84e8315fa0 RCX: 00007f84e80beec9
[  205.163092][T11268] RDX: 000000000000ffd8 RSI: 0000200000000080 RDI: 0000000000000003
[  205.163110][T11268] RBP: 00007f84e6b27090 R08: 0000000000000000 R09: 0000000000000000
[  205.163127][T11268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.163144][T11268] R13: 00007f84e8316038 R14: 00007f84e8315fa0 R15: 00007ffff4f3e338
[  205.163171][T11268]  </TASK>
[  205.499217][T11279] netlink: 14560 bytes leftover after parsing attributes in process `syz.0.2454'.
[  205.507089][T11280] loop1: detected capacity change from 0 to 512
[  205.536714][T11281] loop4: detected capacity change from 0 to 1024
[  205.570927][T11281] EXT4-fs: Ignoring removed nobh option
[  205.576625][T11281] EXT4-fs: inline encryption not supported
[  205.591206][T11280] ext4 filesystem being mounted at /490/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  205.634372][T11281] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2451: Allocating blocks 497-513 which overlap fs metadata
[  205.700154][T11292] EXT4-fs (loop4): pa ffff8881072b4620: logic 16, phys. 129, len 24
[  205.708374][T11292] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  206.376540][T11316] loop1: detected capacity change from 0 to 512
[  206.427826][T11320] loop3: detected capacity change from 0 to 1024
[  206.444830][T11316] EXT4-fs warning (device loop1): ext4_xattr_inode_get:542: inode #11: comm syz.1.2464: ea_inode file size=4 entry size=6
[  206.471277][T11322] loop4: detected capacity change from 0 to 1024
[  206.523526][T11320] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2468: Allocating blocks 449-513 which overlap fs metadata
[  206.555422][T11316] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.2464: corrupted inode contents
[  206.584225][T11316] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #15: comm syz.1.2464: mark_inode_dirty error
[  206.603400][T11329] netlink: 'syz.0.2470': attribute type 30 has an invalid length.
[  206.613221][T11319] EXT4-fs (loop3): pa ffff8881072b4620: logic 48, phys. 177, len 21
[  206.621925][T11319] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  206.625158][T11316] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.2464: corrupted inode contents
[  206.646083][T11316] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #15: comm syz.1.2464: mark_inode_dirty error
[  206.660780][T11316] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #15: comm syz.1.2464: mark inode dirty (error -117)
[  206.674192][T11316] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  206.683543][T11316] EXT4-fs (loop1): 1 orphan inode deleted
[  206.701914][T11334] loop4: detected capacity change from 0 to 2048
[  206.830453][T11343] loop3: detected capacity change from 0 to 1024
[  206.917531][T11345] loop1: detected capacity change from 0 to 164
[  206.982132][T11345] Unable to read rock-ridge attributes
[  207.010794][T11343] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2472: Allocating blocks 449-513 which overlap fs metadata
[  207.028762][T11345] Unable to read rock-ridge attributes
[  207.078416][T11342] EXT4-fs (loop3): pa ffff88810724a230: logic 48, phys. 177, len 21
[  207.086570][T11342] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  207.111032][T11352] loop2: detected capacity change from 0 to 2048
[  207.309937][T11367] loop1: detected capacity change from 0 to 2048
[  207.446374][T11364] can0: slcan on ttyS3.
[  207.502899][T11364] can0 (unregistered): slcan off ttyS3.
[  207.574916][T11377] loop4: detected capacity change from 0 to 1024
[  207.582056][T11377] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  207.595673][T11375] loop2: detected capacity change from 0 to 2048
[  207.723556][T11383] netlink: 'syz.4.2486': attribute type 30 has an invalid length.
[  207.864999][T11395] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2490'.
[  207.887424][T11401] loop4: detected capacity change from 0 to 1024
[  207.890761][T11403] loop3: detected capacity change from 0 to 1024
[  207.895039][T11401] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  207.912126][T11401] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  207.920632][T11401] EXT4-fs (loop4): orphan cleanup on readonly fs
[  207.942220][T11401] __quota_error: 188 callbacks suppressed
[  207.942240][T11401] Quota error (device loop4): v2_read_file_info: Can't read info structure
[  207.949069][T11403] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  207.967919][T11401] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  207.982447][T11401] EXT4-fs (loop4): Cannot turn on quotas: error -5
[  207.989676][T11403] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  208.000620][T11401] EXT4-fs (loop4): 1 truncate cleaned up
[  208.009543][T11403] EXT4-fs (loop3): orphan cleanup on readonly fs
[  208.022125][T11403] Quota error (device loop3): v2_read_file_info: Can't read info structure
[  208.032888][T11403] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  208.035136][T11410] netlink: 'syz.1.2495': attribute type 30 has an invalid length.
[  208.047763][T11403] EXT4-fs (loop3): Cannot turn on quotas: error -5
[  208.064403][   T29] audit: type=1326 audit(1759114247.025:8598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.4.2492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf77c9eec9 code=0x7ffc0000
[  208.083960][T11403] EXT4-fs (loop3): 1 truncate cleaned up
[  208.088689][   T29] audit: type=1326 audit(1759114247.025:8599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.4.2492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7faf77c9eec9 code=0x7ffc0000
[  208.117728][   T29] audit: type=1326 audit(1759114247.025:8600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.4.2492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf77c9eec9 code=0x7ffc0000
[  208.142030][   T29] audit: type=1326 audit(1759114247.025:8601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.4.2492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf77c9eec9 code=0x7ffc0000
[  208.166657][   T29] audit: type=1326 audit(1759114247.025:8602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.4.2492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf77c9eec9 code=0x7ffc0000
[  208.191006][   T29] audit: type=1326 audit(1759114247.025:8603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.4.2492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faf77c9eec9 code=0x7ffc0000
[  208.215152][   T29] audit: type=1400 audit(1759114247.025:8604): avc:  denied  { create } for  pid=11399 comm="syz.4.2492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  208.235624][   T29] audit: type=1326 audit(1759114247.025:8605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.4.2492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf77c9eec9 code=0x7ffc0000
[  208.312403][T11417] loop3: detected capacity change from 0 to 2048
[  208.360421][T11420] loop4: detected capacity change from 0 to 1024
[  208.367350][T11420] EXT4-fs: Ignoring removed nobh option
[  208.373072][T11420] EXT4-fs: inline encryption not supported
[  208.409300][T11420] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2496: Allocating blocks 497-513 which overlap fs metadata
[  208.418813][T11422] loop1: detected capacity change from 0 to 2048
[  208.431831][T11420] EXT4-fs (loop4): pa ffff8881072b4540: logic 16, phys. 129, len 24
[  208.440294][T11420] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  208.647250][T11433] loop3: detected capacity change from 0 to 2048
[  208.879897][T11446] loop3: detected capacity change from 0 to 1024
[  208.887341][T11446] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  209.008389][T11452] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  209.015054][T11452] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  209.022609][T11452] vhci_hcd vhci_hcd.0: Device attached
[  209.038396][T11453] vhci_hcd: connection closed
[  209.038789][ T3428] vhci_hcd: stop threads
[  209.047999][ T3428] vhci_hcd: release socket
[  209.052544][ T3428] vhci_hcd: disconnect device
[  209.080978][T11456] loop2: detected capacity change from 0 to 1024
[  209.088762][T11456] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  209.100396][T11456] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  209.109106][T11456] EXT4-fs (loop2): orphan cleanup on readonly fs
[  209.116085][T11456] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  209.130702][T11456] EXT4-fs (loop2): Cannot turn on quotas: error -5
[  209.138152][T11456] EXT4-fs (loop2): 1 truncate cleaned up
[  209.225749][T11465] netlink: 'syz.2.2511': attribute type 30 has an invalid length.
[  209.251842][T11467] loop4: detected capacity change from 0 to 1024
[  209.371549][T11477] loop4: detected capacity change from 0 to 1024
[  209.388897][T11477] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  209.429588][T11479] loop2: detected capacity change from 0 to 1024
[  209.478501][T11479] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2517: Allocating blocks 449-513 which overlap fs metadata
[  209.494407][T11471] can0: slcan on ttyS3.
[  209.510758][T11478] EXT4-fs (loop2): pa ffff88810724a310: logic 48, phys. 177, len 21
[  209.519051][T11478] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  209.562860][T11471] can0 (unregistered): slcan off ttyS3.
[  209.676088][T11503] loop1: detected capacity change from 0 to 1024
[  209.692382][T11503] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  209.717001][T11507] loop3: detected capacity change from 0 to 1024
[  209.724063][T11507] EXT4-fs: Ignoring removed nobh option
[  209.729822][T11507] EXT4-fs: inline encryption not supported
[  209.780161][T11507] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2520: Allocating blocks 497-513 which overlap fs metadata
[  209.817623][T11507] EXT4-fs (loop3): pa ffff8881072b45b0: logic 16, phys. 129, len 24
[  209.825992][T11507] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  209.886761][T11496] can0: slcan on ttyS3.
[  209.898562][T11528] __nla_validate_parse: 5 callbacks suppressed
[  209.898580][T11528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2525'.
[  209.914288][T11528] netlink: 'syz.1.2525': attribute type 30 has an invalid length.
[  209.933718][   T31] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  209.945032][   T31] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  209.957245][T11496] can0 (unregistered): slcan off ttyS3.
[  209.976414][  T279] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  209.986847][  T279] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  209.999811][T11536] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2527'.
[  210.039639][T11538] loop1: detected capacity change from 0 to 1024
[  210.055848][T11538] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  210.057400][T11540] loop2: detected capacity change from 0 to 1024
[  210.123951][T11546] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  210.130942][T11546] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  210.138989][T11546] vhci_hcd vhci_hcd.0: Device attached
[  210.147998][T11547] vhci_hcd: connection closed
[  210.148222][ T3428] vhci_hcd: stop threads
[  210.157506][ T3428] vhci_hcd: release socket
[  210.162273][ T3428] vhci_hcd: disconnect device
[  210.238911][T11552] loop4: detected capacity change from 0 to 1024
[  210.246263][T11552] EXT4-fs: Ignoring removed nobh option
[  210.252091][T11552] EXT4-fs: inline encryption not supported
[  210.270971][T11552] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2532: Allocating blocks 497-513 which overlap fs metadata
[  210.287690][T11552] EXT4-fs (loop4): pa ffff8881072b45b0: logic 16, phys. 129, len 24
[  210.295926][T11552] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  210.493783][T11557] loop3: detected capacity change from 0 to 2048
[  210.716463][T11574] loop3: detected capacity change from 0 to 512
[  210.726950][T11574] EXT4-fs warning (device loop3): ext4_xattr_inode_get:542: inode #11: comm syz.3.2540: ea_inode file size=4 entry size=6
[  210.740889][T11574] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.2540: corrupted inode contents
[  210.742342][T11573] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2539'.
[  210.768040][T11574] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.2540: mark_inode_dirty error
[  210.782070][T11574] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.2540: corrupted inode contents
[  210.794997][T11574] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #15: comm syz.3.2540: mark_inode_dirty error
[  210.811770][T11574] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #15: comm syz.3.2540: mark inode dirty (error -117)
[  210.846930][T11581] hub 9-0:1.0: USB hub found
[  210.851794][T11581] hub 9-0:1.0: 8 ports detected
[  210.862627][T11581] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2543'.
[  210.891003][T11574] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  210.926681][T11574] EXT4-fs (loop3): 1 orphan inode deleted
[  210.939892][T11587] loop2: detected capacity change from 0 to 2048
[  210.970544][T11590] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.2547'.
[  211.004711][T11590] loop1: detected capacity change from 0 to 1024
[  211.034054][T11590] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  211.092327][T11590] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  211.103901][T11590] EXT4-fs (loop1): orphan cleanup on readonly fs
[  211.119179][T11590] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  211.133917][T11590] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  211.217581][T11590] EXT4-fs (loop1): 1 truncate cleaned up
[  211.552193][T11604] loop2: detected capacity change from 0 to 2048
[  211.575974][T11602] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  211.582576][T11602] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  211.590483][T11602] vhci_hcd vhci_hcd.0: Device attached
[  211.601680][T11605] vhci_hcd: connection closed
[  211.603857][  T279] vhci_hcd: stop threads
[  211.613020][  T279] vhci_hcd: release socket
[  211.617566][  T279] vhci_hcd: disconnect device
[  211.782790][T11613] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2553'.
[  211.879241][T11621] loop2: detected capacity change from 0 to 1024
[  211.896009][T11623] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2558'.
[  211.906814][T11621] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  211.943426][T11627] loop2: detected capacity change from 0 to 2048
[  211.967422][T11628] loop4: detected capacity change from 0 to 1024
[  211.970218][T11631] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2558'.
[  211.991512][T11628] EXT4-fs: Ignoring removed nobh option
[  212.000171][T11628] EXT4-fs: inline encryption not supported
[  212.040225][T11628] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2559: Allocating blocks 497-513 which overlap fs metadata
[  212.055153][T11628] EXT4-fs (loop4): pa ffff8881072b47e0: logic 16, phys. 129, len 24
[  212.063673][T11628] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  212.189648][T11617] loop3: detected capacity change from 0 to 2048
[  212.199471][T11640] loop2: detected capacity change from 0 to 2048
[  212.233847][ T8127] GPT:first_usable_lbas don't match.
[  212.239213][ T8127] GPT:34 != 290
[  212.242915][ T8127] GPT: Use GNU Parted to correct GPT errors.
[  212.249394][ T8127]  loop3: p1 p2 p3
[  212.261147][T11617] GPT:first_usable_lbas don't match.
[  212.266581][T11617] GPT:34 != 290
[  212.270305][T11617] GPT: Use GNU Parted to correct GPT errors.
[  212.276825][T11617]  loop3: p1 p2 p3
[  212.314471][T11617] 9pnet: Could not find request transport: f
[  212.388960][T11647] loop2: detected capacity change from 0 to 512
[  212.407005][T11647] ext4 filesystem being mounted at /546/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  212.485148][T11653] loop2: detected capacity change from 0 to 1024
[  212.494700][T11653] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  212.520249][T11653] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.2565: iget: bogus i_mode (1)
[  212.532142][T11653] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2565: couldn't read orphan inode 11 (err -117)
[  212.622218][T11657] loop2: detected capacity change from 0 to 2048
[  212.747112][T11664] netlink: 14560 bytes leftover after parsing attributes in process `syz.0.2568'.
[  212.830540][T11672] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  212.837157][T11672] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  212.844765][T11672] vhci_hcd vhci_hcd.0: Device attached
[  212.854259][T11673] vhci_hcd: connection closed
[  212.854826][T10812] vhci_hcd: stop threads
[  212.864089][T10812] vhci_hcd: release socket
[  212.868517][T10812] vhci_hcd: disconnect device
[  212.894802][T11678] netlink: 14560 bytes leftover after parsing attributes in process `syz.2.2573'.
[  212.944607][T11682] loop2: detected capacity change from 0 to 2048
[  213.059639][   T29] kauditd_printk_skb: 175 callbacks suppressed
[  213.059659][   T29] audit: type=1326 audit(1759114252.015:8779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11689 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e80beec9 code=0x7ffc0000
[  213.094765][   T29] audit: type=1326 audit(1759114252.015:8780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11689 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e80beec9 code=0x7ffc0000
[  213.111469][T11692] loop1: detected capacity change from 0 to 1024
[  213.118840][   T29] audit: type=1326 audit(1759114252.015:8781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11689 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f84e80beec9 code=0x7ffc0000
[  213.149687][   T29] audit: type=1326 audit(1759114252.015:8782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11689 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e80beec9 code=0x7ffc0000
[  213.174022][   T29] audit: type=1326 audit(1759114252.015:8783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11689 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e80beec9 code=0x7ffc0000
[  213.224915][   T29] audit: type=1400 audit(1759114252.185:8784): avc:  denied  { bind } for  pid=11695 comm="syz.2.2580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  213.245131][   T29] audit: type=1400 audit(1759114252.185:8785): avc:  denied  { getopt } for  pid=11695 comm="syz.2.2580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  213.300410][T11700] loop2: detected capacity change from 0 to 512
[  213.316005][T11700] EXT4-fs warning (device loop2): ext4_xattr_inode_get:542: inode #11: comm syz.2.2582: ea_inode file size=4 entry size=6
[  213.329361][T11700] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #15: comm syz.2.2582: corrupted inode contents
[  213.344285][T11700] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #15: comm syz.2.2582: mark_inode_dirty error
[  213.356091][T11700] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #15: comm syz.2.2582: corrupted inode contents
[  213.368262][T11700] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #15: comm syz.2.2582: mark_inode_dirty error
[  213.380724][T11700] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #15: comm syz.2.2582: mark inode dirty (error -117)
[  213.393898][T11700] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  213.403274][T11700] EXT4-fs (loop2): 1 orphan inode deleted
[  213.411519][T11704] netlink: 'syz.0.2583': attribute type 30 has an invalid length.
[  213.448236][T11706] loop2: detected capacity change from 0 to 2048
[  213.493392][   T29] audit: type=1326 audit(1759114252.455:8786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11710 comm="syz.0.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaeb1deec9 code=0x7ffc0000
[  213.528306][   T29] audit: type=1326 audit(1759114252.475:8787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11710 comm="syz.0.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbaeb1deec9 code=0x7ffc0000
[  213.553055][   T29] audit: type=1326 audit(1759114252.475:8788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11710 comm="syz.0.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaeb1deec9 code=0x7ffc0000
[  213.748106][T11723] loop4: detected capacity change from 0 to 1024
[  213.844111][T11729] loop2: detected capacity change from 0 to 1024
[  213.859467][T11729] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  213.871211][T11731] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  213.877928][T11731] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  213.885524][T11731] vhci_hcd vhci_hcd.0: Device attached
[  213.894030][T11733] vhci_hcd: connection closed
[  213.894289][  T279] vhci_hcd: stop threads
[  213.903894][  T279] vhci_hcd: release socket
[  213.908606][  T279] vhci_hcd: disconnect device
[  213.929530][T11736] loop2: detected capacity change from 0 to 2048
[  214.106975][T11748] netlink: 'syz.2.2598': attribute type 30 has an invalid length.
[  214.120361][T11750] netlink: 'syz.0.2599': attribute type 30 has an invalid length.
[  214.150859][T11752] loop1: detected capacity change from 0 to 1024
[  214.170489][T11752] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  214.502877][T11772] netlink: 'syz.4.2608': attribute type 30 has an invalid length.
[  214.627689][T11775] loop3: detected capacity change from 0 to 2048
[  214.881527][T11787] loop3: detected capacity change from 0 to 1024
[  214.897612][T11787] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  214.995676][T11789] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  215.036740][T11791] netlink: 'syz.2.2614': attribute type 30 has an invalid length.
[  215.136246][T11794] loop2: detected capacity change from 0 to 512
[  215.156611][T11794] ext4 filesystem being mounted at /560/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  215.300837][T11807] loop1: detected capacity change from 0 to 2048
[  215.314445][T11808] loop4: detected capacity change from 0 to 1024
[  215.321494][T11808] EXT4-fs: Ignoring removed nobh option
[  215.327400][T11808] EXT4-fs: inline encryption not supported
[  215.374443][T11809] __nla_validate_parse: 4 callbacks suppressed
[  215.374464][T11809] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2619'.
[  215.406983][T11808] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2617: Allocating blocks 497-513 which overlap fs metadata
[  215.457249][T11817] EXT4-fs (loop4): pa ffff8881072b4bd0: logic 16, phys. 129, len 24
[  215.465677][T11817] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  215.520799][T11819] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.2621'.
[  215.557609][T11819] loop1: detected capacity change from 0 to 1024
[  215.579172][T11819] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.602657][T11819] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  215.621159][T11819] EXT4-fs (loop1): orphan cleanup on readonly fs
[  215.628175][T11819] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  215.642954][T11819] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  215.669567][T11819] EXT4-fs (loop1): 1 truncate cleaned up
[  215.744806][T11822] loop1: detected capacity change from 0 to 512
[  215.767476][T11822] ext4 filesystem being mounted at /523/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.783996][T11822] EXT4-fs (loop1): shut down requested (0)
[  215.791937][T11822] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  215.801195][T11822] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  215.814135][T11822] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[  215.824801][T11822] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  215.835172][T11822] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[  215.890274][T11828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2622'.
[  215.904637][T11822] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  215.914364][T11828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2622'.
[  215.971776][T11832] loop1: detected capacity change from 0 to 1024
[  216.147684][T11832] sch_fq: defrate 4294967295 ignored.
[  216.166213][T11832] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2625: Allocating blocks 449-513 which overlap fs metadata
[  216.184576][T11831] EXT4-fs (loop1): pa ffff8881072b47e0: logic 48, phys. 177, len 21
[  216.192742][T11831] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  216.222008][T11837] loop4: detected capacity change from 0 to 512
[  216.273822][T11837] ext4 filesystem being mounted at /562/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  216.287356][T11842] netlink: 'syz.0.2628': attribute type 30 has an invalid length.
[  216.397042][T11851] loop3: detected capacity change from 0 to 512
[  216.453378][T11858] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  216.460089][T11858] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  216.467891][T11858] vhci_hcd vhci_hcd.0: Device attached
[  216.474233][T11861] loop2: detected capacity change from 0 to 1024
[  216.482149][T11862] vhci_hcd: connection closed
[  216.482462][T10812] vhci_hcd: stop threads
[  216.492332][T10812] vhci_hcd: release socket
[  216.496967][T10812] vhci_hcd: disconnect device
[  216.501979][T11860] loop4: detected capacity change from 0 to 1024
[  216.502982][T11861] EXT4-fs: Ignoring removed nobh option
[  216.514093][T11861] EXT4-fs: inline encryption not supported
[  216.520593][T11860] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  216.530013][T11851] ext4 filesystem being mounted at /477/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  216.564640][T11861] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2636: Allocating blocks 497-513 which overlap fs metadata
[  216.581268][T11861] EXT4-fs (loop2): pa ffff8881072b45b0: logic 16, phys. 129, len 24
[  216.589918][T11861] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  216.627213][T11869] loop4: detected capacity change from 0 to 1024
[  216.637355][T11869] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  216.650965][T11871] loop3: detected capacity change from 0 to 1024
[  216.691184][T11871] sch_fq: defrate 4294967295 ignored.
[  216.717109][T11871] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2638: Allocating blocks 449-513 which overlap fs metadata
[  216.735812][T11870] EXT4-fs (loop3): pa ffff8881072b47e0: logic 48, phys. 177, len 21
[  216.744017][T11870] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  216.866862][T11879] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2640'.
[  217.223864][T11889] netlink: 'syz.1.2644': attribute type 30 has an invalid length.
[  217.437655][T11895] loop2: detected capacity change from 0 to 2048
[  217.935386][T11903] netlink: 'syz.2.2648': attribute type 30 has an invalid length.
[  218.095674][T11905] loop2: detected capacity change from 0 to 2048
[  218.137390][T11907] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  218.144066][T11907] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  218.152036][T11907] vhci_hcd vhci_hcd.0: Device attached
[  218.189427][T11910] netlink: 'syz.3.2650': attribute type 39 has an invalid length.
[  218.270231][T11916] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2650'.
[  218.280304][T11912] vhci_hcd: connection closed
[  218.282094][   T31] vhci_hcd: stop threads
[  218.291256][   T31] vhci_hcd: release socket
[  218.295900][   T31] vhci_hcd: disconnect device
[  218.352678][ T3395] vhci_hcd: vhci_device speed not set
[  218.413188][   T29] kauditd_printk_skb: 208 callbacks suppressed
[  218.413207][   T29] audit: type=1326 audit(1759114257.375:8996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  218.455567][T11918] loop1: detected capacity change from 0 to 512
[  218.472704][   T29] audit: type=1326 audit(1759114257.375:8997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  218.493963][T11876] loop4: detected capacity change from 0 to 512
[  218.496828][   T29] audit: type=1326 audit(1759114257.375:8998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  218.526868][   T29] audit: type=1326 audit(1759114257.375:8999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  218.551002][   T29] audit: type=1326 audit(1759114257.375:9000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  218.561613][T11925] loop2: detected capacity change from 0 to 2048
[  218.575813][   T29] audit: type=1326 audit(1759114257.375:9001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  218.606416][   T29] audit: type=1326 audit(1759114257.375:9002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  218.630169][   T29] audit: type=1326 audit(1759114257.375:9003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4519d8ef03 code=0x7ffc0000
[  218.642630][T11931] netlink: 'syz.3.2656': attribute type 30 has an invalid length.
[  218.654230][   T29] audit: type=1326 audit(1759114257.375:9004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4519d8ef03 code=0x7ffc0000
[  218.654265][   T29] audit: type=1326 audit(1759114257.375:9005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11920 comm="syz.3.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  218.720279][T11918] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.728697][T11876] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  218.744875][T11876] EXT4-fs (loop4): orphan cleanup on readonly fs
[  218.758428][T11876] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm +}[@: corrupted inode contents
[  218.771557][T11876] EXT4-fs (loop4): Remounting filesystem read-only
[  218.779986][T11876] EXT4-fs (loop4): 1 truncate cleaned up
[  218.785993][T10812] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  218.796606][T10812] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  218.807571][T10812] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  218.920991][T11944] netlink: 'syz.3.2661': attribute type 30 has an invalid length.
[  218.970087][T11940] netlink: 'syz.4.2659': attribute type 30 has an invalid length.
[  218.973027][T11947] loop2: detected capacity change from 0 to 2048
[  219.100301][T11962] pim6reg1: entered promiscuous mode
[  219.105745][T11962] pim6reg1: entered allmulticast mode
[  219.118511][T11963] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2666'.
[  219.178729][T11961] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2665'.
[  219.375689][T11972] loop2: detected capacity change from 0 to 1024
[  219.387460][T11972] EXT4-fs: Ignoring removed nobh option
[  219.393198][T11972] EXT4-fs: inline encryption not supported
[  219.425126][T11972] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2670: Allocating blocks 497-513 which overlap fs metadata
[  219.441061][T11972] EXT4-fs (loop2): pa ffff88810724a4d0: logic 16, phys. 129, len 24
[  219.449458][T11972] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  219.561617][T11979] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  219.568188][T11979] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  219.576312][T11979] vhci_hcd vhci_hcd.0: Device attached
[  219.586224][T11980] vhci_hcd: connection closed
[  219.586501][ T3428] vhci_hcd: stop threads
[  219.595636][ T3428] vhci_hcd: release socket
[  219.600069][ T3428] vhci_hcd: disconnect device
[  219.865623][T11955] syz.3.2665 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  219.880632][T11955] CPU: 1 UID: 0 PID: 11955 Comm: syz.3.2665 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  219.880673][T11955] Tainted: [W]=WARN
[  219.880696][T11955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  219.880745][T11955] Call Trace:
[  219.880754][T11955]  <TASK>
[  219.880764][T11955]  __dump_stack+0x1d/0x30
[  219.880791][T11955]  dump_stack_lvl+0xe8/0x140
[  219.880817][T11955]  dump_stack+0x15/0x1b
[  219.880840][T11955]  dump_header+0x81/0x220
[  219.880945][T11955]  oom_kill_process+0x342/0x400
[  219.880993][T11955]  out_of_memory+0x979/0xb80
[  219.881040][T11955]  try_charge_memcg+0x5e6/0x9e0
[  219.881080][T11955]  obj_cgroup_charge_pages+0xa6/0x150
[  219.881152][T11955]  __memcg_kmem_charge_page+0x9f/0x170
[  219.881188][T11955]  __alloc_frozen_pages_noprof+0x188/0x360
[  219.881237][T11955]  alloc_pages_mpol+0xb3/0x250
[  219.881324][T11955]  alloc_pages_noprof+0x90/0x130
[  219.881443][T11955]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  219.881500][T11955]  __kvmalloc_node_noprof+0x30f/0x4e0
[  219.881532][T11955]  ? ip_set_alloc+0x1f/0x30
[  219.881563][T11955]  ? ip_set_alloc+0x1f/0x30
[  219.881587][T11955]  ? __kmalloc_cache_noprof+0x189/0x320
[  219.881629][T11955]  ip_set_alloc+0x1f/0x30
[  219.881684][T11955]  hash_netiface_create+0x282/0x740
[  219.881708][T11955]  ? __pfx_hash_netiface_create+0x10/0x10
[  219.881736][T11955]  ip_set_create+0x3c9/0x960
[  219.881771][T11955]  ? __nla_parse+0x40/0x60
[  219.881886][T11955]  nfnetlink_rcv_msg+0x4c3/0x590
[  219.881955][T11955]  netlink_rcv_skb+0x123/0x220
[  219.881980][T11955]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  219.882139][T11955]  nfnetlink_rcv+0x16b/0x1690
[  219.882200][T11955]  ? __list_del_entry_valid_or_report+0x65/0x130
[  219.882241][T11955]  ? __rmqueue_pcplist+0x9d2/0xbd0
[  219.882290][T11955]  ? should_fail_ex+0x30/0x280
[  219.882393][T11955]  ? selinux_nlmsg_lookup+0x99/0x890
[  219.882430][T11955]  ? __rcu_read_unlock+0x34/0x70
[  219.882482][T11955]  ? __netlink_lookup+0x266/0x2a0
[  219.882610][T11955]  netlink_unicast+0x5bd/0x690
[  219.882638][T11955]  netlink_sendmsg+0x58b/0x6b0
[  219.882707][T11955]  ? __pfx_netlink_sendmsg+0x10/0x10
[  219.882736][T11955]  __sock_sendmsg+0x145/0x180
[  219.882779][T11955]  ____sys_sendmsg+0x31e/0x4e0
[  219.882817][T11955]  ___sys_sendmsg+0x17b/0x1d0
[  219.882936][T11955]  __x64_sys_sendmsg+0xd4/0x160
[  219.883005][T11955]  x64_sys_call+0x191e/0x2ff0
[  219.883034][T11955]  do_syscall_64+0xd2/0x200
[  219.883072][T11955]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  219.883118][T11955]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  219.883236][T11955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.883315][T11955] RIP: 0033:0x7f4519d8eec9
[  219.883340][T11955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.883369][T11955] RSP: 002b:00007f45187f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.883399][T11955] RAX: ffffffffffffffda RBX: 00007f4519fe5fa0 RCX: 00007f4519d8eec9
[  219.883500][T11955] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  219.883556][T11955] RBP: 00007f4519e11f91 R08: 0000000000000000 R09: 0000000000000000
[  219.883575][T11955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  219.883593][T11955] R13: 00007f4519fe6038 R14: 00007f4519fe5fa0 R15: 00007ffd76cd5fe8
[  219.883621][T11955]  </TASK>
[  219.883814][T11955] memory: usage 307200kB, limit 307200kB, failcnt 4356
[  220.214726][T11987] loop1: detected capacity change from 0 to 1024
[  220.219502][T11955] memory+swap: usage 307368kB, limit 9007199254740988kB, failcnt 0
[  220.244332][T11955] kmem: usage 307136kB, limit 9007199254740988kB, failcnt 0
[  220.252120][T11955] Memory cgroup stats for /syz3:
[  220.291557][T11955] cache 16384
[  220.300669][T11955] rss 0
[  220.303844][T11955] shmem 0
[  220.306801][T11955] mapped_file 0
[  220.310366][T11955] dirty 0
[  220.313610][T11955] writeback 0
[  220.317066][T11955] workingset_refault_anon 492
[  220.321756][T11955] workingset_refault_file 4857
[  220.326724][T11955] swap 184320
[  220.330183][T11955] swapcached 28672
[  220.334012][T11955] pgpgin 169931
[  220.337744][T11955] pgpgout 169915
[  220.341387][T11955] pgfault 189191
[  220.345308][T11955] pgmajfault 321
[  220.348929][T11955] inactive_anon 24576
[  220.353173][T11955] active_anon 4096
[  220.357369][T11955] inactive_file 36864
[  220.361560][T11955] active_file 0
[  220.365801][T11955] unevictable 0
[  220.369581][T11955] hierarchical_memory_limit 314572800
[  220.375771][T11955] hierarchical_memsw_limit 9223372036854771712
[  220.382076][T11955] total_cache 16384
[  220.386123][T11955] total_rss 0
[  220.389430][T11955] total_shmem 0
[  220.392957][T11955] total_mapped_file 0
[  220.397059][T11955] total_dirty 0
[  220.400766][T11955] total_writeback 0
[  220.404796][T11955] total_workingset_refault_anon 492
[  220.410300][T11955] total_workingset_refault_file 4857
[  220.415637][T11955] total_swap 184320
[  220.419792][T11955] total_swapcached 28672
[  220.424164][T11955] total_pgpgin 169931
[  220.428243][T11955] total_pgpgout 169915
[  220.432345][T11955] total_pgfault 189191
[  220.436560][T11955] total_pgmajfault 321
[  220.440762][T11955] total_inactive_anon 24576
[  220.445317][T11955] total_active_anon 4096
[  220.449704][T11955] total_inactive_file 36864
[  220.454356][T11955] total_active_file 0
[  220.458551][T11955] total_unevictable 0
[  220.462638][T11955] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2665,pid=11954,uid=0
[  220.479395][T11955] Memory cgroup out of memory: Killed process 11954 (syz.3.2665) total-vm:94088kB, anon-rss:1244kB, file-rss:22440kB, shmem-rss:88kB, UID:0 pgtables:148kB oom_score_adj:1000
[  220.521640][T11999] FAULT_INJECTION: forcing a failure.
[  220.521640][T11999] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.535422][T11999] CPU: 1 UID: 0 PID: 11999 Comm: syz.2.2676 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  220.535459][T11999] Tainted: [W]=WARN
[  220.535466][T11999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  220.535479][T11999] Call Trace:
[  220.535486][T11999]  <TASK>
[  220.535494][T11999]  __dump_stack+0x1d/0x30
[  220.535518][T11999]  dump_stack_lvl+0xe8/0x140
[  220.535563][T11999]  dump_stack+0x15/0x1b
[  220.535600][T11999]  should_fail_ex+0x265/0x280
[  220.535687][T11999]  should_fail+0xb/0x20
[  220.535715][T11999]  should_fail_usercopy+0x1a/0x20
[  220.535742][T11999]  _copy_from_user+0x1c/0xb0
[  220.535822][T11999]  copy_bpf_fprog_from_user+0x107/0x1e0
[  220.535849][T11999]  sk_setsockopt+0x1513/0x20e0
[  220.535878][T11999]  sock_setsockopt+0x40/0x50
[  220.535969][T11999]  unix_setsockopt+0xe8/0x1e0
[  220.536059][T11999]  ? __pfx_unix_setsockopt+0x10/0x10
[  220.536091][T11999]  __sys_setsockopt+0x184/0x200
[  220.536163][T11999]  __x64_sys_setsockopt+0x64/0x80
[  220.536193][T11999]  x64_sys_call+0x20ec/0x2ff0
[  220.536257][T11999]  do_syscall_64+0xd2/0x200
[  220.536296][T11999]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  220.536379][T11999]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  220.536410][T11999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.536498][T11999] RIP: 0033:0x7fe35c21eec9
[  220.536516][T11999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.536605][T11999] RSP: 002b:00007fe35ac87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  220.536632][T11999] RAX: ffffffffffffffda RBX: 00007fe35c475fa0 RCX: 00007fe35c21eec9
[  220.536710][T11999] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000008
[  220.536727][T11999] RBP: 00007fe35ac87090 R08: 0000000000000010 R09: 0000000000000000
[  220.536745][T11999] R10: 000020000002eff0 R11: 0000000000000246 R12: 0000000000000001
[  220.536761][T11999] R13: 00007fe35c476038 R14: 00007fe35c475fa0 R15: 00007ffe060fb928
[  220.536785][T11999]  </TASK>
[  220.809457][T12007] netlink: 'syz.1.2680': attribute type 30 has an invalid length.
[  220.839993][T12011] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  220.846740][T12011] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  220.854549][T12011] vhci_hcd vhci_hcd.0: Device attached
[  220.866249][T12012] vhci_hcd: connection closed
[  220.866490][   T12] vhci_hcd: stop threads
[  220.875948][   T12] vhci_hcd: release socket
[  220.880459][   T12] vhci_hcd: disconnect device
[  220.975789][T12022] loop1: detected capacity change from 0 to 2048
[  220.995691][T12022] EXT4-fs mount: 164 callbacks suppressed
[  220.995714][T12022] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.032032][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.076303][T12026] loop1: detected capacity change from 0 to 1024
[  221.087417][T12026] EXT4-fs: Ignoring removed nobh option
[  221.093254][T12026] EXT4-fs: inline encryption not supported
[  221.124977][T12026] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.139569][T12026] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2687: Allocating blocks 497-513 which overlap fs metadata
[  221.156392][T12026] EXT4-fs (loop1): pa ffff8881072b4af0: logic 16, phys. 129, len 24
[  221.164831][T12026] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  221.429644][T12036] loop3: detected capacity change from 0 to 1024
[  221.440279][T12036] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  221.570187][T12042] loop3: detected capacity change from 0 to 2048
[  221.595372][T12042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.670571][T12048] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2695'.
[  221.776186][T12051] loop2: detected capacity change from 0 to 1024
[  221.794526][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.797268][T12051] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  221.850877][T12053] loop3: detected capacity change from 0 to 1024
[  221.861185][T12053] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  221.870946][T12055] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2698'.
[  221.932392][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.951615][T12060] netlink: 14560 bytes leftover after parsing attributes in process `syz.3.2701'.
[  222.011018][T12068] pim6reg1: entered promiscuous mode
[  222.016737][T12068] pim6reg1: entered allmulticast mode
[  222.033088][T12070] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.075003][T12074] loop2: detected capacity change from 0 to 1024
[  222.085476][T12074] EXT4-fs: Ignoring removed nobh option
[  222.085548][T12070] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.091189][T12074] EXT4-fs: inline encryption not supported
[  222.126582][T12074] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.164556][T12079] netlink: 'syz.1.2708': attribute type 30 has an invalid length.
[  222.182001][T12081] netlink: 'syz.4.2710': attribute type 30 has an invalid length.
[  222.206420][T12070] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.279346][T12070] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.291774][T12089] loop3: detected capacity change from 0 to 1024
[  222.303210][T12091] FAULT_INJECTION: forcing a failure.
[  222.303210][T12091] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.316616][T12091] CPU: 0 UID: 0 PID: 12091 Comm: syz.4.2713 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  222.316655][T12091] Tainted: [W]=WARN
[  222.316662][T12091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  222.316675][T12091] Call Trace:
[  222.316682][T12091]  <TASK>
[  222.316691][T12091]  __dump_stack+0x1d/0x30
[  222.316714][T12091]  dump_stack_lvl+0xe8/0x140
[  222.316733][T12091]  dump_stack+0x15/0x1b
[  222.316796][T12091]  should_fail_ex+0x265/0x280
[  222.316824][T12091]  should_fail+0xb/0x20
[  222.316865][T12091]  should_fail_usercopy+0x1a/0x20
[  222.316923][T12091]  _copy_from_user+0x1c/0xb0
[  222.316965][T12091]  __sys_bpf+0x178/0x7b0
[  222.317010][T12091]  __x64_sys_bpf+0x41/0x50
[  222.317035][T12091]  x64_sys_call+0x2aea/0x2ff0
[  222.317104][T12091]  do_syscall_64+0xd2/0x200
[  222.317137][T12091]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  222.317237][T12091]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  222.317344][T12091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.317374][T12091] RIP: 0033:0x7faf77c9eec9
[  222.317392][T12091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.317411][T12091] RSP: 002b:00007faf76707038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  222.317445][T12091] RAX: ffffffffffffffda RBX: 00007faf77ef5fa0 RCX: 00007faf77c9eec9
[  222.317458][T12091] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  222.317476][T12091] RBP: 00007faf76707090 R08: 0000000000000000 R09: 0000000000000000
[  222.317494][T12091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.317508][T12091] R13: 00007faf77ef6038 R14: 00007faf77ef5fa0 R15: 00007ffc827e3738
[  222.317534][T12091]  </TASK>
[  222.320143][T12089] EXT4-fs: Ignoring removed nobh option
[  222.503447][T12089] EXT4-fs: inline encryption not supported
[  222.526053][T12089] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.544799][T12095] loop4: detected capacity change from 0 to 1024
[  222.545055][T12089] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2711: Allocating blocks 497-513 which overlap fs metadata
[  222.569951][T12089] EXT4-fs (loop3): pa ffff8881072b4930: logic 16, phys. 129, len 24
[  222.578321][T12089] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  222.582632][T12097] netlink: 14560 bytes leftover after parsing attributes in process `syz.1.2715'.
[  222.597130][T12095] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.618999][T10812] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.627855][T12095] sch_fq: defrate 4294967295 ignored.
[  222.645758][T10812] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.655986][T12101] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2716'.
[  222.665278][T12101] netlink: 'syz.1.2716': attribute type 30 has an invalid length.
[  222.669722][T10812] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.685982][ T3428] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.701176][T12095] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2714: Allocating blocks 449-513 which overlap fs metadata
[  222.720035][T12094] EXT4-fs (loop4): pa ffff8881072b4690: logic 48, phys. 177, len 21
[  222.728362][T12094] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  222.771208][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.806548][T12108] loop1: detected capacity change from 0 to 1024
[  222.815288][T12108] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  222.845379][T12110] pim6reg1: entered promiscuous mode
[  222.850762][T12110] pim6reg1: entered allmulticast mode
[  222.879289][T12112] loop1: detected capacity change from 0 to 1024
[  222.915425][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.925267][T12112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.026221][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.038747][T12120] netlink: 'syz.4.2724': attribute type 30 has an invalid length.
[  223.067465][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.111953][T12123] netlink: 14560 bytes leftover after parsing attributes in process `syz.3.2726'.
[  223.134668][T12126] loop1: detected capacity change from 0 to 512
[  223.147438][T12126] EXT4-fs warning (device loop1): ext4_xattr_inode_get:542: inode #11: comm syz.1.2725: ea_inode file size=4 entry size=6
[  223.203703][T12126] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.2725: corrupted inode contents
[  223.209985][T12131] loop4: detected capacity change from 0 to 1024
[  223.241375][T12126] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #15: comm syz.1.2725: mark_inode_dirty error
[  223.279407][T12131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.301637][T12135] loop3: detected capacity change from 0 to 2048
[  223.325212][T12135] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.345376][T12126] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.2725: corrupted inode contents
[  223.364154][T12131] sch_fq: defrate 4294967295 ignored.
[  223.396480][T12126] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #15: comm syz.1.2725: mark_inode_dirty error
[  223.429223][T12131] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2730: Allocating blocks 449-513 which overlap fs metadata
[  223.445354][T12126] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #15: comm syz.1.2725: mark inode dirty (error -117)
[  223.479529][T12126] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  223.490899][T12130] EXT4-fs (loop4): pa ffff8881072b49a0: logic 48, phys. 177, len 21
[  223.499130][T12130] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  223.514350][T12126] EXT4-fs (loop1): 1 orphan inode deleted
[  223.530701][T12126] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.547019][T12146] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2733'.
[  223.564256][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.607163][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.626549][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.655971][   T29] kauditd_printk_skb: 102 callbacks suppressed
[  223.655993][   T29] audit: type=1326 audit(1759114262.605:9102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  223.687317][   T29] audit: type=1326 audit(1759114262.605:9103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  223.711258][   T29] audit: type=1326 audit(1759114262.605:9104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  223.735322][   T29] audit: type=1326 audit(1759114262.605:9105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  223.759197][   T29] audit: type=1326 audit(1759114262.605:9106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  223.783767][   T29] audit: type=1326 audit(1759114262.605:9107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  223.807574][   T29] audit: type=1326 audit(1759114262.605:9108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4519d8ef03 code=0x7ffc0000
[  223.831611][   T29] audit: type=1326 audit(1759114262.605:9109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4519d8ef03 code=0x7ffc0000
[  223.855784][   T29] audit: type=1326 audit(1759114262.605:9110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  223.879798][   T29] audit: type=1326 audit(1759114262.605:9111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.2734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f4519d8eec9 code=0x7ffc0000
[  223.942086][T12156] loop3: detected capacity change from 0 to 2048
[  224.035824][T12163] netlink: 'syz.4.2741': attribute type 30 has an invalid length.
[  224.074775][T12162] loop2: detected capacity change from 0 to 2048
[  224.083970][T12165] loop1: detected capacity change from 0 to 1024
[  224.092354][T12156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.144290][T12165] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.164963][T12162] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.220629][T12173] netlink: 'syz.4.2743': attribute type 30 has an invalid length.
[  224.333027][T12165] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2742: Allocating blocks 449-513 which overlap fs metadata
[  224.401869][T12164] EXT4-fs (loop1): pa ffff8881072b4e70: logic 48, phys. 177, len 21
[  224.402102][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.410009][T12164] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  224.455631][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.467892][T12178] loop4: detected capacity change from 0 to 2048
[  224.510874][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.552641][T12178] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.627376][T12188] loop1: detected capacity change from 0 to 2048
[  224.679524][T12188] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.823953][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.946087][T12202] loop4: detected capacity change from 0 to 1024
[  224.959282][T12202] EXT4-fs: Ignoring removed nobh option
[  224.965217][T12202] EXT4-fs: inline encryption not supported
[  225.028163][T12202] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.059719][T12208] pim6reg1: entered promiscuous mode
[  225.065419][T12208] pim6reg1: entered allmulticast mode
[  225.106160][T12202] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2750: Allocating blocks 497-513 which overlap fs metadata
[  225.132092][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.163776][T12216] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2757'.
[  225.185728][T12202] EXT4-fs (loop4): pa ffff88810724a690: logic 16, phys. 129, len 24
[  225.194059][T12202] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  225.265771][T12230] netlink: 'syz.1.2763': attribute type 30 has an invalid length.
[  225.337679][T12231] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2760'.
[  225.364547][T12235] loop2: detected capacity change from 0 to 8192
[  225.398247][T12235] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2765'.
[  225.735303][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.814948][T12243] loop4: detected capacity change from 0 to 1024
[  225.822376][T12243] EXT4-fs: Ignoring removed nobh option
[  225.828207][T12243] EXT4-fs: inline encryption not supported
[  225.857919][T12243] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.875438][T12243] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2767: Allocating blocks 497-513 which overlap fs metadata
[  225.890390][T12243] EXT4-fs (loop4): pa ffff8881072b4f50: logic 16, phys. 129, len 24
[  225.898687][T12243] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  225.943365][T12247] loop3: detected capacity change from 0 to 1024
[  225.952736][T12247] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  226.052596][ T3300] ==================================================================
[  226.061361][ T3300] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  226.071902][ T3300] 
[  226.074265][ T3300] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  226.082526][ T3300]  tick_do_update_jiffies64+0x113/0x1c0
[  226.088545][ T3300]  tick_nohz_handler+0x7f/0x2d0
[  226.093513][ T3300]  __hrtimer_run_queues+0x20c/0x5a0
[  226.098834][ T3300]  hrtimer_interrupt+0x21a/0x460
[  226.103868][ T3300]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  226.109832][ T3300]  sysvec_apic_timer_interrupt+0x6f/0x80
[  226.115583][ T3300]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  226.121724][ T3300]  kcsan_setup_watchpoint+0x415/0x430
[  226.127372][ T3300]  unmap_page_range+0xd70/0x2680
[  226.132524][ T3300]  unmap_vmas+0x23d/0x3a0
[  226.136979][ T3300]  exit_mmap+0x1b0/0x6c0
[  226.141399][ T3300]  __mmput+0x28/0x1c0
[  226.145453][ T3300]  mmput+0x40/0x50
[  226.149214][ T3300]  exit_mm+0xe4/0x190
[  226.153588][ T3300]  do_exit+0x417/0x15c0
[  226.157911][ T3300]  do_group_exit+0x139/0x140
[  226.162731][ T3300]  __x64_sys_exit_group+0x1f/0x20
[  226.168089][ T3300]  x64_sys_call+0x2fe2/0x2ff0
[  226.172874][ T3300]  do_syscall_64+0xd2/0x200
[  226.177407][ T3300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.183834][ T3300] 
[  226.186425][ T3300] read to 0xffffffff868099c0 of 8 bytes by task 3300 on cpu 1:
[  226.194240][ T3300]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  226.201050][ T3300]  count_shadow_nodes+0x6a/0x230
[  226.206010][ T3300]  do_shrink_slab+0x60/0x680
[  226.210650][ T3300]  shrink_slab+0x448/0x760
[  226.215097][ T3300]  shrink_node+0x6c3/0x2120
[  226.219714][ T3300]  do_try_to_free_pages+0x3f6/0xcd0
[  226.225114][ T3300]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  226.231305][ T3300]  try_charge_memcg+0x358/0x9e0
[  226.236611][ T3300]  charge_memcg+0x51/0xc0
[  226.240959][ T3300]  __mem_cgroup_charge+0x28/0xb0
[  226.246259][ T3300]  filemap_add_folio+0x4e/0x1b0
[  226.251225][ T3300]  __filemap_get_folio+0x31e/0x6b0
[  226.256538][ T3300]  filemap_fault+0x41f/0xb40
[  226.261333][ T3300]  __do_fault+0xbc/0x200
[  226.265597][ T3300]  handle_mm_fault+0xf78/0x2c20
[  226.270851][ T3300]  do_user_addr_fault+0x636/0x1090
[  226.276257][ T3300]  exc_page_fault+0x62/0xa0
[  226.280880][ T3300]  asm_exc_page_fault+0x26/0x30
[  226.285764][ T3300] 
[  226.288116][ T3300] value changed: 0x00000000ffffe2df -> 0x00000000ffffe2e0
[  226.295677][ T3300] 
[  226.298586][ T3300] Reported by Kernel Concurrency Sanitizer on:
[  226.305214][ T3300] CPU: 1 UID: 0 PID: 3300 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  226.319151][ T3300] Tainted: [W]=WARN
[  226.323254][ T3300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  226.334230][ T3300] ==================================================================
[  226.378112][T12224] syz.0.2760 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  226.389547][T12224] CPU: 1 UID: 0 PID: 12224 Comm: syz.0.2760 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  226.389581][T12224] Tainted: [W]=WARN
[  226.389655][T12224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  226.389673][T12224] Call Trace:
[  226.389682][T12224]  <TASK>
[  226.389693][T12224]  __dump_stack+0x1d/0x30
[  226.389770][T12224]  dump_stack_lvl+0xe8/0x140
[  226.389799][T12224]  dump_stack+0x15/0x1b
[  226.389897][T12224]  dump_header+0x81/0x220
[  226.389973][T12224]  oom_kill_process+0x342/0x400
[  226.390015][T12224]  out_of_memory+0x979/0xb80
[  226.390134][T12224]  try_charge_memcg+0x5e6/0x9e0
[  226.390181][T12224]  charge_memcg+0x51/0xc0
[  226.390208][T12224]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  226.390315][T12224]  __read_swap_cache_async+0x1df/0x350
[  226.390391][T12224]  swap_cluster_readahead+0x277/0x3e0
[  226.390441][T12224]  swapin_readahead+0xde/0x6f0
[  226.390475][T12224]  ? __filemap_get_folio+0x4f7/0x6b0
[  226.390560][T12224]  ? swap_cache_get_folio+0x77/0x200
[  226.390600][T12224]  do_swap_page+0x301/0x2430
[  226.390628][T12224]  ? css_rstat_updated+0xb7/0x240
[  226.390667][T12224]  ? __pfx_default_wake_function+0x10/0x10
[  226.390801][T12224]  handle_mm_fault+0x9a5/0x2c20
[  226.390836][T12224]  do_user_addr_fault+0x636/0x1090
[  226.390882][T12224]  ? fpregs_restore_userregs+0xe2/0x1d0
[  226.390991][T12224]  ? switch_fpu_return+0xe/0x20
[  226.391028][T12224]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  226.391122][T12224]  exc_page_fault+0x62/0xa0
[  226.391193][T12224]  asm_exc_page_fault+0x26/0x30
[  226.391214][T12224] RIP: 0033:0x7fbaeb0b57cc
[  226.391241][T12224] Code: 66 0f 1f 44 00 00 69 3d e6 fe ea 00 e8 03 00 00 48 8d 1d e7 07 38 00 e8 62 96 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[  226.391265][T12224] RSP: 002b:00007ffc85a2ade0 EFLAGS: 00010283
[  226.391284][T12224] RAX: 0000000000000000 RBX: 00007fbaeb437080 RCX: 0000000000000000
[  226.391302][T12224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555555db5808
[  226.391319][T12224] RBP: 00007fbaeb437da0 R08: 0000000000000000 R09: 7fffffffffffffff
[  226.391367][T12224] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000372de
[  226.391380][T12224] R13: 00007fbaeb436090 R14: ffffffffffffffff R15: 00007ffc85a2aef0
[  226.391401][T12224]  </TASK>
[  226.391410][T12224] memory: usage 307200kB, limit 307200kB, failcnt 4918
[  226.631404][T12224] memory+swap: usage 307548kB, limit 9007199254740988kB, failcnt 0
[  226.639517][T12224] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[  226.647027][T12224] Memory cgroup stats for /syz0:
[  226.647322][T12224] cache 0
[  226.655821][T12224] rss 0
[  226.658967][T12224] shmem 0
[  226.661916][T12224] mapped_file 0
[  226.665424][T12224] dirty 0
[  226.668381][T12224] writeback 8192
[  226.672035][T12224] workingset_refault_anon 692
[  226.677235][T12224] workingset_refault_file 5993
[  226.682076][T12224] swap 356352
[  226.685500][T12224] swapcached 16384
[  226.689307][T12224] pgpgin 343963
[  226.692958][T12224] pgpgout 343957
[  226.696743][T12224] pgfault 190854
[  226.700392][T12224] pgmajfault 485
[  226.704164][T12224] inactive_anon 8192
[  226.708219][T12224] active_anon 8192
[  226.712144][T12224] inactive_file 0
[  226.716042][T12224] active_file 8192
[  226.720056][T12224] unevictable 0
[  226.723776][T12224] hierarchical_memory_limit 314572800
[  226.729257][T12224] hierarchical_memsw_limit 9223372036854771712
[  226.735617][T12224] total_cache 0
[  226.739355][T12224] total_rss 0
[  226.742855][T12224] total_shmem 0
[  226.746518][T12224] total_mapped_file 0
[  226.750740][T12224] total_dirty 0
[  226.754362][T12224] total_writeback 8192
[  226.759092][T12224] total_workingset_refault_anon 692
[  226.764662][T12224] total_workingset_refault_file 5993
[  226.770323][T12224] total_swap 356352
[  226.774382][T12224] total_swapcached 16384
[  226.779622][T12224] total_pgpgin 343963
[  226.783910][T12224] total_pgpgout 343957
[  226.788010][T12224] total_pgfault 190854
[  226.792768][T12224] total_pgmajfault 485
[  226.797120][T12224] total_inactive_anon 8192
[  226.801773][T12224] total_active_anon 8192
[  226.806274][T12224] total_inactive_file 0
[  226.810827][T12224] total_active_file 8192
[  226.815289][T12224] total_unevictable 0
[  226.819359][T12224] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2760,pid=12224,uid=0
[  226.835541][T12224] Memory cgroup out of memory: Killed process 12224 (syz.0.2760) total-vm:94088kB, anon-rss:1128kB, file-rss:22312kB, shmem-rss:96kB, UID:0 pgtables:148kB oom_score_adj:1000
[  226.876111][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.