last executing test programs:

3.041978614s ago: executing program 1 (id=2716):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, &(0x7f00000004c0), &(0x7f0000001c40)}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

2.820936307s ago: executing program 4 (id=2723):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = timerfd_create(0x0, 0x800)
timerfd_settime(r1, 0x3, &(0x7f0000000080), 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000004000000450000008814"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34920, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0xfffffffffffffefc)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sync()
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000280))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
fcntl$dupfd(r1, 0x0, r5)
connect$can_bcm(r6, &(0x7f0000001200), 0x10)
close(r6)
syz_open_dev$usbfs(&(0x7f0000000240), 0x202, 0x2)

2.708326768s ago: executing program 1 (id=2725):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x4000000, 0x0, 0xfef0, 0x0, 0x0, 0x0)

2.581967241s ago: executing program 2 (id=2727):
r0 = creat(&(0x7f00000000c0)='./cgroup/cgroup.procs\x00', 0x125)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x55, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b73, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14145, 0x32, 0xfffffbff, 0x5, 0x2, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x2007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
munmap(&(0x7f000028d000/0x5000)=nil, 0x5000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x7, 0x0, 0x8, 0x4, 0x0, 0x4, 0x40000, 0xc, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0xed0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x2, 0x25e8, 0x2, 0x1, 0x530e, 0xffff, 0x0, 0x0, 0x0, 0x100000000}, 0xffffffffffffffff, 0xf, r0, 0xa)
mlock(&(0x7f0000452000/0x3000)=nil, 0x3000)

2.566741501s ago: executing program 1 (id=2728):
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0xa1c406, &(0x7f0000000dc0)=ANY=[@ANYBLOB="646f74730000f5ff522c246d6173a594e5e0ee30303030010000000000400017c3d234e02f30303030302c6e6f646f742c6e66733d6e0973", @ANYBLOB="ab93a03e400e6a76736e8552c35a8a86b706e67df8b0bb096dc2014cbea45a11ca15b6113b2f59719308dd8d0cf6a20562ef6d20457823de90ad84d98af7df244be2ce241370e1ac8c73246463adda", @ANYRESDEC], 0x1, 0x2a2, &(0x7f0000001140)="$eJzs3M9r02AYwPGn6dZ0k/04CXrxQS96CbMe1UOVDcSC0q2iHoSMZVpa25EUbUUwZ0/7O4ZHb4L4D+y/8DYE2WknI22zNOu633Wt3fcDI++b5323J3nJeNKSbD1ff1ta9axVuyZGWsUQ8WVHZFaKsisRblOtdiraL/cz4sutuXfbnxdfvHyczeXm86oL2aU7GVWdvvb9/ccv13/ULj37Om2asjn7aut35ufm5c0rW3+W3hQ9LaakUq2prcvVas1eLju6UvRKlurTsmN7jhYrnuPuia+Wq2trDbUrK1OTa67jeWpXGmpIQ2tVTYdZVdSyLJ2abLbTcoGkTjyjsJHP29lOfz7Z34wwDFw3azcXdmLf1VDYGExGAABgkA6u/41ozG79b3TX/yJH1P+fwlHT33rW/56evv5PSlT/l5xW/V9zG2q/tovx+h+H6q7/j8f4N8ngLBJ+rPNgT8h1sxO9J1H/AwAAAAAAAAAAAAAAAAAAAADwP9gJgpkgCGaaW0NEgrBvikgy1u8x9UI9Wz+q4usfxH7McIEPWX+MgNiDe2mRX369UC8kWtt2fOFRbn5OW2IP/m3X64VkFL/djuve+LhMhvFMz3hKbt5ox5uxh09y8fh6vTAhK4dm7vfrFAAAAAAAMPIsjcxGO9MS3d9blprSHW/dv7dbfufzAe28GqgZH5OrY+d5JAAAAAAA4CBe40PJLpcd93wayXP8W6duiJxu+t3A7EsaSRE5Ykx+UWTwJ2pfw5ShSGOUG/f69guDhEh7z3j4z6DrKgAAAAAwWjr3Ayefy9f7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0x5neImYcb/CgjxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYFn8DAAD//8DvvIM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
syz_usb_connect$uac1(0x4, 0x71, &(0x7f00000006c0)=ANY=[], 0x0)
close_range(r3, 0xffffffffffffffff, 0x200000000000000)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000000340)={@local, @link_local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "dd690b", 0x48, 0x2f, 0x0, @ipv4={'\x00', '\xff\xff', @private}, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100}, {0x0, 0x0, 0x0, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x3, 0x6]}}}}}}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10)
semget$private(0x0, 0x3, 0x62)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000fdff24625f1451770115000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0xb, 0xff8, &(0x7f0000001e00)=""/4088}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r6=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)=r5}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={r6, &(0x7f0000000280)="fde3616243edbb2d", &(0x7f0000000600)=""/4096, 0x4}, 0x20)

1.634084295s ago: executing program 0 (id=2732):
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (fail_nth: 2)

1.633393185s ago: executing program 2 (id=2733):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c801}, 0x4000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r0, 0x0, 0x2000}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD")
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r1, 0x0, 0x0, 0x7000, 0x0, 0x3)

1.605827386s ago: executing program 1 (id=2734):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@remote}, {@in6=@remote, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0)

1.585916666s ago: executing program 0 (id=2735):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = timerfd_create(0x0, 0x800)
timerfd_settime(r1, 0x3, &(0x7f0000000080), 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000004000000450000008814"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34920, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0xfffffffffffffefc)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sync()
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000280))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
fcntl$dupfd(r1, 0x0, r5)
connect$can_bcm(r6, &(0x7f0000001200), 0x10)
close(r6)
syz_open_dev$usbfs(&(0x7f0000000240), 0x202, 0x2)

1.533458847s ago: executing program 1 (id=2736):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = timerfd_create(0x0, 0x800)
timerfd_settime(r1, 0x3, &(0x7f0000000080), 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000004000000450000008814"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34920, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0xfffffffffffffefc)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sync()
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000280))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
fcntl$dupfd(r1, 0x0, r5)
connect$can_bcm(r6, &(0x7f0000001200), 0x10)
close(r6)
syz_open_dev$usbfs(&(0x7f0000000240), 0x202, 0x2)

1.510677917s ago: executing program 4 (id=2737):
r0 = msgget$private(0x0, 0x309)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000100)={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2}, 0xc)
msgsnd(r0, &(0x7f0000000000)=ANY=[], 0x39, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000008000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280)}, 0x100002, 0x3, 0xfffffffc, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYRES32=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f0000000040)={&(0x7f0000000280)=@rc={0x1f, @any, 0x9}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000580)="62042700590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542", 0xfffffffffffffdcc}, {0x0}], 0x2}, 0x4008001)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x0, 0x4, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
msgrcv(r0, &(0x7f0000000080)={0x0, ""/33}, 0x29, 0x2, 0x2000)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382)
r6 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x2)
pwritev(r6, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c00000010001ffe0098", @ANYRES32=0x0, @ANYBLOB="ff7f000080000000140012800a00010076786c616e0000000400028008000a00", @ANYRESDEC=r4], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
ioctl$LOOP_CHANGE_FD(r5, 0x4c00, r6)
r7 = socket(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040))
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000340)=0xec5a, 0x3, 0x7)
sendfile(r5, r5, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r5, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x3, 0x0, 0x11, 0x1, "28f5c7b6ab69e4be4111ab18d2da69af40fd150b70aac11c2e17bd5b17bf01933bdb6fd7ecdd91b59ca8d5410000000400000000008d00", "07a9310978072a8b070006584a128d7469166ffbffffff19e7df4af14e1df82d", [0x1, 0x7]})
ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r4)

1.481594888s ago: executing program 2 (id=2738):
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x1004491, &(0x7f0000000380)=ANY=[], 0x2, 0x826, &(0x7f00000012c0)="$eJzs3U9sHFf9APDvuHacOGp+1e/3U4miNJ0kRUpE6q7t1sXqoWzXY2dae9faXaNEqGqjxilRnLZqVZVGiJJLCwiEOHEsvVa99AZCAokDcEKiBy4cKlXqBVQQSAiEkIJ2djde/1k7ThynlM9n1X2zb957897sZL87W7+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiqUyXSmNJzOXVxTNpf5Xpem1+k/Xd9n6+KtlkuxFJ67/YuzcOtrMO/v/K6ntbT8ficPvV4djbSvbGlf333vPY/w0OdOtv0qGbdbT/qqHeF0nEN1udunRueXnp5dvQkV30nZ92FvbecJV/XGs9z2bVvFHL58uzWZo3aunU5GTpodMzjXQmn8saZxvNbD6t1LNys1ZPT1ROpmNTUxNpNnq2tlidnS7PZd3MRx8cL5Um0ydHF7JyvVGrPvTkaKNyOp+by6uzRZnx0mvRKvNo60B8Km+mzaw8n6YXLi4vTWzV1VahsVU5w6sOnMMP3PPxqx/99eJS64Ds10jSOTDHx8bGx8cmH5l65NFSaXC8NL46o7RGXC8RAxGtErfloOXO2r9B3mDniFm3IuLa/+zMhzfcooFO/I+5yKMai3Em0khjoHheeQxFJaajHrWYb73+3dCa9evi/+cf+tNvNttub/zvRvmDK6sPRRH/j7RfHekX/9f1Ygceg/1arb7X7k1v3ivxelyJS3EulmM5luLltbX2rK2xweNGytzyY7idDuxsq7ORRTXyaEQSecxHuchJi5xapDEVkzEZpXgmTsdMNCKNmchjLrJoxNloRDOy4oiqRD2yKEczalGPNE5EJU5GGmMxFVMxEWlkMRpnoxaLUY3ZmI5y0cqFuFjs94k1/br3G8/+5Pnffvx2a/l6obFNBpK0vszt/zDiL5sUWhfutxH/WyUGOkf3rsQkdsnebb6rO/PBDTvgWhH/B+90NwAAAIDbKCl+fU8iYijuK5Zm8rnsK3e6WwAAAMAOKv6u+XArGWot3RdJ6/y/tEHJDyKGd717AAAAwA5Iijl2SUSMxP3tpe50qY1+BAAAAAD+AxX///9IKxmJeKPIcP4PAAAAnzHf6neN/Y/2FNfYHYnGwnDysz9HvT6UXF0480ByudwqV758V7teJ/ny9RabM4eSA51GimRy8Mr+JCIGK9nhpHv1y3915hJ8UjwfWrkAYb9r/SdbdCA270DxKr4bR9tljp5vp+e7a9pbGZnJ57LRSm3usbGk8+NI89UXLn4tiuF/uzp/IIkLF5eXRp97cfl80ZerrVauXu5cHj7p1opoT6jYpC/XurMp7tt4xEPFRIzOdkfa2y31jr9zNdmBzcef9G7zzTjWLnNspJ2OrB7/3tY2x0YfG4ty+cBAMzvTfPVaz+g7vRhbGflwd7TJNt6FN+N4u8zxE8fbyQa9GF/VixfW92K8d//f2L644V68ffSNM3/7ZS3JJrbqxcQt9gLgTrlQXPVnJQrtK6LQP6+1tQLamri7r1tzO59yF1a+ZXTr98S6wVgX3dObie5vxol2mRPt7xODhzaIK6UNPtFfuvjSrzqf6A+/+8MfPX3k1++vievb6MW7cbJdppPE//6iT4xtjfl7a6LqO60a7/TdbmNuPHlteGIoad98KK48ePHyueeXnl96YXx8YrL0cKn0yHgMFV8VOkmfnoo8AP/dtrrHzvtfv1603114koe3OKtOBrt/UjAaz8WLsRzn41Qx2yAi7t+41ZGeP0M4tcVZ60jPHV5ObXFuuVJ2fG3Z4eNJ9Ck70bPHPveDIvn7bXpDAGAXHNsiDidxT/uyP6/d3amxpsRdSXKq97z7qxFxqF/MbcXyk+0b53bPjqN/LO/1h076xd3YKQDwGZfVP0lGmm8l9Xq+8MzY1NRYuXk6S+u1ylNpPZ+ezdK82szqldPl6myWLtRrzVql+9PxdNZIG4sLC7V6M52p1dOFWiM/U9z5Pe3c+r2RzZerzbzSWJjLyo0srdSqzXKlmU7njUq6sPjEXN44ndWLyo2FrJLP5JVyM69V00ZtsV7JRtO0kWU9BfPprNrMZ/JsKM2r6UI9ny/Xr0bE3OJ8lk5njUo9X2jW2g12t5VXZw7U54tmR9cP/4+7vb8B4NPgldevXDq3vLz08s0t/P5GCt/pMQIAq4nSAAAAAAAAAAAAAADw6bd+ul4rd1sTAYfipqcPvjIcrYV9N1u9tfB0ZyS3MItxk4XB2OEGN1/4wnvtwexEg+vbGerm3L3VvM99q97TPZ1dvEs7YScXnn388UtXrkZEkZMM9u7eJ944ePrDLLqj26Sdjf+lbDTV9a0DEXt+/P12zpf6FE4Gd3ikH3QHuL3q15JN/uHv6scQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyQfwcAAP//LdJG/Q==")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x8001, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r5 = accept(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0)
unshare(0x6020480)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f000040a000/0x2000)=nil, 0x2000, 0x2, 0x80010, 0xffffffffffffffff, 0x148d6000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000040)=0x7)

873.406877ms ago: executing program 3 (id=2741):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
lseek(0xffffffffffffffff, 0x8, 0x2)
msgctl$IPC_RMID(0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
socket(0x2, 0x80805, 0x0)

826.245318ms ago: executing program 3 (id=2742):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000100)="140000001a004f7fb3e45f2024d2f1c9fb470000", 0x14)
r1 = timerfd_create(0x7, 0x80000)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000280)={'syztnl1\x00', &(0x7f0000000180)={'ip_vti0\x00', 0x0, 0x10, 0x700, 0x1fa, 0x5, {{0x20, 0x4, 0x2, 0x0, 0x80, 0x66, 0x0, 0x3, 0x4, 0x0, @loopback, @loopback, {[@generic={0x7, 0xf, "44739199dd6a641158b3ac9cb6"}, @timestamp_addr={0x44, 0x2c, 0xf2, 0x1, 0x0, [{@private=0xa010102, 0x5}, {@rand_addr=0x64010101, 0x4}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x16f}, {@private=0xa010100}, {@private=0xa010102, 0x670}]}, @generic={0x7, 0x8, "eb63fdfb9349"}, @noop, @timestamp={0x44, 0xc, 0x80, 0x0, 0x8, [0x1000, 0x0]}, @rr={0x7, 0x1b, 0x40, [@empty, @private=0xa010100, @multicast1, @broadcast, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x37}]}]}}}}})
getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300)=0x4)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
pwritev(r3, &(0x7f00000001c0)=[{&(0x7f00000003c0)="be", 0x1}, {0x0}], 0x13, 0xfffffffc, 0x3)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000003c0)={'syztnl1\x00', &(0x7f0000000340)={'gretap0\x00', 0x0, 0x20, 0x8, 0x6, 0x8, {{0x6, 0x4, 0x2, 0x3f, 0x18, 0x68, 0x0, 0x0, 0x4, 0x0, @local, @remote, {[@end]}}}}})
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000400)={@local}, &(0x7f0000000440)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000007c0)={'ip6gre0\x00', &(0x7f0000000740)={'syztnl1\x00', r2, 0x4, 0x5, 0x6b, 0xe, 0x43, @dev={0xfe, 0x80, '\x00', 0x10}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x20, 0x40, 0x81, 0x5}})
fsetxattr$trusted_overlay_nlink(r1, &(0x7f0000000000), &(0x7f0000000040)={'L+', 0x3}, 0x16, 0x2)
recvmmsg(r0, &(0x7f0000004e80)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x645}, {{&(0x7f0000000600)=@pppol2tp, 0x80, 0x0}, 0xffffff80}], 0x3, 0x10122, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
write$tun(r6, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x4, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp\x00')
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b000000572a000000009a33f16f1d4e5f07a4ef5989401cabe4035d130e210b0231a83d808ec3bfcb76e47a71e4e2850b529deda80db0ed64ec528abb8f4672acdf834ca519c09a23f47ae0485650471aa167212e090eec05e46c06825fd5d4720d5b3a8ebff45dcc69cc9cbd04121639976b986f935874379ef20bb0873ccf5d536456618a337c9142ffb2", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000008018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@max_batch_time={'max_batch_time', 0x3d, 0x121}}, {@mblk_io_submit}, {@quota}]}, 0x3, 0x44f, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLblV15+rQRfeFGraCS+tLQgcvCCwcSDJiZ6wGNtC0EWamhNhBBFY/BoSLwbjyb+BZ40JkY9mXjVuyEhhgvoac3szpTdYbtAu+023c8nGXiemWf3eb47z7P7zDydAPrWWPZPErE9Iv6IiJFGtrXAWOO/Wzcuzfxz49JMErXaW38n9XI3b1yaKYoWr9tWZAYi0s+S2Num3oULF89MV6tz5/P8xOLZ9ycWLlx84fTZ6VNzp+bOTR09evjQ5EtHpl7sSpxZXDf3fDS/b/dr71x9Y+bE1Xd/+TYp4i/FsUIDpfxYp8JP12qrrG5j2dGUTsqfBBtWJe+4g/XxPxKVpm48Eq9+2tPGAWuqVqvVHlr+8OUasIkl0esWAL1R/NBn17/Ftk5Tjw3h+rHGBVAW9618axwZiDQvM1i6vu2msYg4cfnfr7ItunMfAgCgo++z+c/z7eZ/aTTfF/p/voYyGhEPRMTOiDgSEbsi4sGIetmHI+KR+6y/vEhy5/wnvbaiwO5RNv97OV/bap3/FbO/GK3kuR31+AeTk6ercwfzz+RADG7J8pMd6vjh+O9fLGWGW481z/+yLau/mAvm7bg2sKX1NbPTi9Orjbtw/ZOIPQPt4k+WVgKSiNgdEXtWWMfpZ7/Zt9yxu8ffQRfWmWpfRzzTOP+XoxR/Iem8Pjnxv6jOHZwoesWdfv3typvL1b+q+LsgO/9b2/b/pfhHk+b12oXyO/yY3q2OK39+vuw1Taf4j9ffuX3/H0rebtn34fTi4vnJiKHk9Uajm/dPlcpN3S6fxX9gf/vxvzNufxJ7IyLrxI9GxGMR8Xje9ici4smI2N8h/p9feeq9lcS/HrL4Z+/r/N9ODEV5T/tE5cxP37VUOno/8Wfn/3A9dSDfcy/ff/fSrna9GQAAADajNCK2R5KOL6XTdHy88Tf8u2JrWp1fWHzu5PwH52YbzwiMxmBa3OkaabofOplf1hf5qVL+UH7f+MvKcD0/PjNfne118NDnti0z/jN/VXrdOmDNeV4L+pfxD/3L+If+ZfxD/2oz/od70Q5g/bX7/f+4B+0A1l9p/Fv2gz7i+h/6V5vxf6wX7QDWn99/6EsLw3H3h+TLiZGIFbxKYlMlIt0QzejzxNCavXOvv5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6478AAAD///2e5f8=")

727.042089ms ago: executing program 0 (id=2743):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0xb}, 0x18)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)

611.788651ms ago: executing program 2 (id=2744):
ioctl$TIOCMIWAIT(0xffffffffffffffff, 0x545c, 0x0) (async)
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000001a00)={[{@user_xattr}, {@lazytime}, {@nodioread_nolock}, {@errors_remount}, {@user_xattr}, {@nodelalloc}, {@usrquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x101}}]}, 0x1, 0x7d0, &(0x7f0000000d80)="$eJzs3d1rW+cZAPDnyHbsONniwWDJbuKrLBAiJ5mXZDCYxy7GYIHAdr3EyIrxLFvGkkNsDEsohUIptKEXhfam1/1I73pb2uv+CaU3pZSEtHVMU3pRVI4+bPlL/pTtJL8fHPt9pPec9310pHNe6bxIAbyw+tM/mYhTEfF6EnGifnsSEV3VUmfEUK3e04X5XLokUan8+7ukWmdxYT4XTeukjtWDkxHx6csR5zJr2y3Nzo0PFwr56Xo8UJ6YGijNzp0fmxgezY/mJy9fHBy8dOVPVy43rTS1u1x/+Hzu+KM3/vGHD4d+eul3D177LImhOF6/rzmPJt27aa8/+uuPSVf6EK7w991s+BBKDroD7Ej60uyovcrjVJyIjmoJAHiepef/yuY6tlYNAHg2JE7sAPCCaXwOsLgwn2ssB/uJxP56/LeI6Knl37i+Wbuns37Nrqd6HbR3MYnO6MqdidoFk7263tUfEe98/N/30yU2vg4JsOfu3ouIm339a4//yZo5C9t1YQt1+lfFiwvzR3fZLLBFn6Tjn6vrjf8yS+OfWBr/LOte57W7E/0RR5rjteOfzMN1V/zrHjReH//9pTa3LU20afy3NGmtr6Me/SoNTkfEWCGfHtt+HRFno6v71lghf7FFG2ef/Pxko/uax3/f3//fe2n76f/lGpmHnatmoY0Ml4d3k3Ozx/cift+5PLfv6Zrjf091rLt6/6e3XW+14dPLxX/++ZW3N6qW5p/m21jW5t9elXcjzsT6+TckLecnDqS7/0Lt74pNL23go6/e6t2o/eb9ny5p+433Avsh3f+9rfPvS5rna5b2tv3N81//+X8k+U+13Dh43Bkul6cvRhxJ/rX29kvL6zbiRv00/1qmq/PPtHz+p+8Jb24xx85H336w8/yXtGWKZZr/yLb2//YLD56Od+w8/3T/D1ZLZ+u3tD7+NYaP06unGN9dr4M7f+QAAAAAAAAAAAAAAAAAAAAAAAAAYOsyEXE8kkx2qZzJZLO13/D+bfRmCsVS+dyt4szkSFR/K7svujKNr7o8UYuTxvef9jXFl1bFf4yI30TEm91Hq3E2VyyMHHTyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFB3bIPf/099033QvQMA2qZn0xpP8ivCSqVSaWN/AID2a5z/vzjgfgAA+6fF+/+j+9kPAGD/bP75PwDwvHH+B4AXj/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbXb92rV0qfy4MJ9L45HbszPjxdvnR/Kl8ezETC6bK05PZUejOFrIZ3PFic22VygWpwZjcubOQDlfKg+UZuduTBRnJss3xiaGR/M38l37khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9pdm58uFDITz8XhVcj4hB0ox2FJA5FNw6k8PX5L0+2qnN/k6fx0KHIYmXhak/E3mywUqn8vw09POgjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCz4ZcAAAD//xnGHzY=")
pwritev2(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="86d10f98acd8e6880b30b9da858a796917a4fd1b63cc9d4de817ffc560418a83943c2a1335c837ecd62ca27596efb3a5ae1945a75936054acb8e209c5f1c19ece5020d80c4447f8ed6027706fcbb24754bd0afaf4a549a64957a84d0ee1e577f9474bdd1338622e97571f5", 0x6b}, {&(0x7f00000002c0)="c460d32c462879a4bedddd52359858809815628002bf2b81ec6fc1c9bb80bd9b70cd016cb8292d1ed71faa7d7f9e96e39e4ab92a43002f546b1c7958c9275ed50ff37186831e726bc2a685", 0x4b}], 0x2, 0x6, 0xce6, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000340)={0x28, 0x0, 0x2711}, 0x10, 0x81800)
r3 = accept4$vsock_stream(r2, &(0x7f0000000380)={0x28, 0x0, 0x2710, @hyper}, 0x10, 0x80800)
fcntl$dupfd(r3, 0x406, r3) (async, rerun: 32)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x7}, 0x94) (async, rerun: 32)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) (async, rerun: 64)
perf_event_open(&(0x7f0000000200)={0x8, 0x80, 0x20, 0x0, 0x1, 0x3, 0x82, 0x0, 0x8404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp, 0x400, 0xfffffffffffffffe, 0x48000, 0xb9ec7bc4f5bb1f27, 0xfffffffffffffffd, 0x1fffffff, 0x0, 0x0, 0x40, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x8) (rerun: 64)

585.382891ms ago: executing program 3 (id=2745):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x1, @perf_bp={0x0, 0xd}, 0xc1a8, 0x10000, 0xfffffffd, 0x1, 0x8, 0x20005, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r0, 0x0)
syz_emit_ethernet(0xd6, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa8100400086dd60000000009c2b0000000000000000000000000000000001"], 0x0) (fail_nth: 3)

584.355251ms ago: executing program 0 (id=2746):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @local, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x2b, 0x0, @local, @local, {[], {{0x0, 0xfffd, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

559.066612ms ago: executing program 4 (id=2747):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r2 = openat$random(0xffffff9c, &(0x7f00000001c0), 0x80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
setgid(0x0)
r4 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x204000, 0x10100}, &(0x7f0000000000)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2, 0x0, 0x0, 0x0, {0x183}})
io_uring_enter(r4, 0x2def, 0x0, 0x0, 0x0, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/tcp6\x00')
pread64(r7, &(0x7f00000000c0)=""/169, 0xa9, 0x4fd7)
lseek(r7, 0x8, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
execve(0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
read(r8, &(0x7f00000005c0)=""/4096, 0x1000)
preadv(r8, &(0x7f00000004c0)=[{&(0x7f0000000500)=""/133, 0x85}], 0x1, 0x5, 0x200)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}, 0x400)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1a, 0x4, &(0x7f0000001640)=ANY=[@ANYRESOCT=0x0, @ANYRESHEX=r9, @ANYBLOB="605ba0965a3cdbdfcc49ee9804cc52bf007c538a84862b3d99776c23d3d5e69c7da4b9d49ac7d83cb47d2d4ee35a43c7be23"], &(0x7f0000001b80)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x7ffc}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x100000, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x15, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='mm_page_free\x00', r10, 0x0, 0x5}, 0x18)
read(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0xfdef, 0x0, 0x0)

485.899622ms ago: executing program 3 (id=2748):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c801}, 0x4000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r0, 0x0, 0x2000}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD")
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r1, 0x0, 0x0, 0x7000, 0x0, 0x3)

477.881103ms ago: executing program 0 (id=2749):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x50, &(0x7f00000002c0)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0xff, @empty, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x1, 0x72}, "b8d365056e3f"}}}}}}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newtfilter={0x30, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x10000840)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x6)
r8 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
pwritev2(r8, 0x0, 0x0, 0x7c00, 0x0, 0x3)
sendmsg$IPCTNL_MSG_EXP_DELETE(r8, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000440)={0x164, 0x2, 0x2, 0x801, 0x0, 0x0, {0x5, 0x0, 0x1}, [@CTA_EXPECT_MASTER={0x50, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_TUPLE={0xac, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}]}, @CTA_EXPECT_HELP_NAME={0xe, 0x6, 'irc-20000\x00'}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x4}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x2}, @CTA_EXPECT_ZONE={0x6}, @CTA_EXPECT_FN={0x13, 0xb, 'callforwarding\x00'}, @CTA_EXPECT_FLAGS={0x8}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x20000010}, 0x800)
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r10, 0x8933, &(0x7f0000000340)={'wpan0\x00'})
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001c40)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r9, {0xfff2, 0xfff3}, {0x0, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

436.321793ms ago: executing program 1 (id=2750):
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r0 = syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="666c7573682c6e66732c74696d655f6f66667365743d3078303030303030303030303030303264372c6e6f646f74732c6e6f646f74732c00e94f858cc5add951be5560b2b10409b2caf19b89679412fda54378d58ee92ed254f0ee62ee26a42300865e346b9c349298940af1212e42e147254d296cc87c0fff526f02d3d27b3fdae5f61f56327ce1550b9cba5ed94e8f20d24a6aeeeec50293b0502f374fe82af745ee1f0144f8a3cd0457108ee9d704fe5006f654869d47ff89fc07c9b596ff9a0d699fc32c8560a169c602f8cf64e7d3e40c77cf4142be55286340a06982efc5f0b146917e62e58bccd84474f5663625bbfbeda91e4d1c790bef56ced41571be91666e7a833cee2aed45925de5c02a93"], 0x1, 0x23a, &(0x7f0000000540)="$eJzs3bFqFFEUBuBjspssaUwtFgM2Vov6BotEEAeElSm0ciDaJCJMmtFqH8Nn8JF8jFTpRswsO5t1TWPGGzPfB8P88BM4t8nd4t7d9w8/nRx/PvvY/PgWk0kWo4hFXEQcxk7sRuve8r1zmfdi3SKuc30LAKQxn5ez1DPQr6qaleOI2P+tKb4nGQgAAAAAAAAAAIC/1u/5fwDgNnL+/+6rqll5sPz8dpXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA6F01zv9l4xtHl1PMBADdv2/6//qSeDwC4efZ/ABge+z8ADM+bt+9ezfL8aJ5lk4jzRV3URftu+xcv86Mn2aXD7q/O67rYXfVP2z672o/jYNk/29rvxeNHbf+re/463+j347j/5QMAAAAAAAAAAAAAAAAAAMCtMM1Wtt7vn07/1Ldp7fsBNu7vj+LB6J8tAwAAAAAAAAAAAAAAAAAAAP5rZ1++npSnpx8qQRCEVUj9nwkAAAAAAAAAAAAAAAAAAIanu/SbehIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASKf7/f/+Quo1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMPwMwAA///KXZJX")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x242, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1600000000000000040000000500000099f4014d3cbd7efc4f00000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="07000000040058db2cb27ab268fa6c4821f80ae78218090000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000a25b63677aed69d7de830d93493d5ff70c173fad9a72c783879cb4897beb33a69f066737a7a6ec5840cf3b"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000008c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x6200, &(0x7f0000000500)="629be414ca395ef185b3e81a89c033ef6cb805b16b4690501a54e6d401293007b9d33af751419d52b965a49a40a2ae98352f9dca47990be709ee150786d39b3da0f6dbd06cade44a94d5da94904b1c0749ecca89ca140c5c267e9822e707ea0dc66272945640b05297be0a84604caf0703fd3b5803e531542c8c6d303e18f8373b722afbefaf1380208e5753e4fe6f77009406b2ec46341d95c12d7796fe9259618b31c2d9a5f9639af3a49539e7b23a0af684dd8af328cbdb39cc86b4358ebf", 0xc0, 0x0, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300), 0x800)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r10=>0x0})
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000f85af10c0000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r11, 0x0, 0xffffffffffffffff}, 0x18)
sendmsg$nl_route_sched(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}, @TCA_RATE={0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {0xee00}}, './file2\x00'})

389.750314ms ago: executing program 3 (id=2751):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x86) (async)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[], 0x15) (async)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000200)=ANY=[@ANYRESDEC=r0], 0x53) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095", @ANYBLOB="030c807808db1bf0904a5a795a16de86613746254780e5289eff0aeee1a0fae0c0532ad258c6c721c6d4308a10f1383ef5a839a50beab2f7c3e888", @ANYRES16=r1, @ANYRESHEX=r3], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r4, 0x0, 0xf7}, 0x18) (async)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="7472616e733d66642c724cb8b0393a8266646e6f3d", @ANYRESOCT=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[]) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r3, @ANYBLOB="000000000000f81ee1810000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70b000008000000b704000000000000850000000100000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff93, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (async)
creat(&(0x7f00000004c0)='./file1\x00', 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r5, 0x0) (async, rerun: 64)
r6 = socket$inet6(0xa, 0x3, 0x3c) (rerun: 64)
setsockopt$inet6_IPV6_RTHDR(r6, 0x29, 0x39, &(0x7f0000000340)=ANY=[@ANYBLOB="0002020100"], 0x18) (async)
connect$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x4e22, 0xf7ffffff, @private2={0xfc, 0x2, '\x00', 0x2}, 0xfff}, 0x1c) (async)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000000040)=<r8=>0x0)
timer_settime(r8, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(0xffffffffffffffff) (async)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
connect$inet6(r9, &(0x7f0000000200)={0xa, 0x0, 0x4000000, @ipv4={'\x00', '\xff\xff', @remote}, 0x401}, 0x1c)
ioctl$int_in(r9, 0x5452, &(0x7f0000000c00)=0xf6c) (async, rerun: 64)
setsockopt$inet6_tcp_int(r9, 0x6, 0x6, &(0x7f0000000000)=0x4, 0x4) (async, rerun: 64)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r9, 0x6, 0x14, &(0x7f0000000300)=0x2, 0x54)
sendmmsg$inet6(r9, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001600)="db02fec25f5a8a76dbe2bb39b45e486c8cc477fad2345fbed359e4577ce1fcf93def36fa0db7a254a771615ca10f33612b2ecf49c17c8d83fc0e1386fbcf8478ab33dae171a85dfc7734834b8f065ddfa4830025f61d3c509772d282485da1fea2ff8f32600a9c3b9d973da02df0408e371f91fc2ecc14bb0ae106547526a2011dd9169d691d9f960c8e2b79e339928a8c5614aa5ceee3e198931ddeebae9bc0fef21d6f75841dbe498166bdb39711b4b3ad9227bbb026e1a7d137cf455cec48d64d6042dd412ac67a2a5681e587cfc60c9a217830c80ade6ec24900934fd56787769caeb1634ba4d8a6227ff19255a046db5944fa66804821c5e883bc42527c0cd45decdd2de49d736f0d1a0789615f7c2f01b47fbff7cf9fde5f3dcf585c4aba8ead30b0718496354a644ebd28852ac37507c15c4393814e9d3772d18d2c0c10e1e0db916cfa18f83a59169a9f2be8043761e2b8d677d835f712906d68d2ec317e5d02a05e7b1139c74b46f28d05f84eb5ce2ddc23c7552fa085b6b269bb93c5369b496b2bc789284a11dc4a3a077852548bd2a993321288d7b06652dbcd36847bc3c7d4242bd409c3234649af8721836f5df78b21660362be669b39d97a670edb44a0b663ef02b21d564c22f8ccbd4948455ec009b52f74918002db3863385fc86d74b08462250659e28501cc4887eecc06cd0912e1cab4b80c58ed730d4d31433ad1bba79d14133b85bb6860f4d1d6bd21f8257d471720", 0x219}], 0x1}}], 0x1, 0x24000015)

347.948135ms ago: executing program 2 (id=2752):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
lseek(0xffffffffffffffff, 0x8, 0x2)
msgctl$IPC_RMID(0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
socket(0x2, 0x80805, 0x0)

345.027735ms ago: executing program 3 (id=2753):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = timerfd_create(0x0, 0x800)
timerfd_settime(r1, 0x3, &(0x7f0000000080), 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000004000000450000008814"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34920, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0xfffffffffffffefc)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sync()
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000280))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
fcntl$dupfd(r1, 0x0, r5)
connect$can_bcm(r6, &(0x7f0000001200), 0x10)
close(r6)
syz_open_dev$usbfs(&(0x7f0000000240), 0x202, 0x2)

301.351805ms ago: executing program 2 (id=2754):
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x1004491, &(0x7f0000000380)=ANY=[], 0x2, 0x826, &(0x7f00000012c0)="$eJzs3U9sHFf9APDvuHacOGp+1e/3U4miNJ0kRUpE6q7t1sXqoWzXY2dae9faXaNEqGqjxilRnLZqVZVGiJJLCwiEOHEsvVa99AZCAokDcEKiBy4cKlXqBVQQSAiEkIJ2djde/1k7ThynlM9n1X2zb957897sZL87W7+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiqUyXSmNJzOXVxTNpf5Xpem1+k/Xd9n6+KtlkuxFJ67/YuzcOtrMO/v/K6ntbT8ficPvV4djbSvbGlf333vPY/w0OdOtv0qGbdbT/qqHeF0nEN1udunRueXnp5dvQkV30nZ92FvbecJV/XGs9z2bVvFHL58uzWZo3aunU5GTpodMzjXQmn8saZxvNbD6t1LNys1ZPT1ROpmNTUxNpNnq2tlidnS7PZd3MRx8cL5Um0ydHF7JyvVGrPvTkaKNyOp+by6uzRZnx0mvRKvNo60B8Km+mzaw8n6YXLi4vTWzV1VahsVU5w6sOnMMP3PPxqx/99eJS64Ds10jSOTDHx8bGx8cmH5l65NFSaXC8NL46o7RGXC8RAxGtErfloOXO2r9B3mDniFm3IuLa/+zMhzfcooFO/I+5yKMai3Em0khjoHheeQxFJaajHrWYb73+3dCa9evi/+cf+tNvNttub/zvRvmDK6sPRRH/j7RfHekX/9f1Ygceg/1arb7X7k1v3ivxelyJS3EulmM5luLltbX2rK2xweNGytzyY7idDuxsq7ORRTXyaEQSecxHuchJi5xapDEVkzEZpXgmTsdMNCKNmchjLrJoxNloRDOy4oiqRD2yKEczalGPNE5EJU5GGmMxFVMxEWlkMRpnoxaLUY3ZmI5y0cqFuFjs94k1/br3G8/+5Pnffvx2a/l6obFNBpK0vszt/zDiL5sUWhfutxH/WyUGOkf3rsQkdsnebb6rO/PBDTvgWhH/B+90NwAAAIDbKCl+fU8iYijuK5Zm8rnsK3e6WwAAAMAOKv6u+XArGWot3RdJ6/y/tEHJDyKGd717AAAAwA5Iijl2SUSMxP3tpe50qY1+BAAAAAD+AxX///9IKxmJeKPIcP4PAAAAnzHf6neN/Y/2FNfYHYnGwnDysz9HvT6UXF0480ByudwqV758V7teJ/ny9RabM4eSA51GimRy8Mr+JCIGK9nhpHv1y3915hJ8UjwfWrkAYb9r/SdbdCA270DxKr4bR9tljp5vp+e7a9pbGZnJ57LRSm3usbGk8+NI89UXLn4tiuF/uzp/IIkLF5eXRp97cfl80ZerrVauXu5cHj7p1opoT6jYpC/XurMp7tt4xEPFRIzOdkfa2y31jr9zNdmBzcef9G7zzTjWLnNspJ2OrB7/3tY2x0YfG4ty+cBAMzvTfPVaz+g7vRhbGflwd7TJNt6FN+N4u8zxE8fbyQa9GF/VixfW92K8d//f2L644V68ffSNM3/7ZS3JJrbqxcQt9gLgTrlQXPVnJQrtK6LQP6+1tQLamri7r1tzO59yF1a+ZXTr98S6wVgX3dObie5vxol2mRPt7xODhzaIK6UNPtFfuvjSrzqf6A+/+8MfPX3k1++vievb6MW7cbJdppPE//6iT4xtjfl7a6LqO60a7/TdbmNuPHlteGIoad98KK48ePHyueeXnl96YXx8YrL0cKn0yHgMFV8VOkmfnoo8AP/dtrrHzvtfv1603114koe3OKtOBrt/UjAaz8WLsRzn41Qx2yAi7t+41ZGeP0M4tcVZ60jPHV5ObXFuuVJ2fG3Z4eNJ9Ck70bPHPveDIvn7bXpDAGAXHNsiDidxT/uyP6/d3amxpsRdSXKq97z7qxFxqF/MbcXyk+0b53bPjqN/LO/1h076xd3YKQDwGZfVP0lGmm8l9Xq+8MzY1NRYuXk6S+u1ylNpPZ+ezdK82szqldPl6myWLtRrzVql+9PxdNZIG4sLC7V6M52p1dOFWiM/U9z5Pe3c+r2RzZerzbzSWJjLyo0srdSqzXKlmU7njUq6sPjEXN44ndWLyo2FrJLP5JVyM69V00ZtsV7JRtO0kWU9BfPprNrMZ/JsKM2r6UI9ny/Xr0bE3OJ8lk5njUo9X2jW2g12t5VXZw7U54tmR9cP/4+7vb8B4NPgldevXDq3vLz08s0t/P5GCt/pMQIAq4nSAAAAAAAAAAAAAADw6bd+ul4rd1sTAYfipqcPvjIcrYV9N1u9tfB0ZyS3MItxk4XB2OEGN1/4wnvtwexEg+vbGerm3L3VvM99q97TPZ1dvEs7YScXnn388UtXrkZEkZMM9u7eJ944ePrDLLqj26Sdjf+lbDTV9a0DEXt+/P12zpf6FE4Gd3ikH3QHuL3q15JN/uHv6scQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyQfwcAAP//LdJG/Q==")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x8001, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r5 = accept(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0)
unshare(0x6020480)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f000040a000/0x2000)=nil, 0x2000, 0x2, 0x80010, 0xffffffffffffffff, 0x148d6000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000040)=0x7)

193.670337ms ago: executing program 4 (id=2755):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000100)="140000001a004f7fb3e45f2024d2f1c9fb470000", 0x14)
r1 = timerfd_create(0x7, 0x80000)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000280)={'syztnl1\x00', &(0x7f0000000180)={'ip_vti0\x00', 0x0, 0x10, 0x700, 0x1fa, 0x5, {{0x20, 0x4, 0x2, 0x0, 0x80, 0x66, 0x0, 0x3, 0x4, 0x0, @loopback, @loopback, {[@generic={0x7, 0xf, "44739199dd6a641158b3ac9cb6"}, @timestamp_addr={0x44, 0x2c, 0xf2, 0x1, 0x0, [{@private=0xa010102, 0x5}, {@rand_addr=0x64010101, 0x4}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x16f}, {@private=0xa010100}, {@private=0xa010102, 0x670}]}, @generic={0x7, 0x8, "eb63fdfb9349"}, @noop, @timestamp={0x44, 0xc, 0x80, 0x0, 0x8, [0x1000, 0x0]}, @rr={0x7, 0x1b, 0x40, [@empty, @private=0xa010100, @multicast1, @broadcast, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x37}]}]}}}}})
getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300)=0x4)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
pwritev(r3, &(0x7f00000001c0)=[{&(0x7f00000003c0)="be", 0x1}, {0x0}], 0x13, 0xfffffffc, 0x3)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000003c0)={'syztnl1\x00', &(0x7f0000000340)={'gretap0\x00', 0x0, 0x20, 0x8, 0x6, 0x8, {{0x6, 0x4, 0x2, 0x3f, 0x18, 0x68, 0x0, 0x0, 0x4, 0x0, @local, @remote, {[@end]}}}}})
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000400)={@local}, &(0x7f0000000440)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000007c0)={'ip6gre0\x00', &(0x7f0000000740)={'syztnl1\x00', r2, 0x4, 0x5, 0x6b, 0xe, 0x43, @dev={0xfe, 0x80, '\x00', 0x10}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x20, 0x40, 0x81, 0x5}})
fsetxattr$trusted_overlay_nlink(r1, &(0x7f0000000000), &(0x7f0000000040)={'L+', 0x3}, 0x16, 0x2)
recvmmsg(r0, &(0x7f0000004e80)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x645}, {{&(0x7f0000000600)=@pppol2tp, 0x80, 0x0}, 0xffffff80}], 0x3, 0x10122, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
write$tun(r6, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x4, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp\x00')
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b000000572a000000009a33f16f1d4e5f07a4ef5989401cabe4035d130e210b0231a83d808ec3bfcb76e47a71e4e2850b529deda80db0ed64ec528abb8f4672acdf834ca519c09a23f47ae0485650471aa167212e090eec05e46c06825fd5d4720d5b3a8ebff45dcc69cc9cbd04121639976b986f935874379ef20bb0873ccf5d536456618a337c9142ffb2", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000008018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@max_batch_time={'max_batch_time', 0x3d, 0x121}}, {@mblk_io_submit}, {@quota}]}, 0x3, 0x44f, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLblV15+rQRfeFGraCS+tLQgcvCCwcSDJiZ6wGNtC0EWamhNhBBFY/BoSLwbjyb+BZ40JkY9mXjVuyEhhgvoac3szpTdYbtAu+023c8nGXiemWf3eb47z7P7zDydAPrWWPZPErE9Iv6IiJFGtrXAWOO/Wzcuzfxz49JMErXaW38n9XI3b1yaKYoWr9tWZAYi0s+S2Num3oULF89MV6tz5/P8xOLZ9ycWLlx84fTZ6VNzp+bOTR09evjQ5EtHpl7sSpxZXDf3fDS/b/dr71x9Y+bE1Xd/+TYp4i/FsUIDpfxYp8JP12qrrG5j2dGUTsqfBBtWJe+4g/XxPxKVpm48Eq9+2tPGAWuqVqvVHlr+8OUasIkl0esWAL1R/NBn17/Ftk5Tjw3h+rHGBVAW9618axwZiDQvM1i6vu2msYg4cfnfr7ItunMfAgCgo++z+c/z7eZ/aTTfF/p/voYyGhEPRMTOiDgSEbsi4sGIetmHI+KR+6y/vEhy5/wnvbaiwO5RNv97OV/bap3/FbO/GK3kuR31+AeTk6ercwfzz+RADG7J8pMd6vjh+O9fLGWGW481z/+yLau/mAvm7bg2sKX1NbPTi9Orjbtw/ZOIPQPt4k+WVgKSiNgdEXtWWMfpZ7/Zt9yxu8ffQRfWmWpfRzzTOP+XoxR/Iem8Pjnxv6jOHZwoesWdfv3typvL1b+q+LsgO/9b2/b/pfhHk+b12oXyO/yY3q2OK39+vuw1Taf4j9ffuX3/H0rebtn34fTi4vnJiKHk9Uajm/dPlcpN3S6fxX9gf/vxvzNufxJ7IyLrxI9GxGMR8Xje9ici4smI2N8h/p9feeq9lcS/HrL4Z+/r/N9ODEV5T/tE5cxP37VUOno/8Wfn/3A9dSDfcy/ff/fSrna9GQAAADajNCK2R5KOL6XTdHy88Tf8u2JrWp1fWHzu5PwH52YbzwiMxmBa3OkaabofOplf1hf5qVL+UH7f+MvKcD0/PjNfne118NDnti0z/jN/VXrdOmDNeV4L+pfxD/3L+If+ZfxD/2oz/od70Q5g/bX7/f+4B+0A1l9p/Fv2gz7i+h/6V5vxf6wX7QDWn99/6EsLw3H3h+TLiZGIFbxKYlMlIt0QzejzxNCavXOvv5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6478AAAD///2e5f8=")

184.488667ms ago: executing program 0 (id=2756):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) (async)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r2}, 0x18) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async, rerun: 64)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) (rerun: 64)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, 0x0, 0x0) (async)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, &(0x7f0000000580)={{0x84, @loopback, 0x4e24, 0x3, 'rr\x00', 0x2, 0x4, 0x7e}, {@private=0xa010102, 0x4e23, 0x10000, 0x1000, 0x80012d5a, 0x12d5c}}, 0x44) (async)
sendmsg$rds(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)
r8 = socket(0xa, 0x5, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x4c, &(0x7f0000000040)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0xfe, 0x0}}, @in6={0xa, 0x4e21, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10001}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e21, @private=0xa010102}]}, &(0x7f0000000100)=0x10)

45.058109ms ago: executing program 4 (id=2757):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2400c042)

0s ago: executing program 4 (id=2758):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000280)={'wg2\x00'})
socket$inet_sctp(0x2, 0x5, 0x84) (async)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r4, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0xc851)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f0000001c00), &(0x7f0000001e80)=0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r5, 0x0, 0x8000000000000}, 0x9) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r5, 0x0, 0x8000000000000}, 0x9)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})
r7 = socket(0x10, 0x3, 0x9)
connect$netlink(r7, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x18)
r8 = gettid()
process_vm_writev(r8, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) (async)
process_vm_writev(r8, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x6, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x1, 0x3}}, @enum64={0x1, 0x3, 0x0, 0x13, 0x1, 0x8, [{0xf, 0xca, 0xff}, {0x8, 0x4, 0x4}, {0x6, 0x9, 0x3}]}]}, {0x0, [0x5f, 0x61, 0x2e, 0x30]}}, &(0x7f00000008c0)=""/2, 0x66, 0x2, 0x1, 0x5}, 0x28)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="340000000415000000000000b6984ce8ce31bb59ab60d49527e66d31f6d032527f0c90da1e630c801c15e89a6373f16793e22ec4b29e5aef01127eb85431cb981924ec19376a3a9f57240ab9e4e8d70806b63ffa9bd79ad5a4", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="340000000415000000000000b6984ce8ce31bb59ab60d49527e66d31f6d032527f0c90da1e630c801c15e89a6373f16793e22ec4b29e5aef01127eb85431cb981924ec19376a3a9f57240ab9e4e8d70806b63ffa9bd79ad5a4", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000500)={'syztnl1\x00', &(0x7f0000000480)={'syztnl2\x00', 0x0, 0x7, 0x1, 0x4, 0x8001, {{0xf, 0x4, 0x3, 0x1f, 0x3c, 0x66, 0x0, 0xc, 0x4, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0xde, 0x0, 0x5, [0x8, 0x8, 0x5, 0x7ff]}, @timestamp_prespec={0x44, 0x14, 0xfa, 0x3, 0x3, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x10}, {@rand_addr=0x64010101, 0x10000}]}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000500)={'syztnl1\x00', &(0x7f0000000480)={'syztnl2\x00', 0x0, 0x7, 0x1, 0x4, 0x8001, {{0xf, 0x4, 0x3, 0x1f, 0x3c, 0x66, 0x0, 0xc, 0x4, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0xde, 0x0, 0x5, [0x8, 0x8, 0x5, 0x7ff]}, @timestamp_prespec={0x44, 0x14, 0xfa, 0x3, 0x3, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x10}, {@rand_addr=0x64010101, 0x10000}]}]}}}}})
syz_open_procfs(r8, &(0x7f0000000440)='fd/3\x00')
sendmsg$NFT_BATCH(r7, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14}}, 0x28}, 0x1, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r7, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14}}, 0x28}, 0x1, 0x4000}, 0x0)
getgroups(0x0, 0x0)

kernel console output (not intermixed with test programs):

 1024
[  239.165016][T13676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.631265][T13738] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2161'.
[  239.640959][T13736] loop4: detected capacity change from 0 to 512
[  239.650468][T13738] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2161'.
[  239.682947][T13736] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  239.693322][T13736] EXT4-fs (loop4): orphan cleanup on readonly fs
[  239.700797][T13738] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2161'.
[  239.709963][T13736] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  239.733268][T13736] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  239.740490][T13736] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2160: bg 0: block 40: padding at end of block bitmap is not set
[  239.760368][T13736] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  239.784382][T13736] EXT4-fs (loop4): 1 truncate cleaned up
[  239.790504][T13736] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  240.053383][T13774] loop2: detected capacity change from 0 to 512
[  240.095021][T13774] EXT4-fs: inline encryption not supported
[  240.328066][T13774] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  240.403563][T13774] EXT4-fs (loop2): 1 truncate cleaned up
[  240.478324][T13772] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  240.908128][T13782] loop2: detected capacity change from 0 to 764
[  241.815357][T13800] __nla_validate_parse: 3 callbacks suppressed
[  241.815377][T13800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2172'.
[  241.860994][T13800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2172'.
[  241.884786][T13807] netlink: 'syz.2.2171': attribute type 12 has an invalid length.
[  241.916778][T13809] loop3: detected capacity change from 0 to 512
[  241.922231][T13800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2172'.
[  241.936565][T13800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2172'.
[  241.947945][T13809] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  241.959918][T13814] loop0: detected capacity change from 0 to 512
[  241.970710][T13809] EXT4-fs (loop3): orphan cleanup on readonly fs
[  241.984218][T13814] EXT4-fs: inline encryption not supported
[  241.992180][T13809] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  242.024317][T13809] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  242.031598][T13814] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  242.042494][T13800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2172'.
[  242.051146][T13822] 9pnet_fd: Insufficient options for proto=fd
[  242.052874][T13809] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2174: bg 0: block 40: padding at end of block bitmap is not set
[  242.058180][T13800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2172'.
[  242.081381][T13814] EXT4-fs (loop0): 1 truncate cleaned up
[  242.094358][T13809] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  242.127643][T13809] EXT4-fs (loop3): 1 truncate cleaned up
[  242.133907][T13828] 9pnet_fd: Insufficient options for proto=fd
[  242.136597][T13829] netlink: 'syz.4.2179': attribute type 29 has an invalid length.
[  242.147920][T13829] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2179'.
[  242.307926][T13829] loop4: detected capacity change from 0 to 8192
[  242.550376][T13857] loop4: detected capacity change from 0 to 1024
[  243.255895][   T29] kauditd_printk_skb: 385 callbacks suppressed
[  243.255912][   T29] audit: type=1326 audit(1753784154.347:11854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.349323][   T29] audit: type=1326 audit(1753784154.377:11855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.373047][   T29] audit: type=1326 audit(1753784154.377:11856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.396671][   T29] audit: type=1326 audit(1753784154.377:11857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.420290][   T29] audit: type=1326 audit(1753784154.377:11858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.443988][   T29] audit: type=1326 audit(1753784154.377:11859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.467646][   T29] audit: type=1326 audit(1753784154.377:11860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.491225][   T29] audit: type=1326 audit(1753784154.387:11861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.514961][   T29] audit: type=1326 audit(1753784154.387:11862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.538586][   T29] audit: type=1326 audit(1753784154.387:11863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.1.2190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  243.584716][T13890] netlink: 'syz.3.2189': attribute type 12 has an invalid length.
[  243.619654][T13892] loop4: detected capacity change from 0 to 512
[  243.636751][T13892] EXT4-fs: inline encryption not supported
[  243.654423][T13892] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  243.673944][T13892] EXT4-fs (loop4): 1 truncate cleaned up
[  243.743575][T13900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2192'.
[  243.773771][T13900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2192'.
[  243.834102][T13900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2192'.
[  243.851580][T13913] loop3: detected capacity change from 0 to 512
[  243.905263][T13913] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  243.925653][T13913] EXT4-fs (loop3): orphan cleanup on readonly fs
[  243.965733][T13913] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  244.023805][T13913] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  244.054818][T13913] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2194: bg 0: block 40: padding at end of block bitmap is not set
[  244.084833][T13913] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  244.119475][T13913] EXT4-fs (loop3): 1 truncate cleaned up
[  244.925886][T14021] loop4: detected capacity change from 0 to 1024
[  244.933761][T14025] loop0: detected capacity change from 0 to 2048
[  244.993593][T14025] loop0: detected capacity change from 0 to 1024
[  245.004067][T14032] loop2: detected capacity change from 0 to 512
[  245.026542][T14032] EXT4-fs: inline encryption not supported
[  245.082059][T14032] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  245.112116][T14032] EXT4-fs (loop2): 1 truncate cleaned up
[  245.128027][T14032] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  245.135780][T14040] loop3: detected capacity change from 0 to 512
[  245.146525][T14040] EXT4-fs: inline encryption not supported
[  245.158770][T14040] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  245.170533][T14040] EXT4-fs (loop3): 1 truncate cleaned up
[  245.206528][T14044] loop2: detected capacity change from 0 to 1024
[  245.209490][T14021] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  245.237692][T14044] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.2208: Allocating blocks 465-513 which overlap fs metadata
[  245.268656][T14044] EXT4-fs (loop2): pa ffff888105179d90: logic 256, phys. 369, len 9
[  245.276763][T14044] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  245.317008][T14044] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  245.389843][T14056] 9pnet_fd: Insufficient options for proto=fd
[  245.424968][T14060] netlink: 'syz.4.2212': attribute type 12 has an invalid length.
[  245.492772][T14065] 9pnet_fd: Insufficient options for proto=fd
[  246.260741][T14091] loop4: detected capacity change from 0 to 512
[  246.277985][T14091] EXT4-fs: inline encryption not supported
[  246.295343][T14091] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  246.315656][T14091] EXT4-fs (loop4): 1 truncate cleaned up
[  246.707784][T14131] netlink: 'syz.0.2222': attribute type 29 has an invalid length.
[  246.770619][T14135] loop4: detected capacity change from 0 to 512
[  246.805927][T14135] EXT4-fs: inline encryption not supported
[  246.845422][T14135] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  246.898469][T14131] loop0: detected capacity change from 0 to 8192
[  246.905783][T14135] EXT4-fs (loop4): 1 truncate cleaned up
[  247.180238][T14158] __nla_validate_parse: 4 callbacks suppressed
[  247.180259][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2228'.
[  247.214900][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2228'.
[  247.242056][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2228'.
[  247.261387][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2228'.
[  247.308325][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2228'.
[  247.324343][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2228'.
[  247.386839][T14164] loop0: detected capacity change from 0 to 512
[  247.403861][T14164] EXT4-fs: inline encryption not supported
[  247.433658][T14164] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  247.460483][T14164] EXT4-fs (loop0): 1 truncate cleaned up
[  247.480351][T14171] loop4: detected capacity change from 0 to 2048
[  247.521462][T14171] loop4: detected capacity change from 0 to 1024
[  247.853858][T14217] netlink: 'syz.1.2235': attribute type 29 has an invalid length.
[  247.861830][T14217] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2235'.
[  247.907387][T14222] loop0: detected capacity change from 0 to 512
[  247.914228][T14222] EXT4-fs: inline encryption not supported
[  247.927314][T14222] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  247.950482][T14222] EXT4-fs (loop0): 1 truncate cleaned up
[  248.338175][T14269] loop2: detected capacity change from 0 to 512
[  248.372251][T14271] loop3: detected capacity change from 0 to 764
[  248.397566][T14273] loop4: detected capacity change from 0 to 512
[  248.404251][T14269] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  248.412248][T14269] EXT4-fs (loop2): orphan cleanup on readonly fs
[  248.470430][T14273] EXT4-fs: inline encryption not supported
[  248.501312][T14269] __quota_error: 581 callbacks suppressed
[  248.501331][T14269] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  248.521812][T14273] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  248.565743][T14273] EXT4-fs (loop4): 1 truncate cleaned up
[  248.572151][T14269] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  248.604976][T14269] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  248.635159][T14269] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2242: bg 0: block 40: padding at end of block bitmap is not set
[  248.683059][T14269] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  248.693638][   T29] audit: type=1326 audit(1753784159.777:12444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  248.736231][T14269] EXT4-fs (loop2): 1 truncate cleaned up
[  248.742775][   T29] audit: type=1326 audit(1753784159.777:12445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  248.766577][   T29] audit: type=1326 audit(1753784159.787:12446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  248.790212][   T29] audit: type=1326 audit(1753784159.787:12447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  248.813960][   T29] audit: type=1326 audit(1753784159.787:12448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  248.837676][   T29] audit: type=1326 audit(1753784159.787:12449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  248.861367][   T29] audit: type=1326 audit(1753784159.787:12450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  248.884992][   T29] audit: type=1326 audit(1753784159.787:12451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  248.908821][   T29] audit: type=1326 audit(1753784159.787:12452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14278 comm="syz.4.2245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  249.030578][T14287] netlink: 'syz.0.2247': attribute type 29 has an invalid length.
[  249.038548][T14287] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2247'.
[  249.117109][T14287] loop0: detected capacity change from 0 to 8192
[  249.754477][T14303] loop3: detected capacity change from 0 to 1024
[  250.123320][T14307] loop4: detected capacity change from 0 to 2048
[  250.928973][T14303] EXT4-fs mount: 38 callbacks suppressed
[  250.928994][T14303] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.983439][T14311] loop4: detected capacity change from 0 to 1024
[  251.078039][T14311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.104172][T14303] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.2251: Allocating blocks 465-513 which overlap fs metadata
[  251.177134][T14303] EXT4-fs (loop3): pa ffff888105179e70: logic 256, phys. 369, len 9
[  251.185277][T14303] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  251.240225][T14303] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  251.349179][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.359814][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.450821][T14318] loop4: detected capacity change from 0 to 512
[  251.463050][T14320] loop3: detected capacity change from 0 to 512
[  251.483722][T14318] EXT4-fs: inline encryption not supported
[  251.538820][T14318] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  251.575396][T14318] EXT4-fs (loop4): 1 truncate cleaned up
[  251.581976][T14320] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  251.591925][T14318] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.614975][T14320] EXT4-fs (loop3): orphan cleanup on readonly fs
[  251.624344][T14320] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  251.700593][T14320] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  251.724780][T14320] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2256: bg 0: block 40: padding at end of block bitmap is not set
[  251.750857][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.785018][T14320] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  251.814874][T14320] EXT4-fs (loop3): 1 truncate cleaned up
[  251.820964][T14320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  251.837545][T14320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.986775][T14331] loop2: detected capacity change from 0 to 512
[  252.003666][T14331] EXT4-fs: Ignoring removed mblk_io_submit option
[  252.029751][T14331] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  252.046328][T14331] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  252.056218][T14331] EXT4-fs (loop2): orphan cleanup on readonly fs
[  252.062986][T14331] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2259: Invalid block bitmap block 0 in block_group 0
[  252.077699][T14331] EXT4-fs (loop2): Remounting filesystem read-only
[  252.096852][T14331] EXT4-fs (loop2): 1 orphan inode deleted
[  252.112981][T14331] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.163011][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.192697][T14336] netlink: 'syz.1.2260': attribute type 12 has an invalid length.
[  252.354862][T14341] loop4: detected capacity change from 0 to 512
[  252.433288][T14341] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  252.438511][T14355] loop2: detected capacity change from 0 to 2048
[  252.441844][T14341] EXT4-fs (loop4): orphan cleanup on readonly fs
[  252.458262][T14341] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  252.483196][T14341] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  252.494605][T14341] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2258: bg 0: block 40: padding at end of block bitmap is not set
[  252.507756][T14361] loop0: detected capacity change from 0 to 512
[  252.525346][T14341] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  252.554552][T14361] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  252.564670][T14361] EXT4-fs (loop0): orphan cleanup on readonly fs
[  252.568549][T14341] EXT4-fs (loop4): 1 truncate cleaned up
[  252.583009][T14361] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  252.604775][T14341] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.614477][T14361] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  252.624427][T14355] loop2: detected capacity change from 0 to 1024
[  252.633385][T14361] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2268: bg 0: block 40: padding at end of block bitmap is not set
[  252.645806][T14341] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.658448][T14361] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  252.678424][T14361] EXT4-fs (loop0): 1 truncate cleaned up
[  252.686974][T14361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.705306][T14355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.717762][T14361] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.888033][T14380] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2272'.
[  252.901596][T14381] loop3: detected capacity change from 0 to 512
[  252.910403][T14381] EXT4-fs: Ignoring removed nobh option
[  252.925712][T14381] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  252.934026][T14381] System zones: 0-2, 18-18, 34-34
[  252.940117][T14381] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.955271][T14381] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.975603][T14381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2271'.
[  253.063225][T14381] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  253.146794][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.237297][T14389] netlink: 'syz.3.2273': attribute type 12 has an invalid length.
[  253.246247][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.394765][T14419] loop4: detected capacity change from 0 to 764
[  254.412374][T14421] netlink: 'syz.1.2284': attribute type 29 has an invalid length.
[  254.420288][T14421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2284'.
[  254.434284][   T29] kauditd_printk_skb: 288 callbacks suppressed
[  254.434298][   T29] audit: type=1326 audit(1753784165.497:12735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.464272][   T29] audit: type=1326 audit(1753784165.497:12736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.488029][   T29] audit: type=1326 audit(1753784165.497:12737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.511683][   T29] audit: type=1326 audit(1753784165.497:12738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.535372][   T29] audit: type=1326 audit(1753784165.497:12739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.559030][   T29] audit: type=1326 audit(1753784165.497:12740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.582635][   T29] audit: type=1326 audit(1753784165.497:12741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.606219][   T29] audit: type=1326 audit(1753784165.497:12742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.629808][   T29] audit: type=1326 audit(1753784165.497:12743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  254.869794][T14424] loop0: detected capacity change from 0 to 2048
[  254.897270][T14426] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2286'.
[  254.975825][   T29] audit: type=1326 audit(1753784165.757:12744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14420 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  255.279763][T14435] loop2: detected capacity change from 0 to 1024
[  255.353197][T14435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.415219][T14435] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.2289: Allocating blocks 465-513 which overlap fs metadata
[  255.442470][T14435] EXT4-fs (loop2): pa ffff888106a075b0: logic 256, phys. 369, len 9
[  255.450641][T14435] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  255.460699][T14442] loop3: detected capacity change from 0 to 8192
[  255.461406][T14435] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  255.516785][T14442] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.542863][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.577168][T14442] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.597424][T14457] netlink: 'syz.1.2296': attribute type 29 has an invalid length.
[  255.605477][T14457] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2296'.
[  255.627170][T14442] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.688541][T14442] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.767771][T14442] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  255.780285][T14442] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.793937][T14442] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.806357][T14442] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.898249][T14473] loop3: detected capacity change from 0 to 1024
[  255.918135][T14473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.949996][T14473] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.2300: Allocating blocks 465-513 which overlap fs metadata
[  255.977471][T14473] EXT4-fs (loop3): pa ffff888106a075b0: logic 256, phys. 369, len 9
[  255.985588][T14473] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  256.003688][T14473] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  256.024729][T14480] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2303'.
[  256.036319][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.335948][T14488] loop3: detected capacity change from 0 to 1024
[  256.367325][T14488] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.381926][T14488] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.2306: Allocating blocks 465-513 which overlap fs metadata
[  256.397605][T14488] EXT4-fs (loop3): pa ffff888105179e70: logic 256, phys. 369, len 9
[  256.405705][T14488] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  256.417809][T14488] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  256.553665][T14497] loop4: detected capacity change from 0 to 2048
[  256.572952][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.637424][T14497] loop4: detected capacity change from 0 to 1024
[  256.685941][T14497] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.978936][T14517] netlink: 'syz.2.2315': attribute type 12 has an invalid length.
[  257.158020][T14525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2318'.
[  257.340420][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.401193][T14528] loop4: detected capacity change from 0 to 1024
[  257.435837][T14528] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.576159][T14534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2321'.
[  257.590233][T14537] loop2: detected capacity change from 0 to 1024
[  257.660082][T14537] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.715966][T14547] loop0: detected capacity change from 0 to 512
[  257.741509][T14547] EXT4-fs: Ignoring removed nobh option
[  257.752845][T14528] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  257.769636][T14537] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.2322: Allocating blocks 465-513 which overlap fs metadata
[  257.784986][T14537] EXT4-fs (loop2): pa ffff888105179e70: logic 256, phys. 369, len 9
[  257.793010][T14537] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  257.804082][T14537] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  257.831532][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.862284][T14547] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  257.880724][T14547] System zones: 0-2, 18-18, 34-34
[  257.887905][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.910866][T14547] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.930688][T14547] ext4 filesystem being mounted at /463/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.955861][T14547] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2324'.
[  257.966361][T14561] netlink: 'syz.3.2326': attribute type 12 has an invalid length.
[  258.019459][T14547] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  258.041360][T14565] loop2: detected capacity change from 0 to 2048
[  258.077302][T14565] loop2: detected capacity change from 0 to 1024
[  258.109630][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.270943][T14565] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.381220][T14572] loop3: detected capacity change from 0 to 764
[  258.389576][T14574] loop0: detected capacity change from 0 to 2048
[  258.656872][T14577] loop0: detected capacity change from 0 to 1024
[  258.729116][T14577] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.936624][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.244034][T14587] loop3: detected capacity change from 0 to 1024
[  259.266163][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.296268][T14587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.358209][T14595] loop0: detected capacity change from 0 to 1024
[  259.396331][T14595] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.441850][T14595] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.2336: Allocating blocks 465-513 which overlap fs metadata
[  259.486791][T14595] EXT4-fs (loop0): pa ffff888105179e70: logic 256, phys. 369, len 9
[  259.494938][T14595] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  259.548820][T14595] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  259.626266][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.761854][T14587] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  259.801617][   T29] kauditd_printk_skb: 594 callbacks suppressed
[  259.801630][   T29] audit: type=1326 audit(1753784170.887:13339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  259.831579][   T29] audit: type=1326 audit(1753784170.887:13340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  259.857496][T14601] netlink: 'syz.4.2338': attribute type 29 has an invalid length.
[  259.865488][T14601] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2338'.
[  259.947331][   T29] audit: type=1326 audit(1753784170.947:13341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  259.971015][   T29] audit: type=1326 audit(1753784170.947:13342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  259.994681][   T29] audit: type=1326 audit(1753784170.947:13343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  260.018336][   T29] audit: type=1326 audit(1753784170.947:13344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  260.042004][   T29] audit: type=1326 audit(1753784170.947:13345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  260.065714][   T29] audit: type=1326 audit(1753784170.947:13346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  260.089342][   T29] audit: type=1326 audit(1753784170.977:13347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  260.113026][   T29] audit: type=1326 audit(1753784170.977:13348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14600 comm="syz.4.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  260.189209][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.278042][T14616] loop4: detected capacity change from 0 to 512
[  260.285022][T14616] EXT4-fs: Ignoring removed mblk_io_submit option
[  260.299095][T14616] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  260.339341][T14631] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2344'.
[  260.355758][T14616] EXT4-fs (loop4): 1 truncate cleaned up
[  260.356604][T14624] loop3: detected capacity change from 0 to 512
[  260.365388][T14616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.381810][T14624] EXT4-fs: Ignoring removed mblk_io_submit option
[  260.398844][T14624] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  260.425296][T14624] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  260.452813][T14624] EXT4-fs (loop3): orphan cleanup on readonly fs
[  260.467855][T14624] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2341: Invalid block bitmap block 0 in block_group 0
[  260.496496][T14624] EXT4-fs (loop3): Remounting filesystem read-only
[  260.503655][T14624] EXT4-fs (loop3): 1 orphan inode deleted
[  260.515241][T14624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  260.529230][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.550830][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.630872][T14647] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2347'.
[  260.979523][T14657] loop2: detected capacity change from 0 to 1024
[  261.047430][T14661] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2353'.
[  261.060637][T14657] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.074353][T14661] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2353'.
[  261.101575][T14661] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2353'.
[  261.123598][T14668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2354'.
[  261.136996][T14661] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2353'.
[  261.154473][T14668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2354'.
[  261.280209][T14676] netlink: 'syz.1.2356': attribute type 12 has an invalid length.
[  261.402367][T14686] loop3: detected capacity change from 0 to 512
[  261.415640][T14686] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.424760][T14681] loop4: detected capacity change from 0 to 512
[  261.431569][T14681] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.444586][T14686] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  261.459806][T14681] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  261.491901][T14686] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  261.576033][T14686] EXT4-fs (loop3): orphan cleanup on readonly fs
[  261.583126][T14686] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2358: Invalid block bitmap block 0 in block_group 0
[  261.607290][T14681] EXT4-fs (loop4): 1 truncate cleaned up
[  261.615949][T14681] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.661334][T14686] EXT4-fs (loop3): Remounting filesystem read-only
[  261.717034][T14686] EXT4-fs (loop3): 1 orphan inode deleted
[  261.783715][T14686] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  261.806329][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.081731][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.107768][T14657] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  262.664568][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.340706][T14712] 9pnet_fd: Insufficient options for proto=fd
[  263.719550][T14714] 9pnet_fd: Insufficient options for proto=fd
[  264.424541][T14727] __nla_validate_parse: 6 callbacks suppressed
[  264.424562][T14727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2366'.
[  264.629106][T14734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2367'.
[  264.822654][T14734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2367'.
[  264.956932][T14734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2367'.
[  265.021197][T14734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2367'.
[  265.225862][T14734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2367'.
[  265.270753][T14734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2367'.
[  265.507586][   T29] kauditd_printk_skb: 415 callbacks suppressed
[  265.507721][   T29] audit: type=1326 audit(1753784176.597:13758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  265.696783][   T29] audit: type=1326 audit(1753784176.627:13759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  265.720675][   T29] audit: type=1326 audit(1753784176.637:13760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  265.744567][   T29] audit: type=1326 audit(1753784176.637:13761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  265.768316][   T29] audit: type=1326 audit(1753784176.637:13762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  265.791959][   T29] audit: type=1326 audit(1753784176.647:13763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  265.815665][   T29] audit: type=1326 audit(1753784176.647:13764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  265.839251][   T29] audit: type=1326 audit(1753784176.647:13765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  265.862895][   T29] audit: type=1326 audit(1753784176.647:13766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4e1f52d45f code=0x7ffc0000
[  265.886392][   T29] audit: type=1326 audit(1753784176.647:13767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.3.2368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  266.047647][T14758] loop2: detected capacity change from 0 to 1024
[  266.106950][T14749] netlink: 'syz.3.2369': attribute type 12 has an invalid length.
[  266.120918][T14760] loop0: detected capacity change from 0 to 512
[  266.130017][T14760] EXT4-fs: Ignoring removed mblk_io_submit option
[  266.148553][T14758] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.160775][T14760] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  266.193933][T14760] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  266.203724][T14760] EXT4-fs (loop0): orphan cleanup on readonly fs
[  266.214286][T14758] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.2370: Allocating blocks 465-513 which overlap fs metadata
[  266.228450][T14760] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2371: Invalid block bitmap block 0 in block_group 0
[  266.245122][T14760] EXT4-fs (loop0): Remounting filesystem read-only
[  266.252036][T14760] EXT4-fs (loop0): 1 orphan inode deleted
[  266.257783][T14758] EXT4-fs (loop2): pa ffff888105179e70: logic 256, phys. 369, len 9
[  266.257881][T14758] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  266.289488][T14760] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  266.324801][T14758] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  266.383306][T14790] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2373'.
[  266.479212][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.491172][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.539708][T14815] loop2: detected capacity change from 0 to 1024
[  266.630617][T14808] loop3: detected capacity change from 0 to 512
[  266.729113][T14821] netlink: 'syz.0.2375': attribute type 12 has an invalid length.
[  266.772264][T14808] ext4: Unknown parameter 'debug_want_extra_isisyztnl1'
[  266.782362][T14815] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.635491][T14843] netlink: 'syz.4.2382': attribute type 12 has an invalid length.
[  268.075358][T14815] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  268.436701][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.627602][T14861] loop2: detected capacity change from 0 to 512
[  268.645069][T14861] EXT4-fs: Ignoring removed mblk_io_submit option
[  268.655937][T14861] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  268.684805][T14861] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  268.705616][T14861] EXT4-fs (loop2): orphan cleanup on readonly fs
[  268.718689][T14861] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2386: Invalid block bitmap block 0 in block_group 0
[  268.733096][T14861] EXT4-fs (loop2): Remounting filesystem read-only
[  268.740606][T14861] EXT4-fs (loop2): 1 orphan inode deleted
[  268.747061][T14861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  268.796622][T14868] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2389'.
[  268.797979][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.877526][T14875] loop2: detected capacity change from 0 to 512
[  268.912536][T14875] EXT4-fs: inline encryption not supported
[  268.943441][T14875] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  268.976331][T14875] EXT4-fs (loop2): 1 truncate cleaned up
[  269.004603][T14875] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.070868][T14894] netlink: 'syz.4.2394': attribute type 12 has an invalid length.
[  269.135709][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.167458][T14893] loop3: detected capacity change from 0 to 512
[  269.178772][T14899] loop4: detected capacity change from 0 to 764
[  269.205625][T14901] loop2: detected capacity change from 0 to 1024
[  269.218615][T14893] EXT4-fs: Ignoring removed mblk_io_submit option
[  269.246782][T14893] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  269.265348][T14901] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.291469][T14893] EXT4-fs (loop3): 1 truncate cleaned up
[  269.317397][T14893] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.672038][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.883190][T14918] loop3: detected capacity change from 0 to 512
[  269.897313][T14918] EXT4-fs: Ignoring removed mblk_io_submit option
[  269.918152][T14918] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  269.947947][T14918] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  269.956409][T14918] EXT4-fs (loop3): orphan cleanup on readonly fs
[  269.963300][T14918] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2401: Invalid block bitmap block 0 in block_group 0
[  269.977604][T14918] EXT4-fs (loop3): Remounting filesystem read-only
[  269.984471][T14918] EXT4-fs (loop3): 1 orphan inode deleted
[  269.991136][T14918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  270.371189][T14901] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  270.866384][T14932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2407'.
[  270.876384][T14932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2407'.
[  270.894275][T14932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2407'.
[  270.939954][T14937] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2404'.
[  270.967031][T14932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2407'.
[  271.079330][T14932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2407'.
[  271.097296][   T29] kauditd_printk_skb: 331 callbacks suppressed
[  271.097311][   T29] audit: type=1326 audit(1753784182.187:14090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  271.097328][T14932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2407'.
[  271.135686][   T29] audit: type=1326 audit(1753784182.187:14091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14922 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  271.189130][T14948] loop0: detected capacity change from 0 to 2048
[  271.201683][   T29] audit: type=1326 audit(1753784182.287:14092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14947 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  271.254667][   T29] audit: type=1326 audit(1753784182.317:14093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14947 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  271.255069][T14946] netlink: 'syz.3.2408': attribute type 12 has an invalid length.
[  271.278701][   T29] audit: type=1326 audit(1753784182.317:14094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14947 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  271.310199][   T29] audit: type=1326 audit(1753784182.327:14095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14947 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  271.333830][   T29] audit: type=1326 audit(1753784182.337:14096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14947 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  271.357505][   T29] audit: type=1326 audit(1753784182.337:14097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14947 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  271.381156][   T29] audit: type=1326 audit(1753784182.337:14098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14947 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  271.404878][   T29] audit: type=1326 audit(1753784182.337:14099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14947 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  271.440507][T14959] loop4: detected capacity change from 0 to 764
[  271.511575][T14963] loop3: detected capacity change from 0 to 512
[  271.519363][T14963] EXT4-fs: inline encryption not supported
[  271.531912][T14963] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  271.556753][T14963] EXT4-fs (loop3): 1 truncate cleaned up
[  271.562805][T14965] loop2: detected capacity change from 0 to 1024
[  271.775307][T14965] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  271.908662][T14986] 9pnet_fd: Insufficient options for proto=fd
[  271.967731][T14994] 9pnet_fd: Insufficient options for proto=fd
[  272.043483][T15006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2421'.
[  272.053015][T15006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2421'.
[  272.072147][T15006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2421'.
[  272.282154][T15031] netlink: 'syz.2.2424': attribute type 12 has an invalid length.
[  272.453907][T15040] loop4: detected capacity change from 0 to 512
[  272.460672][T15040] EXT4-fs: Ignoring removed mblk_io_submit option
[  272.483916][T15040] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  272.496959][T15040] EXT4-fs (loop4): 1 truncate cleaned up
[  272.731980][T15086] loop2: detected capacity change from 0 to 512
[  272.751101][T15086] EXT4-fs: inline encryption not supported
[  272.761486][T15090] loop4: detected capacity change from 0 to 764
[  272.764658][T15086] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  272.800065][T15086] EXT4-fs (loop2): 1 truncate cleaned up
[  272.848853][T15086] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  273.290349][T15133] loop0: detected capacity change from 0 to 8192
[  273.413903][T15149] loop0: detected capacity change from 0 to 512
[  273.431809][T15149] EXT4-fs: Ignoring removed mblk_io_submit option
[  273.458339][T15149] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  273.490130][T15149] EXT4-fs (loop0): 1 truncate cleaned up
[  273.758010][T15199] loop4: detected capacity change from 0 to 1024
[  273.780324][T15205] loop2: detected capacity change from 0 to 512
[  273.796908][T15205] EXT4-fs: inline encryption not supported
[  273.804288][T15205] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  273.823417][T15205] EXT4-fs (loop2): 1 truncate cleaned up
[  273.841638][T15205] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  273.881201][T15208] loop3: detected capacity change from 0 to 8192
[  274.091631][T15199] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  274.116465][T15223] loop2: detected capacity change from 0 to 764
[  274.349186][T15220] loop3: detected capacity change from 0 to 512
[  274.412149][T15220] EXT4-fs: Ignoring removed mblk_io_submit option
[  274.502737][T15220] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  274.615481][T15220] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  274.623885][T15220] EXT4-fs (loop3): orphan cleanup on readonly fs
[  274.641616][T15220] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2453: Invalid block bitmap block 0 in block_group 0
[  274.674767][T15220] EXT4-fs (loop3): Remounting filesystem read-only
[  274.691011][T15220] EXT4-fs (loop3): 1 orphan inode deleted
[  274.933498][T15240] 9pnet_fd: Insufficient options for proto=fd
[  275.005888][T15245] 9pnet_fd: Insufficient options for proto=fd
[  275.023851][T15246] loop2: detected capacity change from 0 to 512
[  275.039728][T15246] EXT4-fs: inline encryption not supported
[  275.061712][T15246] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  275.101199][T15246] EXT4-fs (loop2): 1 truncate cleaned up
[  275.110813][T15243] loop4: detected capacity change from 0 to 512
[  275.135827][T15243] EXT4-fs: Ignoring removed mblk_io_submit option
[  275.142571][T15246] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  275.165578][T15243] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  275.191206][T15243] EXT4-fs (loop4): 1 truncate cleaned up
[  275.934029][T15346] loop3: detected capacity change from 0 to 8192
[  276.387088][   T29] kauditd_printk_skb: 418 callbacks suppressed
[  276.387185][   T29] audit: type=1326 audit(1753784187.477:14515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.426660][   T29] audit: type=1326 audit(1753784187.477:14516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.450342][   T29] audit: type=1326 audit(1753784187.477:14517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.473965][   T29] audit: type=1326 audit(1753784187.477:14518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.497639][   T29] audit: type=1326 audit(1753784187.477:14519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.521326][   T29] audit: type=1326 audit(1753784187.477:14520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.544993][   T29] audit: type=1326 audit(1753784187.477:14521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.568738][   T29] audit: type=1326 audit(1753784187.477:14522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.592368][   T29] audit: type=1326 audit(1753784187.477:14523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.616259][   T29] audit: type=1326 audit(1753784187.477:14524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15391 comm="syz.1.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  276.708929][T15410] loop3: detected capacity change from 0 to 512
[  276.716319][T15410] EXT4-fs: Ignoring removed nobh option
[  276.760862][T15408] loop0: detected capacity change from 0 to 764
[  276.798928][T15410] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  276.919561][T15410] System zones: 0-2, 18-18, 34-34
[  276.943509][T15410] ext4 filesystem being mounted at /446/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.987131][T15410] __nla_validate_parse: 4 callbacks suppressed
[  276.987149][T15410] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2475'.
[  277.038228][T15410] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  278.148570][T15444] 9pnet_fd: Insufficient options for proto=fd
[  278.245279][T15447] 9pnet_fd: Insufficient options for proto=fd
[  278.377641][T15451] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2485'.
[  278.967043][T15481] loop2: detected capacity change from 0 to 512
[  278.984519][T15481] EXT4-fs: Ignoring removed nobh option
[  279.026226][T15481] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  279.073989][T15481] System zones: 0-2, 18-18, 34-34
[  279.104106][T15481] ext4 filesystem being mounted at /537/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.157859][T15481] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2487'.
[  279.225742][T15495] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  279.256744][T15506] loop3: detected capacity change from 0 to 512
[  279.283081][T15506] EXT4-fs: Ignoring removed nobh option
[  279.324371][T15506] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  279.338816][T15506] System zones: 0-2, 18-18, 34-34
[  279.352052][T15506] ext4 filesystem being mounted at /452/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.370638][T15506] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2489'.
[  279.454103][T15524] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  279.571538][T15536] loop2: detected capacity change from 0 to 764
[  279.740227][T15554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2497'.
[  279.751989][T15554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2497'.
[  279.789224][T15554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2497'.
[  279.804626][T15554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2497'.
[  279.846813][T15554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2497'.
[  279.856288][T15554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2497'.
[  279.966298][T15572] netlink: 'syz.0.2499': attribute type 12 has an invalid length.
[  280.217599][T15599] loop3: detected capacity change from 0 to 512
[  280.277146][T15599] EXT4-fs: Ignoring removed mblk_io_submit option
[  280.324675][T15599] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  280.343045][T15599] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  280.354905][T15599] EXT4-fs (loop3): orphan cleanup on readonly fs
[  280.380240][T15621] loop4: detected capacity change from 0 to 1024
[  280.390294][T15599] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2502: Invalid block bitmap block 0 in block_group 0
[  280.411655][T15599] EXT4-fs (loop3): Remounting filesystem read-only
[  280.418612][T15599] EXT4-fs (loop3): 1 orphan inode deleted
[  280.474049][T15621] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.2505: Allocating blocks 465-513 which overlap fs metadata
[  280.532651][T15621] EXT4-fs (loop4): pa ffff888106a07700: logic 256, phys. 369, len 9
[  280.540767][T15621] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  280.586799][T15621] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  280.623273][T15642] loop2: detected capacity change from 0 to 1024
[  280.671106][T15642] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.2509: Allocating blocks 465-513 which overlap fs metadata
[  280.689413][T15642] EXT4-fs (loop2): pa ffff888105179ee0: logic 256, phys. 369, len 9
[  280.697595][T15642] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  280.708407][T15642] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  280.836082][T15663] loop4: detected capacity change from 0 to 512
[  280.904536][T15663] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  280.913642][T15655] loop3: detected capacity change from 0 to 8192
[  280.944370][T15663] EXT4-fs (loop4): orphan cleanup on readonly fs
[  280.983654][T15663] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  281.057436][T15663] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  281.077323][T15663] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2515: bg 0: block 40: padding at end of block bitmap is not set
[  281.105626][T15673] loop3: detected capacity change from 0 to 512
[  281.123044][T15673] EXT4-fs: Ignoring removed mblk_io_submit option
[  281.129935][T15663] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  281.139512][T15663] EXT4-fs (loop4): 1 truncate cleaned up
[  281.147639][T15673] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  281.162155][T15663] EXT4-fs mount: 34 callbacks suppressed
[  281.162172][T15663] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  281.181077][T15673] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  281.190205][T15673] EXT4-fs (loop3): orphan cleanup on readonly fs
[  281.200703][T15663] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.201580][T15673] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2518: Invalid block bitmap block 0 in block_group 0
[  281.274953][T15673] EXT4-fs (loop3): Remounting filesystem read-only
[  281.288733][T15673] EXT4-fs (loop3): 1 orphan inode deleted
[  281.295240][T15673] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  281.356362][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.397133][   T29] kauditd_printk_skb: 239 callbacks suppressed
[  281.397151][   T29] audit: type=1326 audit(1753784192.477:14757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.469099][   T29] audit: type=1326 audit(1753784192.517:14758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.492866][   T29] audit: type=1326 audit(1753784192.517:14759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.516495][   T29] audit: type=1326 audit(1753784192.517:14760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.540210][   T29] audit: type=1326 audit(1753784192.517:14761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.563866][   T29] audit: type=1326 audit(1753784192.517:14762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.587362][   T29] audit: type=1326 audit(1753784192.517:14763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.611103][   T29] audit: type=1326 audit(1753784192.517:14764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.634686][   T29] audit: type=1326 audit(1753784192.517:14765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15685 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f7d4386e9a9 code=0x7ffc0000
[  281.658265][   T29] audit: type=1326 audit(1753784192.527:14766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f526869d310 code=0x7ffc0000
[  281.728503][T15697] loop3: detected capacity change from 0 to 512
[  281.762358][T15701] 9pnet_fd: Insufficient options for proto=fd
[  281.770537][T15697] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  281.778809][T15697] EXT4-fs (loop3): orphan cleanup on readonly fs
[  281.785534][T15697] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  281.820935][T15707] 9pnet_fd: Insufficient options for proto=fd
[  281.833848][T15697] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  281.850024][T15697] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2525: bg 0: block 40: padding at end of block bitmap is not set
[  281.869587][T15697] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  281.879591][T15697] EXT4-fs (loop3): 1 truncate cleaned up
[  281.885939][T15697] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  281.900400][T15697] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.560153][T15726] loop3: detected capacity change from 0 to 512
[  282.600940][T15726] EXT4-fs: inline encryption not supported
[  282.641668][T15726] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  282.736136][T15726] EXT4-fs (loop3): 1 truncate cleaned up
[  282.742270][T15726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.169718][T15742] loop4: detected capacity change from 0 to 1024
[  283.197816][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.218744][T15742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.427121][T15758] loop0: detected capacity change from 0 to 512
[  283.464324][T15758] EXT4-fs: Ignoring removed nobh option
[  283.574297][T15758] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  283.601296][T15758] System zones: 0-2, 18-18, 34-34
[  283.633830][T15758] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.664272][T15758] ext4 filesystem being mounted at /502/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.680485][T15742] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  283.703989][T15758] __nla_validate_parse: 14 callbacks suppressed
[  283.704002][T15758] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2534'.
[  283.783951][T15782] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  283.844838][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.861661][T15787] loop3: detected capacity change from 0 to 512
[  283.887863][T15787] EXT4-fs: Ignoring removed mblk_io_submit option
[  283.895477][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.910407][T15787] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  283.921223][T15798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2535'.
[  283.932864][T15798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2535'.
[  283.944511][T15787] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  283.961280][T15787] EXT4-fs (loop3): orphan cleanup on readonly fs
[  283.974836][T15787] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2533: Invalid block bitmap block 0 in block_group 0
[  283.988996][T15798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2535'.
[  284.001574][T15798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2535'.
[  284.016394][T15787] EXT4-fs (loop3): Remounting filesystem read-only
[  284.024549][T15787] EXT4-fs (loop3): 1 orphan inode deleted
[  284.035213][T15787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  284.048626][T15811] loop0: detected capacity change from 0 to 764
[  284.068262][T15798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2535'.
[  284.079205][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.080966][T15798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2535'.
[  284.126568][T15818] loop3: detected capacity change from 0 to 1024
[  284.148913][T15818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.167108][T15818] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.2538: Allocating blocks 465-513 which overlap fs metadata
[  284.200694][T15818] EXT4-fs (loop3): pa ffff888105179d20: logic 256, phys. 369, len 9
[  284.208850][T15818] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  284.219998][T15818] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  284.257556][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.273673][T15838] netlink: 'syz.4.2539': attribute type 12 has an invalid length.
[  285.291491][T15896] loop0: detected capacity change from 0 to 1024
[  285.372397][T15896] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.999207][T15902] loop3: detected capacity change from 0 to 512
[  286.034772][T15902] EXT4-fs: Ignoring removed mblk_io_submit option
[  286.067557][T15896] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  286.087004][T15902] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  286.130121][T15902] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  286.174625][T15902] EXT4-fs (loop3): orphan cleanup on readonly fs
[  286.205207][T15902] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2546: Invalid block bitmap block 0 in block_group 0
[  286.264746][T15902] EXT4-fs (loop3): Remounting filesystem read-only
[  286.271491][T15902] EXT4-fs (loop3): 1 orphan inode deleted
[  286.280153][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.310119][T15909] loop2: detected capacity change from 0 to 1024
[  286.334701][T15902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  286.375028][T15909] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.404470][T15913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2549'.
[  286.424390][   T29] kauditd_printk_skb: 172 callbacks suppressed
[  286.424405][   T29] audit: type=1326 audit(1753784197.507:14932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15901 comm="syz.3.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4e1f52d310 code=0x7ffc0000
[  286.454297][   T29] audit: type=1326 audit(1753784197.507:14933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15901 comm="syz.3.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f4e1f52d6f7 code=0x7ffc0000
[  286.477806][   T29] audit: type=1326 audit(1753784197.507:14934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15901 comm="syz.3.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4e1f52d310 code=0x7ffc0000
[  286.501449][   T29] audit: type=1326 audit(1753784197.517:14935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15901 comm="syz.3.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  286.525068][   T29] audit: type=1326 audit(1753784197.517:14936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15901 comm="syz.3.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  286.528777][T15913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2549'.
[  286.586402][   T29] audit: type=1326 audit(1753784197.647:14937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15901 comm="syz.3.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  286.610028][   T29] audit: type=1326 audit(1753784197.647:14938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15901 comm="syz.3.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  286.610273][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.633637][   T29] audit: type=1326 audit(1753784197.647:14939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15901 comm="syz.3.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  286.680301][T15913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2549'.
[  286.712734][   T29] audit: type=1326 audit(1753784197.797:14940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.2551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  286.736467][   T29] audit: type=1326 audit(1753784197.797:14941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15920 comm="syz.3.2551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  286.889689][T15930] 9pnet_fd: Insufficient options for proto=fd
[  286.968666][T15928] netlink: 'syz.1.2553': attribute type 12 has an invalid length.
[  287.027985][T15933] 9pnet_fd: Insufficient options for proto=fd
[  287.200156][T15936] loop0: detected capacity change from 0 to 764
[  287.729540][T15909] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  287.946952][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.587428][T15978] loop0: detected capacity change from 0 to 512
[  288.623477][T15978] EXT4-fs: inline encryption not supported
[  288.715055][T15978] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  288.814245][T15978] EXT4-fs (loop0): 1 truncate cleaned up
[  288.867997][T15978] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.121072][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.561540][T16012] __nla_validate_parse: 3 callbacks suppressed
[  289.561632][T16012] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2563'.
[  289.659065][T16023] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2565'.
[  289.980344][T16074] loop2: detected capacity change from 0 to 764
[  290.023487][T16078] loop4: detected capacity change from 0 to 512
[  290.064923][T16078] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  290.085697][T16078] EXT4-fs (loop4): orphan cleanup on readonly fs
[  290.112973][T16078] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  290.161363][T16078] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  290.184481][T16078] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2572: bg 0: block 40: padding at end of block bitmap is not set
[  290.229604][T16078] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  290.240976][T16078] EXT4-fs (loop4): 1 truncate cleaned up
[  290.261601][T16078] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  290.305363][T16078] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.385267][T16092] loop4: detected capacity change from 0 to 512
[  290.408990][T16092] EXT4-fs: Ignoring removed nobh option
[  290.425237][T16092] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  290.433406][T16092] System zones: 0-2, 18-18, 34-34
[  290.459854][T16092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.501292][T16092] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.531239][T16092] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2574'.
[  290.624759][T16092] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  290.655453][T16101] loop0: detected capacity change from 0 to 512
[  290.666792][T16101] EXT4-fs: Ignoring removed nobh option
[  290.695925][T16101] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  290.714812][T16101] System zones: 0-2, 18-18, 34-34
[  290.721404][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.731578][T16101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.752154][T16101] ext4 filesystem being mounted at /513/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.828182][T16101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2577'.
[  290.855385][T16111] 9pnet_fd: Insufficient options for proto=fd
[  290.907426][T16116] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  290.925055][T16121] 9pnet_fd: Insufficient options for proto=fd
[  291.027710][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.466073][T16130] loop2: detected capacity change from 0 to 512
[  291.474206][   T29] kauditd_printk_skb: 246 callbacks suppressed
[  291.474224][   T29] audit: type=1326 audit(1753784202.467:15187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16098 comm="syz.3.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  291.504129][   T29] audit: type=1326 audit(1753784202.467:15188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16098 comm="syz.3.2576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  291.546442][T16130] EXT4-fs: Ignoring removed mblk_io_submit option
[  291.570966][T16130] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  291.652316][T16130] EXT4-fs (loop2): 1 truncate cleaned up
[  291.668094][T16130] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.786045][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.845241][   T29] audit: type=1326 audit(1753784202.937:15189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.3.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  291.919039][   T29] audit: type=1326 audit(1753784202.957:15190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.3.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  291.942752][   T29] audit: type=1326 audit(1753784202.957:15191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.3.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  291.966470][   T29] audit: type=1326 audit(1753784202.957:15192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.3.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  291.990209][   T29] audit: type=1326 audit(1753784202.957:15193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.3.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  292.013834][   T29] audit: type=1326 audit(1753784202.957:15194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.3.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4e1f52d45f code=0x7ffc0000
[  292.037317][   T29] audit: type=1326 audit(1753784202.957:15195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.3.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  292.145389][T16151] loop0: detected capacity change from 0 to 764
[  292.236304][   T29] audit: type=1326 audit(1753784203.187:15196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16138 comm="syz.3.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1f52e9a9 code=0x7ffc0000
[  292.361279][T16163] netlink: 'syz.0.2590': attribute type 29 has an invalid length.
[  292.369411][T16163] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2590'.
[  292.540401][T16163] loop0: detected capacity change from 0 to 8192
[  292.831620][T16181] loop0: detected capacity change from 0 to 8192
[  293.018031][T16204] loop3: detected capacity change from 0 to 512
[  293.034640][T16204] EXT4-fs: inline encryption not supported
[  293.045484][T16204] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  293.076137][T16204] EXT4-fs (loop3): 1 truncate cleaned up
[  293.132699][T16204] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.229180][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.283214][T16224] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2595'.
[  293.656676][T16237] loop2: detected capacity change from 0 to 512
[  293.702172][T16237] EXT4-fs: Ignoring removed mblk_io_submit option
[  293.735062][T16237] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  293.781855][T16237] EXT4-fs (loop2): 1 truncate cleaned up
[  293.808842][T16237] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.395191][T16262] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2598'.
[  294.507542][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.574152][T16269] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2600'.
[  295.051478][T16279] netlink: 'syz.1.2603': attribute type 12 has an invalid length.
[  295.102311][T16281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2604'.
[  295.112005][T16281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2604'.
[  295.129711][T16281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2604'.
[  295.147471][T16281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2604'.
[  295.188353][T16281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2604'.
[  295.197580][T16281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2604'.
[  295.451685][T16295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2607'.
[  295.472171][T16295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2607'.
[  295.512441][T16295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2607'.
[  296.597389][T16319] netlink: 'syz.4.2614': attribute type 12 has an invalid length.
[  296.671690][T16327] loop2: detected capacity change from 0 to 512
[  296.702820][T16327] EXT4-fs: inline encryption not supported
[  296.733111][T16327] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  296.766080][T16327] EXT4-fs (loop2): 1 truncate cleaned up
[  296.784978][T16327] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.843371][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.871065][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  297.871083][   T29] audit: type=1326 audit(1753784208.957:15404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16341 comm="syz.2.2620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f639eb2e9a9 code=0x7ffc0000
[  297.924400][   T29] audit: type=1326 audit(1753784208.967:15405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16343 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  297.948084][   T29] audit: type=1326 audit(1753784208.967:15406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16343 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  297.971757][   T29] audit: type=1326 audit(1753784208.967:15407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16343 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  297.995468][   T29] audit: type=1326 audit(1753784208.967:15408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16343 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  298.019129][   T29] audit: type=1326 audit(1753784208.967:15409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16343 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  298.042772][   T29] audit: type=1326 audit(1753784208.967:15410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16343 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  298.066397][   T29] audit: type=1326 audit(1753784208.967:15411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16343 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  298.089961][   T29] audit: type=1326 audit(1753784208.967:15412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16343 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  298.113551][   T29] audit: type=1326 audit(1753784208.967:15413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16345 comm="syz.0.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f52686d1265 code=0x7ffc0000
[  298.787595][T16369] loop0: detected capacity change from 0 to 512
[  298.794761][T16369] EXT4-fs: inline encryption not supported
[  298.816616][T16369] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  298.869670][T16369] EXT4-fs (loop0): 1 truncate cleaned up
[  298.896319][T16369] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.056628][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.141490][T16376] loop0: detected capacity change from 0 to 1024
[  299.202289][T16376] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.221033][T16376] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.2628: Allocating blocks 465-513 which overlap fs metadata
[  299.249667][T16376] EXT4-fs (loop0): pa ffff888106a07770: logic 256, phys. 369, len 9
[  299.257884][T16376] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 3
[  299.269597][T16376] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  299.362885][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.389691][T16393] 9pnet_fd: Insufficient options for proto=fd
[  299.511877][T16399] 9pnet_fd: Insufficient options for proto=fd
[  299.838349][T16408] loop0: detected capacity change from 0 to 512
[  299.896709][T16408] EXT4-fs: Ignoring removed nobh option
[  300.006926][T16408] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  300.242723][T16408] System zones: 0-2, 18-18, 34-34
[  300.302600][T16408] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.404929][T16408] ext4 filesystem being mounted at /527/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.469655][T16421] __nla_validate_parse: 19 callbacks suppressed
[  300.469675][T16421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2637'.
[  300.559403][T16408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2635'.
[  300.579201][T16421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2637'.
[  300.664416][T16426] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  300.710359][T16421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2637'.
[  300.753377][T16421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2637'.
[  300.821235][T16421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2637'.
[  300.850799][T16421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2637'.
[  301.018937][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.047910][T16444] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2641'.
[  302.065126][T16456] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2643'.
[  302.101417][T16461] loop2: detected capacity change from 0 to 2048
[  302.118329][T16461] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.170863][T16461] EXT4-fs (loop2): shut down requested (0)
[  302.205418][T16478] loop0: detected capacity change from 0 to 512
[  302.212495][T16478] EXT4-fs: Ignoring removed nobh option
[  302.225329][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.237649][T16478] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  302.252480][T16478] System zones: 0-2, 18-18, 34-34
[  302.259431][T16478] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.272535][T16478] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.277458][T16486] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2647'.
[  302.469634][T16517] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  302.584991][T16529] loop3: detected capacity change from 0 to 764
[  302.619897][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.700230][T16536] loop0: detected capacity change from 0 to 512
[  302.716034][T16536] EXT4-fs: inline encryption not supported
[  302.731234][T16536] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  302.750135][T16536] EXT4-fs (loop0): 1 truncate cleaned up
[  302.756678][T16536] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.850459][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.894990][   T29] kauditd_printk_skb: 1012 callbacks suppressed
[  302.895027][   T29] audit: type=1326 audit(1753784213.987:16426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16537 comm="syz.2.2655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f639eb25967 code=0x7ffc0000
[  302.938588][T16545] loop4: detected capacity change from 0 to 512
[  302.947066][   T29] audit: type=1400 audit(1753784213.987:16427): avc:  denied  { create } for  pid=16555 comm="syz.1.2661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  302.947437][T16554] loop0: detected capacity change from 0 to 764
[  302.966730][   T29] audit: type=1400 audit(1753784213.987:16428): avc:  denied  { write } for  pid=16555 comm="syz.1.2661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  302.974234][T16545] EXT4-fs: Ignoring removed mblk_io_submit option
[  302.992471][   T29] audit: type=1326 audit(1753784214.017:16429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16537 comm="syz.2.2655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f639eacab89 code=0x7ffc0000
[  302.992509][   T29] audit: type=1326 audit(1753784214.017:16430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16537 comm="syz.2.2655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f639eb25967 code=0x7ffc0000
[  302.992564][   T29] audit: type=1326 audit(1753784214.017:16431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16537 comm="syz.2.2655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f639eacab89 code=0x7ffc0000
[  303.004240][T16545] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  303.022510][   T29] audit: type=1326 audit(1753784214.017:16432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16537 comm="syz.2.2655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f639eb25967 code=0x7ffc0000
[  303.080431][T16562] FAULT_INJECTION: forcing a failure.
[  303.080431][T16562] name failslab, interval 1, probability 0, space 0, times 0
[  303.103152][   T29] audit: type=1326 audit(1753784214.017:16433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16537 comm="syz.2.2655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f639eacab89 code=0x7ffc0000
[  303.103224][   T29] audit: type=1326 audit(1753784214.017:16434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16537 comm="syz.2.2655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f639eb2e9a9 code=0x7ffc0000
[  303.115829][T16562] CPU: 1 UID: 0 PID: 16562 Comm: syz.3.2662 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) 
[  303.115870][T16562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  303.115902][T16562] Call Trace:
[  303.115912][T16562]  <TASK>
[  303.115967][T16562]  __dump_stack+0x1d/0x30
[  303.115998][T16562]  dump_stack_lvl+0xe8/0x140
[  303.116026][T16562]  dump_stack+0x15/0x1b
[  303.116066][T16562]  should_fail_ex+0x265/0x280
[  303.116121][T16562]  should_failslab+0x8c/0xb0
[  303.116218][T16562]  kmem_cache_alloc_noprof+0x50/0x310
[  303.116370][T16562]  ? skb_clone+0x151/0x1f0
[  303.116405][T16562]  skb_clone+0x151/0x1f0
[  303.116469][T16562]  __netlink_deliver_tap+0x2c9/0x500
[  303.116509][T16562]  netlink_unicast+0x653/0x680
[  303.116539][T16562]  netlink_sendmsg+0x58b/0x6b0
[  303.116576][T16562]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.116663][T16562]  __sock_sendmsg+0x142/0x180
[  303.116706][T16562]  ____sys_sendmsg+0x31e/0x4e0
[  303.116741][T16562]  ___sys_sendmsg+0x17b/0x1d0
[  303.116791][T16562]  __x64_sys_sendmsg+0xd4/0x160
[  303.116872][T16562]  x64_sys_call+0x191e/0x2ff0
[  303.116904][T16562]  do_syscall_64+0xd2/0x200
[  303.116935][T16562]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  303.116972][T16562]  ? clear_bhb_loop+0x40/0x90
[  303.117001][T16562]  ? clear_bhb_loop+0x40/0x90
[  303.117070][T16562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.117106][T16562] RIP: 0033:0x7f4e1f52e9a9
[  303.117132][T16562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.117157][T16562] RSP: 002b:00007f4e1db8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.117183][T16562] RAX: ffffffffffffffda RBX: 00007f4e1f755fa0 RCX: 00007f4e1f52e9a9
[  303.117201][T16562] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[  303.117218][T16562] RBP: 00007f4e1db8f090 R08: 0000000000000000 R09: 0000000000000000
[  303.117249][T16562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.117266][T16562] R13: 0000000000000000 R14: 00007f4e1f755fa0 R15: 00007fff9069d938
[  303.117293][T16562]  </TASK>
[  303.228612][   T29] audit: type=1326 audit(1753784214.017:16435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16555 comm="syz.1.2661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b0726e9a9 code=0x7ffc0000
[  303.264771][T16545] EXT4-fs (loop4): 1 truncate cleaned up
[  303.326524][T16545] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.450947][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.750995][T16589] loop2: detected capacity change from 0 to 512
[  303.760402][T16589] EXT4-fs: Ignoring removed nobh option
[  303.810568][T16589] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  303.831282][T16589] System zones: 0-2, 18-18, 34-34
[  303.852648][T16589] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.878276][T16589] ext4 filesystem being mounted at /579/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  303.953967][T16589] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  304.011038][T16598] loop3: detected capacity change from 0 to 512
[  304.018029][T16598] EXT4-fs: Ignoring removed mblk_io_submit option
[  304.029980][T16598] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  304.055653][T16598] EXT4-fs (loop3): 1 truncate cleaned up
[  304.062778][T16598] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.198697][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.259404][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.312526][T16612] loop2: detected capacity change from 0 to 512
[  304.336372][T16612] EXT4-fs: Ignoring removed mblk_io_submit option
[  304.363175][T16621] loop0: detected capacity change from 0 to 512
[  304.370033][T16612] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  304.383710][T16612] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  304.399004][T16623] loop4: detected capacity change from 0 to 512
[  304.402478][T16624] loop3: detected capacity change from 0 to 764
[  304.407936][T16621] EXT4-fs: Ignoring removed mblk_io_submit option
[  304.418406][T16612] EXT4-fs (loop2): orphan cleanup on readonly fs
[  304.425960][T16612] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2677: Invalid block bitmap block 0 in block_group 0
[  304.440746][T16623] EXT4-fs: Ignoring removed mblk_io_submit option
[  304.444468][T16621] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  304.492996][T16621] EXT4-fs (loop0): 1 truncate cleaned up
[  304.499832][T16623] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  304.515431][T16612] EXT4-fs (loop2): Remounting filesystem read-only
[  304.523883][T16621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.539481][T16612] EXT4-fs (loop2): 1 orphan inode deleted
[  304.554425][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.555469][T16623] EXT4-fs (loop4): 1 truncate cleaned up
[  304.563862][T16612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  304.606281][T16623] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.637880][T16632] loop0: detected capacity change from 0 to 2048
[  304.653517][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.668973][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.693880][T16632] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.728320][T16632] EXT4-fs (loop0): shut down requested (0)
[  304.764863][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.827471][T16644] loop0: detected capacity change from 0 to 512
[  304.844706][T16644] EXT4-fs: Ignoring removed nobh option
[  304.876629][T16644] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  304.903056][T16645] loop4: detected capacity change from 0 to 512
[  304.903113][T16644] System zones: 0-2, 18-18, 34-34
[  304.904006][T16644] ext4 filesystem being mounted at /538/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  304.910133][T16645] EXT4-fs: Ignoring removed mblk_io_submit option
[  304.940304][T16645] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  304.994577][T16645] EXT4-fs (loop4): 1 truncate cleaned up
[  305.043396][T16644] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  305.381417][T16686] loop3: detected capacity change from 0 to 512
[  305.389706][T16684] bond_slave_0: entered promiscuous mode
[  305.395441][T16684] bond_slave_1: entered promiscuous mode
[  305.406452][T16686] EXT4-fs: Ignoring removed mblk_io_submit option
[  305.413140][T16684] macvlan2: entered promiscuous mode
[  305.418508][T16684] bond0: entered promiscuous mode
[  305.425071][T16684] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  305.454067][T16686] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  305.490942][T16686] EXT4-fs (loop3): 1 truncate cleaned up
[  305.514342][T16706] __nla_validate_parse: 25 callbacks suppressed
[  305.514360][T16706] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2705'.
[  305.684525][T16712] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2709'.
[  305.776066][T16719] loop2: detected capacity change from 0 to 764
[  305.959311][T16727] FAULT_INJECTION: forcing a failure.
[  305.959311][T16727] name failslab, interval 1, probability 0, space 0, times 0
[  305.972133][T16727] CPU: 0 UID: 0 PID: 16727 Comm: syz.4.2713 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) 
[  305.972165][T16727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  305.972177][T16727] Call Trace:
[  305.972182][T16727]  <TASK>
[  305.972189][T16727]  __dump_stack+0x1d/0x30
[  305.972254][T16727]  dump_stack_lvl+0xe8/0x140
[  305.972279][T16727]  dump_stack+0x15/0x1b
[  305.972299][T16727]  should_fail_ex+0x265/0x280
[  305.972331][T16727]  should_failslab+0x8c/0xb0
[  305.972358][T16727]  kmem_cache_alloc_node_noprof+0x57/0x320
[  305.972466][T16727]  ? dup_task_struct+0x70/0x6a0
[  305.972498][T16727]  dup_task_struct+0x70/0x6a0
[  305.972596][T16727]  ? _parse_integer+0x27/0x40
[  305.972628][T16727]  copy_process+0x399/0x1f90
[  305.972658][T16727]  ? kstrtouint+0x76/0xc0
[  305.972686][T16727]  ? kstrtouint_from_user+0x9f/0xf0
[  305.972740][T16727]  ? __rcu_read_unlock+0x4f/0x70
[  305.972788][T16727]  kernel_clone+0x16c/0x5b0
[  305.972820][T16727]  ? vfs_write+0x75e/0x8e0
[  305.972878][T16727]  __x64_sys_clone+0xe6/0x120
[  305.972910][T16727]  x64_sys_call+0x119c/0x2ff0
[  305.972930][T16727]  do_syscall_64+0xd2/0x200
[  305.972967][T16727]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  305.973028][T16727]  ? clear_bhb_loop+0x40/0x90
[  305.973052][T16727]  ? clear_bhb_loop+0x40/0x90
[  305.973129][T16727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.973227][T16727] RIP: 0033:0x7f7d4386e9a9
[  305.973243][T16727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.973264][T16727] RSP: 002b:00007f7d41ecefe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  305.973364][T16727] RAX: ffffffffffffffda RBX: 00007f7d43a95fa0 RCX: 00007f7d4386e9a9
[  305.973378][T16727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000026801000
[  305.973392][T16727] RBP: 00007f7d41ecf090 R08: 0000000000000000 R09: 0000000000000000
[  305.973406][T16727] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  305.973419][T16727] R13: 0000000000000000 R14: 00007f7d43a95fa0 R15: 00007ffe0f97be18
[  305.973441][T16727]  </TASK>
[  306.255938][T16745] loop0: detected capacity change from 0 to 512
[  306.335375][T16752] loop4: detected capacity change from 0 to 1024
[  306.364939][T16745] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.2717: error while reading EA inode 32 err=-116
[  306.385473][T16745] EXT4-fs (loop0): Remounting filesystem read-only
[  306.392073][T16745] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  306.412574][T16745] EXT4-fs (loop0): 1 orphan inode deleted
[  306.672296][ T2989] udevd[2989]: worker [3293] terminated by signal 33 (Unknown signal 33)
[  306.747003][T16778] FAULT_INJECTION: forcing a failure.
[  306.747003][T16778] name failslab, interval 1, probability 0, space 0, times 0
[  306.759762][T16778] CPU: 1 UID: 0 PID: 16778 Comm: syz.0.2730 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) 
[  306.759794][T16778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.759807][T16778] Call Trace:
[  306.759868][T16778]  <TASK>
[  306.759877][T16778]  __dump_stack+0x1d/0x30
[  306.759904][T16778]  dump_stack_lvl+0xe8/0x140
[  306.759923][T16778]  dump_stack+0x15/0x1b
[  306.759939][T16778]  should_fail_ex+0x265/0x280
[  306.759963][T16778]  should_failslab+0x8c/0xb0
[  306.760019][T16778]  __kmalloc_node_noprof+0xa9/0x410
[  306.760047][T16778]  ? __vmalloc_node_range_noprof+0x3f9/0xe00
[  306.760089][T16778]  __vmalloc_node_range_noprof+0x3f9/0xe00
[  306.760135][T16778]  __vmalloc_node_noprof+0x89/0xc0
[  306.760206][T16778]  ? copy_process+0x399/0x1f90
[  306.760242][T16778]  ? copy_process+0x399/0x1f90
[  306.760278][T16778]  dup_task_struct+0x449/0x6a0
[  306.760306][T16778]  ? _parse_integer+0x27/0x40
[  306.760465][T16778]  copy_process+0x399/0x1f90
[  306.760492][T16778]  ? kstrtouint+0x76/0xc0
[  306.760531][T16778]  ? kstrtouint_from_user+0x9f/0xf0
[  306.760621][T16778]  ? __rcu_read_unlock+0x4f/0x70
[  306.760643][T16778]  kernel_clone+0x16c/0x5b0
[  306.760667][T16778]  ? vfs_write+0x75e/0x8e0
[  306.760700][T16778]  __x64_sys_clone+0xe6/0x120
[  306.760765][T16778]  x64_sys_call+0x119c/0x2ff0
[  306.760787][T16778]  do_syscall_64+0xd2/0x200
[  306.760821][T16778]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  306.760856][T16778]  ? clear_bhb_loop+0x40/0x90
[  306.760894][T16778]  ? clear_bhb_loop+0x40/0x90
[  306.760920][T16778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.760940][T16778] RIP: 0033:0x7f526869e9a9
[  306.761013][T16778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.761035][T16778] RSP: 002b:00007f5266cfefe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  306.761056][T16778] RAX: ffffffffffffffda RBX: 00007f52688c5fa0 RCX: 00007f526869e9a9
[  306.761068][T16778] RDX: 0000000000000000 RSI: 000000000000fef0 RDI: 0000000004000000
[  306.761152][T16778] RBP: 00007f5266cff090 R08: 0000000000000000 R09: 0000000000000000
[  306.761168][T16778] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  306.761183][T16778] R13: 0000000000000000 R14: 00007f52688c5fa0 R15: 00007ffd30dfeb38
[  306.761205][T16778]  </TASK>
[  306.761214][T16778] syz.0.2730: vmalloc error: size 16384, failed to allocated page array size 32, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  306.927239][T16783] loop3: detected capacity change from 0 to 512
[  306.941810][T16778] ,cpuset=/,mems_allowed=0
[  306.941846][T16778] CPU: 1 UID: 0 PID: 16778 Comm: syz.0.2730 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) 
[  306.941953][T16778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.941972][T16778] Call Trace:
[  306.941982][T16778]  <TASK>
[  306.941994][T16778]  __dump_stack+0x1d/0x30
[  306.942023][T16778]  dump_stack_lvl+0xe8/0x140
[  306.942052][T16778]  dump_stack+0x15/0x1b
[  306.942074][T16778]  warn_alloc+0x12b/0x1a0
[  306.942155][T16778]  __vmalloc_node_range_noprof+0x497/0xe00
[  306.942229][T16778]  __vmalloc_node_noprof+0x89/0xc0
[  306.942334][T16778]  ? copy_process+0x399/0x1f90
[  306.942400][T16778]  ? copy_process+0x399/0x1f90
[  306.942435][T16778]  dup_task_struct+0x449/0x6a0
[  306.942546][T16778]  ? _parse_integer+0x27/0x40
[  306.942583][T16778]  copy_process+0x399/0x1f90
[  306.942617][T16778]  ? kstrtouint+0x76/0xc0
[  306.942726][T16778]  ? kstrtouint_from_user+0x9f/0xf0
[  306.942763][T16778]  ? __rcu_read_unlock+0x4f/0x70
[  306.942799][T16778]  kernel_clone+0x16c/0x5b0
[  306.942870][T16778]  ? vfs_write+0x75e/0x8e0
[  306.942956][T16778]  __x64_sys_clone+0xe6/0x120
[  306.943004][T16778]  x64_sys_call+0x119c/0x2ff0
[  306.943034][T16778]  do_syscall_64+0xd2/0x200
[  306.943114][T16778]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  306.943151][T16778]  ? clear_bhb_loop+0x40/0x90
[  306.943182][T16778]  ? clear_bhb_loop+0x40/0x90
[  306.943234][T16778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.943266][T16778] RIP: 0033:0x7f526869e9a9
[  306.943287][T16778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.943314][T16778] RSP: 002b:00007f5266cfefe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  306.943341][T16778] RAX: ffffffffffffffda RBX: 00007f52688c5fa0 RCX: 00007f526869e9a9
[  306.943361][T16778] RDX: 0000000000000000 RSI: 000000000000fef0 RDI: 0000000004000000
[  306.943379][T16778] RBP: 00007f5266cff090 R08: 0000000000000000 R09: 0000000000000000
[  306.943472][T16778] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  306.943490][T16778] R13: 0000000000000000 R14: 00007f52688c5fa0 R15: 00007ffd30dfeb38
[  306.943530][T16778]  </TASK>
[  306.943546][T16778] Mem-Info:
[  307.052203][T16783] ext4 filesystem being mounted at /502/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  307.056647][T16778] active_anon:97082 inactive_anon:0 isolated_anon:0
[  307.056647][T16778]  active_file:27239 inactive_file:2669 isolated_file:0
[  307.056647][T16778]  unevictable:0 dirty:0 writeback:48
[  307.056647][T16778]  slab_reclaimable:3416 slab_unreclaimable:16892
[  307.056647][T16778]  mapped:35479 shmem:92895 pagetables:1494
[  307.056647][T16778]  sec_pagetables:0 bounce:0
[  307.056647][T16778]  kernel_misc_reclaimable:0
[  307.056647][T16778]  free:1772929 free_pcp:13723 free_cma:0
[  307.292848][T16778] Node 0 active_anon:406888kB inactive_anon:0kB active_file:108956kB inactive_file:10676kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:160476kB dirty:0kB writeback:192kB shmem:390140kB writeback_tmp:0kB kernel_stack:3696kB pagetables:5976kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  307.322155][T16778] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  307.350878][T16778] lowmem_reserve[]: 0 2883 7862 7862
[  307.356248][T16778] Node 0 DMA32 free:2949448kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953080kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB
[  307.386564][T16778] lowmem_reserve[]: 0 0 4978 4978
[  307.391773][T16778] Node 0 Normal free:4111132kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:416632kB inactive_anon:0kB active_file:108956kB inactive_file:10676kB unevictable:0kB writepending:72kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:38616kB local_pcp:30328kB free_cma:0kB
[  307.423988][T16778] lowmem_reserve[]: 0 0 0 0
[  307.428701][T16778] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  307.441545][T16778] Node 0 DMA32: 2*4kB (M) 2*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949448kB
[  307.457775][T16778] Node 0 Normal: 1444*4kB (UME) 682*8kB (UME) 271*16kB (UE) 32*32kB (UME) 33*64kB (UE) 93*128kB (UE) 103*256kB (UE) 79*512kB (UME) 31*1024kB (UME) 2*2048kB (ME) 969*4096kB (UM) = 4102288kB
[  307.476973][T16778] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  307.486318][T16778] 132810 total pagecache pages
[  307.491129][T16778] 0 pages in swap cache
[  307.495431][T16778] Free swap  = 124996kB
[  307.499606][T16778] Total swap = 124996kB
[  307.503766][T16778] 2097051 pages RAM
[  307.507617][T16778] 0 pages HighMem/MovableOnly
[  307.512316][T16778] 80381 pages reserved
[  307.660954][T16792] loop2: detected capacity change from 0 to 1024
[  307.694527][T16780] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  307.721399][T16780] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  307.799326][T16805] loop2: detected capacity change from 0 to 764
[  307.815654][T16780] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  307.824240][T16780] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  307.832669][T16780] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  307.841143][T16780] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  307.921992][   T29] kauditd_printk_skb: 934 callbacks suppressed
[  307.922011][   T29] audit: type=1326 audit(1753784219.007:17367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  307.977012][   T29] audit: type=1326 audit(1753784219.007:17368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  308.000763][   T29] audit: type=1326 audit(1753784219.057:17369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f526869d310 code=0x7ffc0000
[  308.024566][   T29] audit: type=1326 audit(1753784219.057:17370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f52686a01d7 code=0x7ffc0000
[  308.048227][   T29] audit: type=1326 audit(1753784219.057:17371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  308.071935][   T29] audit: type=1326 audit(1753784219.057:17372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f52686a01d7 code=0x7ffc0000
[  308.095589][   T29] audit: type=1326 audit(1753784219.057:17373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f526869d60a code=0x7ffc0000
[  308.119351][   T29] audit: type=1326 audit(1753784219.057:17374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  308.142993][   T29] audit: type=1326 audit(1753784219.057:17375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  308.166805][   T29] audit: type=1326 audit(1753784219.057:17376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16795 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f526869e9a9 code=0x7ffc0000
[  308.543329][T16825] loop3: detected capacity change from 0 to 512
[  308.550081][T16825] EXT4-fs: Ignoring removed mblk_io_submit option
[  308.557527][T16825] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  308.587969][T16825] EXT4-fs (loop3): 1 truncate cleaned up
[  308.682463][T16835] loop2: detected capacity change from 0 to 2048
[  308.715541][T16835] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #2: comm syz.2.2744: pblk 0 bad header/extent: too large eh_depth - magic f30a, entries 1, max 4(4), depth 25349(25349)
[  308.749160][T16835] EXT4-fs (loop2): Remounting filesystem read-only
[  308.751752][T16844] loop3: detected capacity change from 0 to 1024
[  308.755809][T16835] EXT4-fs (loop2): get root inode failed
[  308.767835][T16835] EXT4-fs (loop2): mount failed
[  308.812133][T16849] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2749'.
[  308.840663][T16849] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2749'.
[  308.859200][T16849] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2749'.
[  308.860424][T16856] 9pnet_fd: Insufficient options for proto=fd
[  308.988715][T16864] loop2: detected capacity change from 0 to 764
[  309.100963][ T1035] IPVS: starting estimator thread 0...
[  309.131950][T16868] loop4: detected capacity change from 0 to 512
[  309.139057][T16868] EXT4-fs: Ignoring removed mblk_io_submit option
[  309.149502][T16868] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  309.185183][T16868] EXT4-fs (loop4): 1 truncate cleaned up
[  309.204202][T16877] IPVS: using max 2352 ests per chain, 117600 per kthread
[  309.309092][T16887] wg2: entered promiscuous mode
[  309.314087][T16887] wg2: entered allmulticast mode
[  309.380814][T16888] ==================================================================
[  309.388967][T16888] BUG: KCSAN: data-race in _copy_from_iter / _copy_from_iter
[  309.396404][T16888] 
[  309.398757][T16888] write to 0xffff888147e78000 of 4096 bytes by task 16887 on cpu 0:
[  309.406744][T16888]  _copy_from_iter+0x130/0xe40
[  309.411553][T16888]  copy_page_from_iter+0x178/0x2a0
[  309.416686][T16888]  process_vm_rw+0x659/0x950
[  309.421292][T16888]  __x64_sys_process_vm_writev+0x78/0x90
[  309.426951][T16888]  x64_sys_call+0x2a7c/0x2ff0
[  309.431651][T16888]  do_syscall_64+0xd2/0x200
[  309.436172][T16888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.442177][T16888] 
[  309.444514][T16888] write to 0xffff888147e78000 of 4096 bytes by task 16888 on cpu 1:
[  309.452520][T16888]  _copy_from_iter+0x130/0xe40
[  309.457306][T16888]  copy_page_from_iter+0x178/0x2a0
[  309.462443][T16888]  process_vm_rw+0x659/0x950
[  309.467047][T16888]  __x64_sys_process_vm_writev+0x78/0x90
[  309.472783][T16888]  x64_sys_call+0x2a7c/0x2ff0
[  309.477482][T16888]  do_syscall_64+0xd2/0x200
[  309.482012][T16888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.487917][T16888] 
[  309.490247][T16888] Reported by Kernel Concurrency Sanitizer on:
[  309.496412][T16888] CPU: 1 UID: 0 PID: 16888 Comm: syz.4.2758 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) 
[  309.508575][T16888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.518640][T16888] ==================================================================