last executing test programs:

2m44.756020347s ago: executing program 1 (id=1979):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040))
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000009500000000000000f8b72d788d6a729f108e1fa05d4dad0718469414805f27348d9965af9f2f17f2d4a02bf770"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
r4 = socket$inet(0xa, 0x801, 0x84)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000980)=""/251, 0xfb}], 0x1}, 0x0)
sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}, 0x1}}, 0x10)
r7 = accept4(r4, 0x0, 0x0, 0x0)
write$selinux_load(r1, &(0x7f0000000540)={0xf97cff8c, 0x8, 'SE Linux', "30af48fcc5b195a0ff439b4baa396967b0b4c3998ae8cc9b59413d3302117f15daf84a16a69a7d43c18a2a35e97c1d7231b0179c741a1532fd53eec1b3b11f13eacd2890e008488f31c7fa01fb9638b2eafc1d9d1b0418e6e4c746263b78ce772d3b42704890de661b80a1d1f1aa00b78ad140f106fe010fbc2eea3d9ee91c56ffe07e9393cc7442a7364800ef7d12d70505c1a299e4318b605addd5d985dd348fbf6390d6b4542bd581e71bbc4528e70c47e86f8f6a8851a250654b09427178953729b0ae96e8e77b5679eaae023b9dbff69b9c97badd133553d601d99e3e13958943aeda04466a6c0ecaeb9d3f1758a8f3251b0e62091ef2"}, 0x109)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x84, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x4}, &(0x7f0000000200)=0x90)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r0, &(0x7f0000000880)=""/202, 0x8f, 0x200000000004, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r8, 0x0, 0x1034}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r9 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
ioctl$IMSETDEVNAME(r9, 0x80184947, &(0x7f0000000280)={0xd0, 'syz0\x00'})
pwritev2(r9, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x30000000, 0x3)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r10, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f0000000300)='GPL\x00', 0x8}, 0x94)

2m43.499120936s ago: executing program 1 (id=1988):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001480)=ANY=[@ANYBLOB="1c00", @ANYRES16=r2, @ANYBLOB="05a300000000000000000d00000008000300", @ANYRES32=r1], 0x1c}}, 0x0)

2m43.477751477s ago: executing program 1 (id=1990):
r0 = socket$inet(0x2, 0x2, 0x1)
syz_clone(0x21000200, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0xffffffffffffffff)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x87)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)

2m43.449785687s ago: executing program 1 (id=1992):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000004, &(0x7f0000000d80)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00', @ANYBLOB="1a961083c216e398b3852441fbacd14539194e81e2ec74ea00af4757fd632db5866c80f5b55492be6ad393d28d63023cd2e764a6bb41fa00d6c103356045fc3ade2c93339a56afb89b72a46f475c860a952e02dbf9c947a7cb75e89843f6d981fe7eed0ef37d5ab46550aa22", @ANYRES64], 0x6, 0x2bb, &(0x7f0000001240)="$eJzs3U9rI2UcB/DfpMkkKpgcPInggB48Ldu9ekmRXRB7cslBPWhxtyBNEFoo+AdjT169ePDgKxAEX4gX34HgVfBmhcLITGaapI1pIk3rls/n0l+feb4zv5k+tNNDn370yujgSRb7J1/+Fp1OEo1+9OM0iV40ovZ1zOl/GwDAs+w0z+PPfGKdXBIRnc21BQBs0Io//188r36+kbYAgA16/N777+zs7j58N8s68Wj0zfGg+M2++Dg5vrMfn8Qwnsb96MZZRPmi0IrybaEoH+V5Pm5mhV68PhofD4rk6MNfqvPv/BFR5rejG71y6Pxto8y/vftwO5uYyY+LPp6vrt8v8g+iGy+dh+fyDxbkY5DGG6/N9H8vuvHrx/FpDONJ2cQ0/9V2lr2Vf/fXFx8U7RX5ZHw8aJfzpvKtG/7SAAAAAAAAAAAAAAAAAAAAAABwh92r9s5pR7l/TzFU7b+zdVZ80oqs1pvfn2eST+oTze4PlOf5OI8f6v117mdZllcTp/lmvNyM5u3cNQAAAAAAAAAAAAAAAAAAAPy/HH32+cHecPj08FqKejeAZkT8/Tjiv56nPzPyaiyf3K6uuTccNqpyfk5zdiS26jlJxNI2ipu4psdyVfHcpZ6r4sef1j1h5+o5rcXXus6iXl0He8niZ9iOeqRTLZLv04jpnDRWvFb6b4fyWGf5pQsPdde+9/SFshgvmRPJssbe/H3y5KqR5OJdpOVTXRhvVcVM/MLaWGk9R2cSv/y9IrFbBwAAAAAAAAAAAAAAAAAAbNT0r38XHDxZGm3k7Y21BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avr//9coxlV4hclpHB41bvkeAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuPv+CQAA///WoVye")
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sendmsg$netlink(r0, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x5, @none, 0x0, 0x2}, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x18)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x14)

2m43.323032889s ago: executing program 1 (id=1993):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000b0000f61ff9dc95e14e5518120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) (async)
fgetxattr(0xffffffffffffffff, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0) (async, rerun: 32)
r3 = socket(0x10, 0x3, 0x0) (async, rerun: 32)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@delalloc}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x10002}}, {@dioread_lock}, {@data_err_ignore}, {@mb_optimize_scan}, {@dioread_nolock}, {@nobarrier}, {@abort}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@norecovery}, {@errors_remount}]}, 0x1, 0x570, &(0x7f00000019c0)="$eJzs3c1rHOUfAPDvbF76+vs1hVJURAI9WNFumsSXCh7qUbRY0HtdkjGUbLoluylNLLQ92IsXKYKIBfHgTe8ei/+Af0VBi0VK0IOXyGxm022zm2zTbXbrfj4w4XlmZvM835l5nn1mn1k2gIE1nv0pRDwfEV8mEYciIsm3DUe+cXx9v9X7V2ayJYm1tY/+TOr7ZfnG/2q87kCeeS4ifvk84tXC5nKryyvzpXI5XczzE7WFixPV5ZUT5xdKc+lcemFqevrUG9NTb7/1ZtdifeXs3998ePu9U18cW/36p7uHbyZxOg7m25rjeALXmjPjMZ4fk5E4/ciOk10orJ8kva4AOzKUt/ORyPqAQzGUt3rgv+9qRKwBAyrR/mFANcYBjXv7Lt0HPzPuvbt+A7Q5/uH1z0Zib/3eaP9q8tCdUXa/O9aF8rMyfv791s1sie59DgGwrWvXI+Lk8PDm/i/J+7+dO9nBPo+Wof+D3XM7G/+81mr8U9gY/0SL8c+BFm13J7Zv/4W7XSimrWz8907L8e/GpNXYUJ77X33MN5J8er6cZn3b/yPieIzsyfJbzeecWr2z1m5b8/gvW7LyG2PBvB53h/c8/JrZUq30JDE3u3c94oWW499k4/wnLc5/djzOdljG0fTWS+22bR//07X2fcTLLc//gxmtZOv5yYn69TDRuCo2++vG0V/blb85/tHYzfiz879/6/jHkub52urjl/Hd3n/Sdtseij86v/5Hk4/r6dF83eVSrbY4GTGafLB5/dSD1zbyjf2z+I8f27r/a3X974uITzqM/8aRH1/sKP4eXP9Z/LOPdf4fP3Hn/c++bVd+Z/3f6/XU8XxNJ/1fpxV8kmMHAAAAAAAA/aYQEQcjKRQ30oVCsbj+fMeR2F8oj60//xGzUf+u7FiMFBoz3YeanoeYzJ+HbeSnHslPR8ThiPhqaF89X5yplGd7HTwAAAAAAAAAAAAAAAAAAAD0iQNtvv+f+W2o17UDnjo/+Q2Da9v2341fegL6kvd/GFzaPwwu7R8Gl/YPg6up/e/pZT2A3ef9HwaX9g+DS/sHAAAAAAAAAAAAAAAAAAAAAAAAAACArjp75ky2rK3evzKT5WcvLS/NVy6dmE2r88WFpZniTGXxYnGuUpkrp8WZysJ2/69cqVycnIqlyxO1tFqbqC6vnFuoLF2onTu/UJpLz6UjuxIVAAAAAAAAAAAAAAAAAAAAPFuqyyvzpXI5XZSQ2FFiuD+qsZ7ILummNVd7XZ+tEn/80BfVaJfodc8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/8GwAA//9ITzKe") (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
llistxattr(&(0x7f0000000b80)='./file1\x00', 0x0, 0x0) (async)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={<r6=>0x0, 0x0, <r7=>0x0}, 0x0)
chown(&(0x7f0000000100)='./file0\x00', 0x0, r7) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f00000001c0)=0x6) (async)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32], 0x54}}, 0x0)

2m43.122892432s ago: executing program 1 (id=1996):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000009500000000000000f8b72d788d6a729f108e1fa05d4dad0718469414805f27348d9965af9f2f17f2d4a02bf770"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
socket$inet(0xa, 0x801, 0x84)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000980)=""/251, 0xfb}], 0x1}, 0x0)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bind$tipc(r3, &(0x7f0000000180)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}, 0x1}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r5, 0x0, 0x1034}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x30000000, 0x3)

2m43.122531323s ago: executing program 32 (id=1996):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000009500000000000000f8b72d788d6a729f108e1fa05d4dad0718469414805f27348d9965af9f2f17f2d4a02bf770"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
socket$inet(0xa, 0x801, 0x84)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000980)=""/251, 0xfb}], 0x1}, 0x0)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bind$tipc(r3, &(0x7f0000000180)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}, 0x1}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r5, 0x0, 0x1034}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x30000000, 0x3)

3.503904885s ago: executing program 5 (id=4514):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0600000004000000080000000a00000000000000", @ANYRES32, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00e840008000000000000000000000f600000000005301025751f48548666f07e0bc9c00"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x37e2f4aba9289b81, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0xffffffffffffffff}, 0x18)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000380)=0x7ffd)
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000180)={0x20, 0x0})
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r10}, 0x38)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1c, 0xd, &(0x7f0000000a00)=ANY=[@ANYRESHEX=r8, @ANYBLOB="cdc709e48453261200191c05c03b7a580a587cfe78915c4200cc7d9ab08fe3700f15eb3578f805729db8b44e79da1acf7e17906f043874883c490e0fa434", @ANYRES32=r9, @ANYRES16, @ANYBLOB="7d39aa5283c4622268689aa34803d776c80aaf5909ad38f66b991c2df8d9f0a18ce27ad73a1640c5fe7e2c4656d279c77f962d299f4fccd2cea22afd374951d03a32ca807bc04dc91caaa7d1e2b1c31b07357c4a0a0b8df9709fb4e97d5bae805460fb935df3f495", @ANYRES16=r7, @ANYBLOB="7cac8a9d509dcea806fab1f7a68b32ea043480dd0d646cae0daf8ead59649df384a90ff027b35893ab91b75960ae1e2bada926410645228766d73ef4dce3b99176a651f33073305975d77f60830f06289a3f35682a4e19a592de8c356a4a35f5c432e36fabf37731e88f3dee9c498eb4ec91973b262cb5667d09b6e96c97622d258b69f44a5d", @ANYRESOCT=r2], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kmem_cache_free\x00', r11}, 0x18)
r12 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r12, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$evdev(0x0, 0x2, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x2000)

3.257897429s ago: executing program 5 (id=4518):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0xc}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f00000000c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0xe20, 0x5, @empty, 0x5}, r2}}, 0x30)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x80c, &(0x7f00000004c0))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r5, &(0x7f0000000280)=[{&(0x7f0000000500)=""/196, 0xc4}], 0x1, 0x200000, 0x1)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000840)={0x3, 0x40, 0xfa02, {{0x0, 0x4e21, 0xfffffff7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}, {0x2, 0x4e20, 0x7, @local, 0x5855}, r2, 0x6}}, 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x18)
r8 = open(&(0x7f0000000140)='./file1\x00', 0x141242, 0x40)
read(r7, &(0x7f0000000380)=""/187, 0xbb)
pwrite64(r8, &(0x7f0000000940)='2', 0x1, 0x8000c61)
fallocate(r8, 0x8, 0x0, 0x10000)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=ANY=[@ANYBLOB="02030003100000002cbd7000fcdbdf2502000900080000000a0000000000000005000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000008000c000000000500050000000000"], 0x80}, 0x1, 0x7}, 0x0)

3.109534332s ago: executing program 5 (id=4521):
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0xc2f00, 0xd, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r1}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, @perf_config_ext={0x0, 0x10000}, 0x1322, 0xfffffffd, 0x200b, 0x7, 0x4, 0x1088f105, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f00000021c0), 0x0, 0x79e, &(0x7f0000000540)="$eJzs3MFrG1caAPBvJlYcJ96VF/awe8kuJJBAiGzHl+S03suyl0AgsNessGVjPLaCJWdtbyDO3hYWsvGlLYXS3nvstRDSP6D0UgIt9NZDobSpe2h7UZEsy7EjKUoiW036+8FY7828N9/3SfKzBjwK4Ffrz/UfScRoRFyLiHxzfxon4nijdSJic2fc9uPbM/UtiVrt+jdJfVps1/KtcyXNx1PRmBJ/iIiHuYgL/3k6bmV9Y7GYZaWVZn+8unRzvLK+cXFhqThfmi8tT05dmbg8NXV5YqpvtZ79x5WR+x//bWvr0w+q904PXUxiulF3NGvrW6An7DwnuZg+sH/5MIINUNLDmKEjyAMAgO7SiDjW/GyWi3wc6/YpzQc4AAAAeCXVhmu9+rHnkQAAAMAvTBKDzgAAAAA4XLv/B7B7b+9h3Qfbydd/jYixdvGHGvcQR5yIXESc3E723X6Q7EyDl7J5NyIeTLd5//VyR3N3E3vNkf6ckX57UF9/ptutP2lr/Yk268/Q7ncnvKTO699e/GMd1r9rPcb48J0/5jrGv1tZ++/pdvGTVvykQ/x/9hj/3tb/7nc6Vnsv4lzbvz/Jvlhdvh9ifG4ha/er1Ur34U/nH3WuP+LkU/GTpBE16V7/zR7r//f2d4ubXeKfP9P99d+JP7xvXv098f9mHmlE3G8+1vtbB2KcWfrso6cjJ5u78Wc7PP/tX/+/t+p/t8f6v3h/eK3HoQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCQRsRoJGmh1U7TQiHiVET8Pk6mWblSvTBXXl2erR+LGItcOreQlSYiIr/TT+r9yUZ7r3/pQH8qIn73+chO0IWsVJgpZ7ODLh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICWUxExGklaiIg0Ir7Pp2mhMOisAAAAgL4b299NB5UHAAAAcHjGBp0AAAAAcOhe9Po/6XMeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGvt2tWr9a22/fj2TL0/e2t9dbF86+JsqbJYWFqdKcyUV24W5svl+axUmCkvPet8aURMXonVtfFqqVIdr6xv3Fgqry5XbywsFedLN0q5I6kKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5zXa2JK0EBFpo52mhULEbyJiLHLJ3EJWmoiI30bEo3xuuN6fHHTSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9F1lfWOxmGVjK81G6dVs1PaXM/B8jqTxSTGLJGLQaXRuvNV8VbqNSTYjstKXzZG7h0aeMavPjbQZ/mXOs5d8L7PuHG2Bz9340wDWIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABq+yvrFYzLLSSmXQmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBY6VdJRNS3c/mzowePHk9+yDceI+Jfb19/Y61Yra5M1vd/29pffbO5/9ITE+8cZQ0AAADw2vvL8wzevU7fvY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVWV9Y7GYZaWVQ2zE3UFXCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvIifAwAA///dDrWp")
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x2, 0x2)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x10}, 0x100000, 0x7, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
write$binfmt_elf64(r4, &(0x7f0000001380)=ANY=[@ANYRESHEX, @ANYBLOB="2d67cab625449ec43985b2b5f14571cae8edd19d262ed6a000755f93bed285fd6e7a6def8e0d3e76f4c61a8ddea453015f67377a44b93c865f7ca1e5d92011a885b5def49e195b8534b691790c55e8c5c48ac4fa971bc3b27134f25128ea37afc44231e2289cf1733e40db8956aef4ab08a7a2fd5246823f2fdc4acd1c49cfcf5365861d75ea06f988af2433733c65ee7e9781db3cdd9c9e9726368d7d86a2", @ANYRES64=r4, @ANYRESDEC=r2, @ANYRESDEC=r1, @ANYRESHEX], 0x178)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x9, &(0x7f0000001200)=[{0x0, 0x81, 0x10, 0x8ed}, {0x200000000006, 0x10, 0x0, 0x7ffc9fff}, {0x5, 0x3, 0x1}, {0x3, 0x5, 0x10, 0x6}, {0x2, 0x5b, 0x81, 0x8}, {0x5, 0x5, 0xa0, 0xfff}, {0x4828, 0x1, 0xe, 0xa94}, {0x8, 0x77, 0x10, 0xb9b}, {0x6, 0xff, 0x6, 0x8001}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
modify_ldt$read(0x0, 0x0, 0x0)
getsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000600)={@remote, @initdev, <r5=>0x0}, &(0x7f0000000640)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000740)=ANY=[@ANYRES8=r5], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
gettid()

2.960411744s ago: executing program 3 (id=4527):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040))
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000009500000000000000f8b72d788d6a729f108e1fa05d4dad0718469414805f27348d9965af9f2f"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
r4 = socket$inet(0xa, 0x801, 0x84)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000980)=""/251, 0xfb}], 0x1}, 0x0)
sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}, 0x1}}, 0x10)
r7 = accept4(r4, 0x0, 0x0, 0x0)
write$selinux_load(r1, &(0x7f0000000540)={0xf97cff8c, 0x8, 'SE Linux', "30af48fcc5b195a0ff439b4baa396967b0b4c3998ae8cc9b59413d3302117f15daf84a16a69a7d43c18a2a35e97c1d7231b0179c741a1532fd53eec1b3b11f13eacd2890e008488f31c7fa01fb9638b2eafc1d9d1b0418e6e4c746263b78ce772d3b42704890de661b80a1d1f1aa00b78ad140f106fe010fbc2eea3d9ee91c56ffe07e9393cc7442a7364800ef7d12d70505c1a299e4318b605addd5d985dd348fbf6390d6b4542bd581e71bbc4528e70c47e86f8f6a8851a250654b09427178953729b0ae96e8e77b5679eaae023b9dbff69b9c97badd133553d601d99e3e13958943aeda04466a6c0ecaeb9d3f1758a8f3251b0e62091ef2"}, 0x109)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x84, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x4}, &(0x7f0000000200)=0x90)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r0, &(0x7f0000000880)=""/202, 0x8f, 0x200000000004, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r8, 0x0, 0x1034}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r9 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
ioctl$IMSETDEVNAME(r9, 0x80184947, &(0x7f0000000280)={0xd0, 'syz0\x00'})
pwritev2(r9, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x30000000, 0x3)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r10, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f0000000300)='GPL\x00', 0x8}, 0x94)

2.065619218s ago: executing program 3 (id=4543):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc9ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
getpgid(0x0)
geteuid()
eventfd(0x452)

2.026477209s ago: executing program 3 (id=4544):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000040)='./bus\x00', 0x44000423)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x3b0, 0x0, 0x43, 0xa0, 0x1d0, 0x98, 0x318, 0x178, 0x178, 0x318, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1b0, 0x1d0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[{0xb}]}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x410)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'syztnl0\x00', &(0x7f0000000180)={'ip6gre0\x00', <r5=>0x0, 0x2f, 0x1, 0xec, 0x3, 0x10, @local, @private2, 0x1, 0x20, 0x3, 0x5b7a}})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000001600)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x200)

1.892609571s ago: executing program 5 (id=4548):
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='host1x_wait_cdma\x00', r2, 0x0, 0x4}, 0x18)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x2)
syz_emit_ethernet(0x46, &(0x7f0000000200)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0xff, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @loopback, @loopback}, "e2176371ae9b0999"}}}}}, 0x0)

1.775159572s ago: executing program 5 (id=4549):
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
pivot_root(&(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1000000004000000b10ef2633ced659f5363199a7f9e5040d0b69d732c9ee242e45910863337d83a2057a04dad2ba587de3359cab404170fd73ada916f8d45c873705ac5bae59b77fe9143072f2bc1034a6447072fde5c196457d7b62a79fa08861663da890345e72a7edc59e369387ea47fc050b558989ab298508710682c42de459a437d9efb1eda5ed794a46f61", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x46, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$tipc2(0x0, r5)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_subtree(r6, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000040)={[{0x2d, 'pids'}, {0x2b, 'cpu'}]}, 0xb)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x40000000004)
close_range(r8, 0xffffffffffffffff, 0x0)

1.664358534s ago: executing program 3 (id=4553):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040))
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000009500000000000000f8b72d788d6a729f108e1fa05d4dad0718469414805f27348d9965af9f2f"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
r4 = socket$inet(0xa, 0x801, 0x84)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000980)=""/251, 0xfb}], 0x1}, 0x0)
sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}, 0x1}}, 0x10)
r7 = accept4(r4, 0x0, 0x0, 0x0)
write$selinux_load(r1, &(0x7f0000000540)={0xf97cff8c, 0x8, 'SE Linux', "30af48fcc5b195a0ff439b4baa396967b0b4c3998ae8cc9b59413d3302117f15daf84a16a69a7d43c18a2a35e97c1d7231b0179c741a1532fd53eec1b3b11f13eacd2890e008488f31c7fa01fb9638b2eafc1d9d1b0418e6e4c746263b78ce772d3b42704890de661b80a1d1f1aa00b78ad140f106fe010fbc2eea3d9ee91c56ffe07e9393cc7442a7364800ef7d12d70505c1a299e4318b605addd5d985dd348fbf6390d6b4542bd581e71bbc4528e70c47e86f8f6a8851a250654b09427178953729b0ae96e8e77b5679eaae023b9dbff69b9c97badd133553d601d99e3e13958943aeda04466a6c0ecaeb9d3f1758a8f3251b0e62091ef2"}, 0x109)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x84, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x4}, &(0x7f0000000200)=0x90)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r0, &(0x7f0000000880)=""/202, 0x8f, 0x200000000004, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r8, 0x0, 0x1034}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r9 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
ioctl$IMSETDEVNAME(r9, 0x80184947, &(0x7f0000000280)={0xd0, 'syz0\x00'})
pwritev2(r9, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x30000000, 0x3)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r10, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f0000000300)='GPL\x00', 0x8}, 0x94)

1.493524397s ago: executing program 0 (id=4555):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102032900fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)

1.411000508s ago: executing program 0 (id=4557):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102032900fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef) (fail_nth: 1)

1.118223133s ago: executing program 0 (id=4558):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = memfd_secret(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, &(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES32=r0, @ANYRES32=r1], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x2)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1000, 0x2})
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000400)=0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
mount$9p_tcp(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x800000, &(0x7f0000000140)={'trans=tcp,', {'port', 0x3d, 0x20000004e23}})

1.069416214s ago: executing program 0 (id=4559):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x20004, 0xfffffffc}, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
pipe(&(0x7f0000000480)={<r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

939.091695ms ago: executing program 4 (id=4561):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x5f6f, &(0x7f0000000000)={0x0, 0x84bf, 0x40, 0x2, 0xfffffffc})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000500), 0x0)

918.169506ms ago: executing program 5 (id=4562):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000380)={0x1})
finit_module(r3, &(0x7f0000000140)='GPL\x00', 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r7}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
getpeername$l2tp(0xffffffffffffffff, &(0x7f0000000680)={0x2, 0x0, @remote}, &(0x7f00000006c0)=0x10)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000000201010100000000000000000a000000000304001980"], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
add_key(&(0x7f0000000180)='asymmetric\x00', 0x0, &(0x7f0000000800)="3080", 0x2, 0xffffffffffffffff)
r8 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

917.943846ms ago: executing program 4 (id=4563):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88240, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000100)=@md5={0x1, "5211eb8e5ce6935e9bbd76e32c4c956e"}, 0x11, 0x1)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00') (fail_nth: 2)

712.732229ms ago: executing program 4 (id=4564):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))

682.534979ms ago: executing program 2 (id=4565):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r3], 0x48}}, 0x0)

590.306621ms ago: executing program 4 (id=4566):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x19, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES64=0x0], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400003}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000007c0)='kfree\x00', r0, 0x0, 0x5}, 0x18)
unshare(0x20000400)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000050000000700000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000009000000000000000"], 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b0000000000000000040000008021b0e586543665aa696bc900003469572dbd0e6fb5"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000780)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000200)={0x1})
fcntl$lock(r4, 0x25, &(0x7f0000000140)={0x2, 0x2, 0x5, 0x80000000})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100), &(0x7f00000004c0), 0x83f, r1}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x18)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000140)={0x8, <r7=>r6, 'id1\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={0x0}, 0x18)
pipe2(0x0, 0x800)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r7, 0x6, 0x21, &(0x7f0000000380)="cdfb36f9e6aa47c20429c37c2332a58d", 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b4968c6c12fc9a4fc000000050000bf000000000000000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r1, 0x0, &(0x7f0000000800)=""/40}, 0x20)

527.161722ms ago: executing program 4 (id=4567):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, 0x0, 0x0)

526.743082ms ago: executing program 4 (id=4568):
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0xd, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, @perf_config_ext={0x0, 0x10000}, 0x1322, 0xfffffffd, 0x200b, 0x7, 0x4, 0x1088f105, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f00000021c0), 0x0, 0x79e, &(0x7f0000000540)="$eJzs3MFrG1caAPBvJlYcJ96VF/awe8kuJJBAiGzHl+S03suyl0AgsNessGVjPLaCJWdtbyDO3hYWsvGlLYXS3nvstRDSP6D0UgIt9NZDobSpe2h7UZEsy7EjKUoiW036+8FY7828N9/3SfKzBjwK4Ffrz/UfScRoRFyLiHxzfxon4nijdSJic2fc9uPbM/UtiVrt+jdJfVps1/KtcyXNx1PRmBJ/iIiHuYgL/3k6bmV9Y7GYZaWVZn+8unRzvLK+cXFhqThfmi8tT05dmbg8NXV5YqpvtZ79x5WR+x//bWvr0w+q904PXUxiulF3NGvrW6An7DwnuZg+sH/5MIINUNLDmKEjyAMAgO7SiDjW/GyWi3wc6/YpzQc4AAAAeCXVhmu9+rHnkQAAAMAvTBKDzgAAAAA4XLv/B7B7b+9h3Qfbydd/jYixdvGHGvcQR5yIXESc3E723X6Q7EyDl7J5NyIeTLd5//VyR3N3E3vNkf6ckX57UF9/ptutP2lr/Yk268/Q7ncnvKTO699e/GMd1r9rPcb48J0/5jrGv1tZ++/pdvGTVvykQ/x/9hj/3tb/7nc6Vnsv4lzbvz/Jvlhdvh9ifG4ha/er1Ur34U/nH3WuP+LkU/GTpBE16V7/zR7r//f2d4ubXeKfP9P99d+JP7xvXv098f9mHmlE3G8+1vtbB2KcWfrso6cjJ5u78Wc7PP/tX/+/t+p/t8f6v3h/eK3HoQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCQRsRoJGmh1U7TQiHiVET8Pk6mWblSvTBXXl2erR+LGItcOreQlSYiIr/TT+r9yUZ7r3/pQH8qIn73+chO0IWsVJgpZ7ODLh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICWUxExGklaiIg0Ir7Pp2mhMOisAAAAgL4b299NB5UHAAAAcHjGBp0AAAAAcOhe9Po/6XMeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGvt2tWr9a22/fj2TL0/e2t9dbF86+JsqbJYWFqdKcyUV24W5svl+axUmCkvPet8aURMXonVtfFqqVIdr6xv3Fgqry5XbywsFedLN0q5I6kKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5zXa2JK0EBFpo52mhULEbyJiLHLJ3EJWmoiI30bEo3xuuN6fHHTSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9F1lfWOxmGVjK81G6dVs1PaXM/B8jqTxSTGLJGLQaXRuvNV8VbqNSTYjstKXzZG7h0aeMavPjbQZ/mXOs5d8L7PuHG2Bz9340wDWIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABq+yvrFYzLLSSmXQmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBY6VdJRNS3c/mzowePHk9+yDceI+Jfb19/Y61Yra5M1vd/29pffbO5/9ITE+8cZQ0AAADw2vvL8wzevU7fvY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVWV9Y7GYZaWVQ2zE3UFXCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvIifAwAA///dDrWp")
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/59, 0x232000, 0x1000}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x2, 0x2)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x10}, 0x100000, 0x7, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071104200000000001d400500000000004704000001ed00000f030000000000002c440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a107464ffffff7f00000000617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce963b0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c3f000000315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b47623"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
write$binfmt_elf64(r4, &(0x7f0000001380)=ANY=[@ANYRESHEX, @ANYBLOB="2d67cab625449ec43985b2b5f14571cae8edd19d262ed6a000755f93bed285fd6e7a6def8e0d3e76f4c61a8ddea453015f67377a44b93c865f7ca1e5d92011a885b5def49e195b8534b691790c55e8c5c48ac4fa971bc3b27134f25128ea37afc44231e2289cf1733e40db8956aef4ab08a7a2fd5246823f2fdc4acd1c49cfcf5365861d75ea06f988af2433733c65ee7e9781db3cdd9c9e9726368d7d86a2", @ANYRES64=r4, @ANYRESDEC=r2, @ANYRESDEC=r1, @ANYRESHEX], 0x178)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x9, &(0x7f0000001200)=[{0x0, 0x81, 0x10, 0x8ed}, {0x200000000006, 0x10, 0x0, 0x7ffc9fff}, {0x5, 0x3, 0x1}, {0x3, 0x5, 0x10, 0x6}, {0x2, 0x5b, 0x81, 0x8}, {0x5, 0x5, 0xa0, 0xfff}, {0x4828, 0x1, 0xe, 0xa94}, {0x8, 0x77, 0x10, 0xb9b}, {0x6, 0xff, 0x6, 0x8001}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
modify_ldt$read(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000700)={0x3, &(0x7f00000006c0)=[{0x9, 0xff, 0x7, 0x10}, {0x5, 0x9, 0x3, 0x3b69}, {0x8, 0x8, 0x9, 0xfffffffc}]})
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000680))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000740)=ANY=[@ANYRES8], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
gettid()
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

429.890774ms ago: executing program 2 (id=4569):
r0 = epoll_create(0xeed)
epoll_wait(r0, &(0x7f0000001180)=[{}], 0x1, 0x7)

394.144994ms ago: executing program 2 (id=4570):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000000800000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r3, r2, 0x7}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r3, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r1}, 0x20)
sendmmsg$inet6(r1, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000ac0)="b0", 0x7ffff000}], 0x11}}], 0x2, 0x0)
syz_open_dev$vcsu(0x0, 0x7, 0x20000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
sendmsg$inet(r4, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)="91", 0x1}], 0x1}, 0x805)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440), 0x2}}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000), 0xfdef)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e"], 0x15)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000b80), 0xa2800, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74fc}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x2, 0x0, 0x100, 0x10020, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0xfffffffe}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0xa)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xc, &(0x7f0000000bc0)=ANY=[@ANYBLOB, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)

306.772465ms ago: executing program 2 (id=4571):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180), 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES8=0x0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "23f07385df12bc41", "23bb616f2ab7762dfc30f004a821fcc4", "efcf5233", "5b46e1b8569ebe7d"}, 0x28)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f0000000bc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@enum64={0x3, 0x0, 0x0, 0x13, 0x1, 0x1}]}, {0x0, [0x61, 0x2e, 0x5f, 0x61, 0x4f]}}, &(0x7f0000000c40)=""/3, 0x2b, 0x3, 0x1, 0x1}, 0x28)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r5, 0x0, 0x4ab}, 0x18)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x168, 0x168, 0x8, [@enum64={0xb, 0xa, 0x0, 0x13, 0x1, 0x5, [{0xd, 0x9}, {0x8, 0x64, 0xff}, {0xc, 0x7f, 0xd}, {0xf, 0x6, 0x7}, {0x3, 0xfffffff7, 0x8}, {0x6, 0x80, 0x2}, {0x6, 0x5, 0x1}, {0xb, 0x2, 0x400}, {0x6, 0x2, 0x5}, {0x4, 0x73b97801, 0x7}]}, @typedef={0xf, 0x0, 0x0, 0x8, 0x4}, @enum64={0x9, 0x7, 0x0, 0x13, 0x0, 0x8, [{0x8, 0x6, 0x6}, {0x6, 0x401, 0x3}, {0x2, 0x152, 0x9}, {0x2, 0x8000, 0x100}, {0xc, 0x6, 0x7}, {0xb, 0x0, 0x7}, {0x2, 0x303, 0x2}]}, @struct={0x10, 0x8, 0x0, 0x4, 0x1, 0x4, [{0x2, 0x5, 0x100}, {0x5, 0x1, 0x7}, {0xc, 0x2, 0x9}, {0xf, 0x2}, {0x10, 0x5, 0x2400}, {0xf, 0x3, 0x4}, {0x9, 0x0, 0x4}, {0x5, 0x1, 0xc8b}]}, @ptr={0xc, 0x0, 0x0, 0x2, 0x3}]}, {0x0, [0x0, 0x10, 0x30, 0x5f, 0x2e, 0x30]}}, &(0x7f0000000340)=""/55, 0x188, 0x37, 0x0, 0x6, 0x10000}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={r1, 0x20, &(0x7f00000005c0)={&(0x7f0000000440)=""/98, 0x62, <r8=>0x0, &(0x7f0000000580)=""/38, 0x26}}, 0x10)
r9 = signalfd(r2, &(0x7f0000000840)={[0x5]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x14, 0x4, &(0x7f0000000080)=@raw=[@btf_id={0x18, 0x6, 0x3, 0x0, 0x2}, @jmp={0x5, 0x0, 0xa, 0x8, 0x3, 0x10, 0x10}, @jmp={0x5, 0x0, 0x7, 0x8, 0x5, 0x0, 0x8}], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x56, &(0x7f00000002c0)=""/86, 0x41000, 0x74, '\x00', r3, @fallback=0x25, r7, 0x8, &(0x7f00000003c0)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0xb, 0xa}, 0x10, r8, r9, 0x2, 0x0, &(0x7f0000000880)=[{0x0, 0x3, 0x5, 0x7}, {0x0, 0x4, 0x6, 0xa}], 0x10, 0x400}, 0x94)
close(r2)

288.074776ms ago: executing program 2 (id=4572):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)

282.367106ms ago: executing program 3 (id=4573):
syz_emit_ethernet(0x82, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde0800450000740000000000019070ac1e0001ac1414aa0500907800e0460400000000000040110000ac1414aa000000008303000703fd443c00030a010104000000000000000400000000f48957d2cc6e11fc348edbac1414000000000000000000000000000000000000000000ac1414000000000000"], 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000240)='kfree\x00', r0}, 0x18)
r1 = socket$kcm(0x10, 0x2, 0x4)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x7, 0x3})
sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000b00)="48000000140081f37059ae08060c040002ff0f7666e61621ffb2ed774b6ae1becb03f1cd823010a7ce00006fabca3b06a6bd7c00000000030000068a562ad6e79bfeeccb6b05530000000000000000", 0x4f}], 0x1}, 0x24004004)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x3, 0x0, 0x7fff7ffc}]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000940), 0x0, 0x111001)
fsync(r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x18)
getitimer(0x1, &(0x7f0000000280))
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000100)={0x2ffc, 0x2, 0xd, 0x6}, 0x4)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000160001f47efde4be701161000a000000040000800400", @ANYRES32=r6], 0x1c}}, 0x804)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r7}, 0x18)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000180), r8)
sendmsg$NET_DM_CMD_STOP(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x14, r9, 0xbc914b49a8246e7, 0x0, 0x0, {0x8}}, 0x14}}, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r0, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000002c0)=[0x0, 0x0, 0x0], ""/16, <r10=>0x0, 0x0, 0x0, 0x0, 0x5, 0x5, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa5, &(0x7f00000005c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000680), &(0x7f00000006c0), 0x8, 0xc9, 0x8, 0x8, &(0x7f0000000700)}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000900)={'syztnl0\x00', &(0x7f0000000880)={'syztnl1\x00', r10, 0x2f, 0x0, 0x99, 0x5, 0x60, @ipv4={'\x00', '\xff\xff', @loopback}, @loopback, 0x0, 0x8000, 0x1, 0xf}})
r11 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r11, &(0x7f0000000980)={0xa, 0x0, 0x4, @remote}, 0x20)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000000)=@usbdevfs_driver={0x83, 0xb, &(0x7f0000001640)="7eb27921abcd0d3e72704e4c536c243bbea113689e061d91350e8b0e5eae12687c0d0b303ad128cfd134b7f6e25a97ba7d6cd5f660edca27a670cd08c359721da878213305ebfd5b9564f2d997e4912594759094bc5a9d65de1b4856eb55dd3e7c17f44b77d4ea14ca8cc4de21f36403485d1d181e4319baceee219b54a717dd68708cfd9226bfe556fbb9f58095be464d5869414beb1902126fc2eb8b442503a199f91a590c3033ae922f1ec248176a2146138983e7f9ce4906f26e2edef9b69217c69c990edb00d172921164b4c1725f8ebf6ea8225aaed48f9bd11bac497f57976a215bdc421edf3a4dc38b67aa0ed68a738ec1f1a7033213560a1b8d43b736d09da2a48e0d08d3a36f1da6cee4fabc711b2283ae760f590a36a6bb676cdb802fa9a20d2a0919d663f76a1629fad7c0eabcc7447081090c97d845635784b9d5649e7af248d43c38ca885bb58ef126ca12518ce40af0ba8fa6be407cc5d2c2422a78d12b610c4bdfe81a4b2ffa494559044900961096c9f909197b2b4e74481f740722089637cac30a33fb5de374353ea2d79435e6180454dddef1aae0c23959ec42a512d8b503b1c20935a5dae6f028283ac3ecebc3c5e6b59a0b073a9fd3282ccd4e44051a423894778e5933cfca1e80310168a934f1a4f3823f6e8876bbd2f85705d6193b7c1050525749d2e9a4bfd5dc9db63f2f1beffbb00b7645b33d50f6ad976430b471eda4bfead663cc83c63c051513e96eb94bff9071e19b0bd537b9d1f371ba88e25b063949bc35f3aa689d2f8b2c1456c990a97f027e107e726e0d5d0d6dc7f90c9996f100c1e85c875d8156073d3d0b7bc3f4b3a4472b4770d84433fc59f248632addf311ada1009063569216d848f242596af778fa4163c653643484d1bfdf68feb0fffbd6c208f2b5f46b6710d2bede3b9012f655cf001cae60d6dd803342ae6947b676d63b0556aeea81ff00b03e941ef918f58a831962081c73b298d6ff8d52aa93bbff6b3ee7314545eb925ec0e9315930cc357010383bab7dc427278e8bec5ee803d52dcec4143c39a3f0f01c4decd33bde9b6fd68a3eb8ef36a9e672ddae1e1a72538db0d4846480317f5dfefe77df12edc9d0195e9a8cd99e24efe9402cdd10f526a20e6b63f7277a15cb695c71f6d854f606b44a41d3be8b686e333504dd6d0b6a281e55fce29c1ffe15ca2b20f0a10c8e05a09357fa24fb964b46de1f321259732b2603e1f367b7abd001a26e6084af791a7c81c00cf8a041e261c9a550d40da1f41823b00f2c78f553c8ebffd6f662535a7bdd56536f5eafe50ff6a9c4ebc88547f6cb2fffecbae770edd1552788333ca8fe488026bcac600dfb1d7c394547f0d4c87266511d0ac22ea0f8976b26be0973b45d5c38684d82ca2983f464558dafaaa64fda133fb3ab402ce368cb5092e3976627b057e24c7ca6f3cd0ff608e1b8815ffeb2797cdc216cac5893482921adf361d80151b3c5379a9f3692ef6d6c20999a38decc8e424759e08e33af1d7e7e9c5ee164bafcfd94514879adc44e2127dfab74201e7075ca978a2231b5e8e3511d656f4baa79004fb386b7cfdfda78705a8866d05c1037e4040591deb0a4f3f57f005ebcb3e7d87233b25da9a7aa41e46cc4e41fef9725b497abf2722553521d206687310d1c9940ee606282f1d7b74bb0e2d95ead5aad9bbb60d3eb5c6933f4ccb8ce1062fc46ac30d318ae483935d43d39619f133d95f4534f548773b13f89539a1cd79bd6efc9a2969ea99667fc8111656952c89f782041a86413065bab5db0c754afb0f0bfe6edee962a1f4126cee9ee15123156e2fcba3a12c728eb9364d1e4671a262b14b321fafe032603298debda921e463c4524f783d090c3bba3dc31d1d6e35c91b56ad6e4ccec1bb2f3ac4c61721d9e5eededb09f344de9a2ea90fd6aea2d1054195c3c7538404b273c7101f1ead3ccdbf85d4eb1fd96e2cda44889b922f2a9fb3427cd44316feea5cb9603ea6355e42dfca4db90245381fca04799b706b8de7a0094e7cdb0cfe031be7b3c756369cd2d1bae0b1a805323fe66bceb4339d482a8f1f8e29a8006fdb6dc5f1bd09ac2771aa817aed3427933f7b34f50bff96e97b37e77561cf5a55c805333a2764b2b0313cc42928e96759ff9bb57fcefbcbcc1264f5d30385228ffcfe0f2537cf6549c6bd830d4be43bdb2527ececc316e3cceddb7eff8d7b64b0c70db682d434ab93731ee425319916a29e50d9c414837ca8793bf104d7b7735e6516b4e8381ace922103cf696b94d983cae958a127412c900eada93e17dae2a56ca5b6cf0fb1d63a9ec7686089508816a6dd530d2daf23b86921293fd8544ec044eed3de3c198ee80ec438d075c78e18d6d2468f4e44e1e52e1c14eec553de8a1a3237ff30dd724285445971e0afe65b8c382dbe1abc10ee2cd7cce34c3ea602e9b6ec145521396e4ba8cf5fd747830aaf1ab5b5f798d4daa4f8cdbc90b7de92474dc1f1335dfe906bd681623488f1af9af9d749a29a759479c54baa2f510874c57456b39d64e69176fc20abe0323ae9133c4adaa228d5950e3180804ed6d8bf7e826bb082ed0827963d20b3e4c5f2afd4bf92f02491ae59027fb90d9f2c328d226661f02ab9b006affb400b9b28e7e9091ae1c15d7315dd9e2f729e42de46cd9637d7e7928864320e2e794cef344d716e92f2d505815438fbd9f988007982f8593fbc00b65f93978ccb60a16ce1508a8a82b1f0eb9a5f57f36561971d4489493801970c96602ec7c40cf72ed21a2268b8b3320e9dd3ae77942b0820d574a4a8df53483cdcb7f8deadb2bca80325acd2dd2e4f77a6744bd9118e15a3a2fe367d57687af45c3cf717aa6f4676bee5fffe5c4bb75d71aedbd64065150e3d3186f4bb72adae9fd927486634b5fd523483485b31330ae73aad1110867a4a53e0921656e92df7d44e50473f8fac7dc4666a083aa37777a019d6835f8da292733f1bbaa507f9ba64d741ef95c698d1e6f6862228d7d630ebe675d26b95de4390bda8e4d718402990b2bcec8b112cbe827eb96bf573249b0e7645521d7d2df6c853f5147f2515c709b124d757d00f3b21272c21492303c09423080cd38dd04858d03fc5913f6aea1baa2c705bc2cecd3bf6c8542290a2ce4db2f02d757d4b1ef9c4cf8f1e6f7231b0641e3d3f0c8b81716d8b4b86225075ec0070520fd6f284fc41e5e1b1b0fc7b91356c5a9d5a6e9b6b21070d5fade7b9494e222523cf5e1bca9d601a20944ae83ae3f1511a99e705ae239d033ce920b85aa0b754202318022bf8476d0f4745882c2098e8c9efd65181d6eb41211c9f2590a928f54ffd4c4d359308b145fca4bac59eaa3259e0efd72b74eeb6a48c419c44da6bcbb4e170c822ff7b4b967f8b6395d277ecce9c41ce75cb96cc1111e2f2426647cb1e1ba17b956b3e27ee5133a788169deb9f4e2102ccbaf3c9d402154a68b80a274700ed9e6753b44e87ab132e8a4429a80813896b6140c948e07300b85d2177caafce5101ab72b46e9bfa884556b1f50e5beeba2a4347363e22013487b314ad0a1738949c0b0455e48b323306c57f97fd2d60785f765ccc607473b1e815e08d6fcffee18bdfe47a4f1ef6aa8e197805f6222aee2025fcf628dd5292e8cbd96b958c12cacc8a52dc7c5675260d60438f5516dcdb1b27d8cb249b4ecefc0c77f9ba76ef83894fc85442b99c00fb6297b0d36486740b23258154fd0d5a1659a174eaa77eff2d18a279aa29422ae1756c22c1f06aeec30cb637c68cd98a629e32f3986348d695bf17e1fda54f19b74092bd774aba8965d20f6368db65d8e3c15e99fd6941e0a441e87598d1cdcc7a21baa7affdefe2c494ed85ed166ddc0f04f026953de6671a190a35a061209c917b1a0e02dbdc8ce38054eeb9e1b09586bb9c14127b79e5827e385bb55347d84e38e7fc04ea2663b5c327359f078f02c739cd8c6b7afda8c13fb6225dafdf5dcd923260d9228ecc1d72a8489cdfb1c4f83119957b636d39e7e4f58c14884f94434cda16aaa207a43c2a15ae52aeb6fb020dd0a58f2c0961d76d1dba8cd597ca502168d29704d57aeeba56d5b3f091455a3984bce492b2a23e98933fa1e937f5850a5b029f848e84ad40b5a5a6835a0a75823cc052f5187d1acb4423371dc261b693371bbd78499a687caa69130a4464aa606997fd7496f7bf08eab0b9558010ae826b90f3ee59190c29309f2a25236a01548d865c817eb805b400392c5ca1d161d18cece5217fb4ece5bfd656b24412eef7b2d51c1e7d48124ebe7cdd1b15682d9d5987a350ac8ca23d72023fb768823106430f4305c7b4cb197775cd4a1abd8d1b5365948f04591a11f90f02d0b097baff19fd10a7839067803706d49758071bba3617f16a2d978d3f2b23ae15ccd75767f9d43dd33693bf407ffa2994d1bdb081a5ddc2ffa458d834398e3ef0977fd040bed89295e6515ad32495e4ba9b1f6ec24f7adf0f80e2c83b9ebc0d048c10b16e65e08eb24f4b0ef01d320c1ba9576ac91191d72fd033a4e38678be85dcbe7e3e9cf1829cfbd2da30c0fd12af0b3fc732113cfc83e8921ad48a4fadc6bfa67a4ff7563862dd7631ae92dab87c4004df7d875f76c77031b4cbfbd6b605e7147f94c525402e080563f4d7ad8b95dc0b5381a53a2fd6a7e32a11a2175832e409298c3756f0e53150ce8ab30ad3fd83e2a3fbade30d22e88c59a89f549c2b2629c28d31f8a37ae62e7214479960237d4202d4fd1cd8ed246720bc6ee0f8953ceeb2b7ce48936b4fa015c59ad076f5ee0b003f53febe5436ec56d6861ef1a8a7a8f78e0e1158c0a875988e56873e0e5e650212b1980b216203d3f32bc175a67f93508857baee4c4978c7cdb7a3445c98df6d8b85008296668b65149e7fd0c316bb654b6ea0bdd081a790b2ae135e46403cefe70123f66817da8d311684edb3f455795bef05dfbf26272abe143c28e5bc34a0c55296dac6f77ac6f754396e1276c5971c4dda549f448afd08ef22e47867ada7a6b0829d99b870721e6deaa7cffa767bbd19a2beb6ce56ec04c26b7cd853828b851d2b454a0e4d7a0f29dd2ff767953731720a747bdafe4059d1bbb13e0c880b4f6a172a232fc31421fa9e5bb4466c49b5aa193b463536a5df394bfc1dfd6a7c1c3f61a93fe7f1ed87c7ca97ef882f11434e9704861901f5de5c43691c6634b44af392906d29b287918d5967ee9619541c1fc23f8ec1d9840b0a0068cdad8b4d869059150bd3d6a7f2e165b90123f037676fb2e3b92a15dbe51eb814b280c73d0b2931a0623959dbca40dd13e5b6207d9ebfa3c9ecc962bdb1c70b3f88c36327b8c6ce155091fe52c96a1140b4f67da316b5d1492a01f67ae42960551769e18ea8ae14fa24c2e96e83719db8b136d5ec3498432f996c92a1431b7099b30fc1a89cfa16369748e93b664460322c7ecdd282eb559e12b03fec1ce9e2597ffc3712be90f8c1e4bd9fba3c3087b1a8427c2cd074ba45223893c7ebcf763427cf99edfeffc9efd3295f4857f6817ed01716e6a3732046ea90b67ca092abb81bd22c2abf265bc9ed1262aa9522e87e8f4628b1e643a71d868b9bd6df3aed8ce53098ee5138e8bf53e5e295f2ec0295a5bc60430bcf23b464bbe99c32c3685ba70c242f8b661e071aa580fc52041060bc5b78554b1c820248d7c1e832517eeb624ac8333f26bad52be09d65d9734ca1af1c13eb8f73b51a5ec969cc1a6cbe7dd98463f928273867bfa5771b09540a236bc2df3cfd5963ac0c96cfe408ee16bcfd689ea"})

245.841196ms ago: executing program 0 (id=4574):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x200)

162.992248ms ago: executing program 2 (id=4575):
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000002c0)={<r0=>0x0, @local, @local}, &(0x7f0000000440)=0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000001c0)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000040)={'team0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x20, r6, 0x1, 0x50bd29, 0x0, {0x1, 0x6c00000000000000}, [{{0x8, 0x1, r5}, {0x4}}]}, 0x20}, 0x1, 0xf000, 0x0, 0x4008000}, 0x810)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="5000000d04040000000600000000000000", @ANYRES32=0x0, @ANYBLOB="00000000195000001c0012800c0001006d6163766c616e000c0002800600020000000000140035006d6163766c616e300000000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x0)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x10, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10)
openat$random(0xffffffffffffff9c, &(0x7f0000000240), 0x48000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000002001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r9}, 0x10)
r10 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b100bf800", 0x33fe0}], 0x1}, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000340)='dctcp\x00', 0x6)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

20.09477ms ago: executing program 3 (id=4576):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r1, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))

0s ago: executing program 0 (id=4577):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0xb00, r5, {0x9, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x24, 0x2, [@TCA_CGROUP_EMATCHES={0x20, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xb}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x874f, 0x8, 0x2}, {0x0, 0x3, 0x5}}}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x90}, 0x40010)

kernel console output (not intermixed with test programs):

 T9871]  </TASK>
[  330.398561][ T9871] memory: usage 307200kB, limit 307200kB, failcnt 749
[  330.518087][T16597] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.518517][ T9871] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  330.649305][ T9871] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  330.649320][ T9871] Memory cgroup stats for /syz5:
[  330.657233][ T9871] cache 0
[  330.665158][ T9871] rss 4096
[  330.668199][ T9871] shmem 0
[  330.671220][ T9871] mapped_file 0
[  330.674686][ T9871] dirty 0
[  330.674695][ T9871] writeback 0
[  330.674701][ T9871] workingset_refault_anon 298
[  330.674710][ T9871] workingset_refault_file 20
[  330.690205][ T9871] swap 196608
[  330.693481][ T9871] swapcached 8192
[  330.697148][ T9871] pgpgin 164335
[  330.698605][T16620] lo speed is unknown, defaulting to 1000
[  330.700611][ T9871] pgpgout 164331
[  330.700620][ T9871] pgfault 185257
[  330.700627][ T9871] pgmajfault 186
[  330.700635][ T9871] inactive_anon 8192
[  330.720905][ T9871] active_anon 0
[  330.724377][ T9871] inactive_file 8192
[  330.728298][ T9871] active_file 0
[  330.731757][ T9871] unevictable 0
[  330.735200][ T9871] hierarchical_memory_limit 314572800
[  330.740605][ T9871] hierarchical_memsw_limit 9223372036854771712
[  330.746795][ T9871] total_cache 0
[  330.750348][ T9871] total_rss 4096
[  330.753885][ T9871] total_shmem 0
[  330.757330][ T9871] total_mapped_file 0
[  330.761318][ T9871] total_dirty 0
[  330.764758][ T9871] total_writeback 0
[  330.768536][ T9871] total_workingset_refault_anon 298
[  330.773719][ T9871] total_workingset_refault_file 20
[  330.778845][ T9871] total_swap 196608
[  330.782639][ T9871] total_swapcached 8192
[  330.786767][ T9871] total_pgpgin 164335
[  330.790741][ T9871] total_pgpgout 164331
[  330.794807][ T9871] total_pgfault 185257
[  330.798865][ T9871] total_pgmajfault 186
[  330.802923][ T9871] total_inactive_anon 8192
[  330.807309][ T9871] total_active_anon 0
[  330.811283][ T9871] total_inactive_file 8192
[  330.815683][ T9871] total_active_file 0
[  330.819649][ T9871] total_unevictable 0
[  330.823604][ T9871] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.4041,pid=16585,uid=0
[  330.838318][ T9871] Memory cgroup out of memory: Killed process 16585 (syz.5.4041) total-vm:93752kB, anon-rss:936kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  330.921624][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.947221][T16632] loop0: detected capacity change from 0 to 2048
[  330.965665][T16632] EXT4-fs: Ignoring removed mblk_io_submit option
[  330.982987][T16632] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.052866][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.089791][T16642] loop0: detected capacity change from 0 to 128
[  331.108309][T16642] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  331.116242][T16642] FAT-fs (loop0): Filesystem has been set read-only
[  331.125934][T16642] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  331.133832][T16642] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  331.226762][T16646] loop5: detected capacity change from 0 to 512
[  331.253674][T16646] EXT4-fs (loop5): can't mount with data_err=abort, fs mounted w/o journal
[  331.403221][T16652] loop5: detected capacity change from 0 to 512
[  331.420420][T16652] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  331.447816][T16652] EXT4-fs (loop5): mount failed
[  331.472834][T16657] pim6reg1: entered promiscuous mode
[  331.478210][T16657] pim6reg1: entered allmulticast mode
[  331.820147][T16642] bio_check_eod: 178452 callbacks suppressed
[  331.820164][T16642] syz.0.4058: attempt to access beyond end of device
[  331.820164][T16642] loop0: rw=0, sector=2067, nr_sectors = 1 limit=128
[  331.839785][T16642] syz.0.4058: attempt to access beyond end of device
[  331.839785][T16642] loop0: rw=0, sector=2068, nr_sectors = 1 limit=128
[  331.853781][T16642] syz.0.4058: attempt to access beyond end of device
[  331.853781][T16642] loop0: rw=0, sector=2069, nr_sectors = 1 limit=128
[  331.867191][T16642] syz.0.4058: attempt to access beyond end of device
[  331.867191][T16642] loop0: rw=0, sector=2070, nr_sectors = 1 limit=128
[  331.880584][T16642] syz.0.4058: attempt to access beyond end of device
[  331.880584][T16642] loop0: rw=0, sector=2071, nr_sectors = 1 limit=128
[  331.888055][T16671] 9pnet_fd: Insufficient options for proto=fd
[  331.893963][T16642] syz.0.4058: attempt to access beyond end of device
[  331.893963][T16642] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[  331.913410][T16642] syz.0.4058: attempt to access beyond end of device
[  331.913410][T16642] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128
[  331.926918][T16642] syz.0.4058: attempt to access beyond end of device
[  331.926918][T16642] loop0: rw=0, sector=2066, nr_sectors = 1 limit=128
[  331.940394][T16642] syz.0.4058: attempt to access beyond end of device
[  331.940394][T16642] loop0: rw=0, sector=2067, nr_sectors = 1 limit=128
[  331.953780][T16642] syz.0.4058: attempt to access beyond end of device
[  331.953780][T16642] loop0: rw=0, sector=2068, nr_sectors = 1 limit=128
[  332.026657][T16675] netlink: 8 bytes leftover after parsing attributes in process `����H�A?���N'.
[  332.097080][T16678] loop0: detected capacity change from 0 to 512
[  332.200444][T16678] EXT4-fs (loop0): 1 orphan inode deleted
[  332.233006][   T51] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  332.236594][T16678] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.260163][T16678] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.421682][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.466692][T16686] pim6reg1: entered promiscuous mode
[  332.472076][T16686] pim6reg1: entered allmulticast mode
[  332.536162][T16690] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4076'.
[  332.560598][T16691] netlink: 'syz.2.4076': attribute type 1 has an invalid length.
[  332.675880][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.677141][T16703] loop5: detected capacity change from 0 to 512
[  332.683381][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.696994][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.700445][T16703] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.704468][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.724234][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.731679][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.739144][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.746522][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.753956][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.761380][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.768797][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.776180][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.783676][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.791383][T16703] ext4 filesystem being mounted at /410/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.803045][T16707] sd 0:0:1:0: device reset
[  332.811238][T16708] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4073'.
[  332.820327][T16708] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4073'.
[  332.832012][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.839449][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.846872][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.854285][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.861796][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.869197][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.876570][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.884034][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.891498][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.898912][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.900643][T16703] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4080: Failed to acquire dquot type 0
[  332.906332][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.924973][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.932380][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.939860][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.947240][T11915] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  332.959252][T11915] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  332.981226][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.096755][T16716] loop5: detected capacity change from 0 to 512
[  333.137369][T16716] EXT4-fs (loop5): 1 orphan inode deleted
[  333.148922][ T4984] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1
[  333.151604][T16716] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.184782][T16716] ext4 filesystem being mounted at /411/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  333.254875][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.277236][T16726] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4087'.
[  333.362133][T16731] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4090'.
[  333.373230][T16731] 1�: renamed from 
70� (while UP)
[  333.384564][T16731] A link change request failed with some changes committed already. Interface 
71� may have been left with an inconsistent configuration, please check.
[  334.046087][T16750] lo speed is unknown, defaulting to 1000
[  334.315869][T16758] netlink: 27 bytes leftover after parsing attributes in process `syz.2.4097'.
[  334.345052][T16759] loop3: detected capacity change from 0 to 2048
[  334.384037][T16767] loop0: detected capacity change from 0 to 128
[  334.413684][T16767] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  334.421695][T16767] FAT-fs (loop0): Filesystem has been set read-only
[  334.440068][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.447565][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.448764][T16767] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  334.455000][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.462747][T16767] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  334.480635][T16767] buffer_io_error: 177280 callbacks suppressed
[  334.480651][T16767] Buffer I/O error on dev loop0, logical block 2065, async page read
[  334.494962][T16767] Buffer I/O error on dev loop0, logical block 2066, async page read
[  334.495409][T16771] loop5: detected capacity change from 0 to 512
[  334.503116][T16767] Buffer I/O error on dev loop0, logical block 2067, async page read
[  334.503138][T16767] Buffer I/O error on dev loop0, logical block 2068, async page read
[  334.503207][T16767] Buffer I/O error on dev loop0, logical block 2069, async page read
[  334.515589][T16759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  334.517562][T16767] Buffer I/O error on dev loop0, logical block 2070, async page read
[  334.525939][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.561401][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.568813][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.576212][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.583613][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.591120][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.592236][T16767] Buffer I/O error on dev loop0, logical block 2071, async page read
[  334.598492][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.598517][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.621519][T16771] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  334.625427][T16779] sd 0:0:1:0: device reset
[  334.631410][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.642429][T16767] Buffer I/O error on dev loop0, logical block 2072, async page read
[  334.643220][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.652105][T16767] Buffer I/O error on dev loop0, logical block 2065, async page read
[  334.658923][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.672888][T16759] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, 
[  334.674032][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.674057][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.682341][T16759] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  334.689678][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.701882][T16771] EXT4-fs (loop5): 1 truncate cleaned up
[  334.705775][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.715072][T16771] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.718757][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.718782][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.731968][T16759] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  334.738579][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.745922][T16759] EXT4-fs (loop3): This should not happen!! Data will be lost
[  334.745922][T16759] 
[  334.753253][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.765385][T16759] EXT4-fs (loop3): Total free blocks count 0
[  334.772786][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.782397][T16759] EXT4-fs (loop3): Free/Dirty block details
[  334.789746][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.789767][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.795706][T16759] EXT4-fs (loop3): free_blocks=2415919104
[  334.803154][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.809074][T16759] EXT4-fs (loop3): dirty_blocks=16
[  334.816426][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.816446][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  334.828342][T16767] Buffer I/O error on dev loop0, logical block 2066, async page read
[  334.829619][T16759] EXT4-fs (loop3): Block reservation details
[  334.871315][T16759] EXT4-fs (loop3): i_reserved_data_blocks=1
[  334.882724][   T29] kauditd_printk_skb: 458 callbacks suppressed
[  334.882740][   T29] audit: type=1400 audit(2000000058.799:12535): avc:  denied  { map } for  pid=16757 comm="syz.3.4098" path="/220/file2/cgroup.controllers" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  334.905379][    T9] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  334.925599][T16771] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  334.970761][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.990406][T16784] netlink: 8 bytes leftover after parsing attributes in process `����H�A?���N'.
[  335.012839][   T29] audit: type=1326 audit(2000000058.959:12536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.036642][   T29] audit: type=1326 audit(2000000058.959:12537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.060299][   T29] audit: type=1326 audit(2000000058.959:12538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.083987][   T29] audit: type=1326 audit(2000000058.959:12539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.098934][T16789] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4108'.
[  335.107622][   T29] audit: type=1326 audit(2000000058.959:12540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.140009][   T29] audit: type=1326 audit(2000000058.959:12541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.163688][   T29] audit: type=1326 audit(2000000058.959:12542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.187367][   T29] audit: type=1326 audit(2000000058.959:12543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.205201][T16787] loop5: detected capacity change from 0 to 2048
[  335.211016][   T29] audit: type=1326 audit(2000000058.969:12544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.2.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af162e929 code=0x7ffc0000
[  335.243213][T16789] 0�: renamed from 
71� (while UP)
[  335.249160][ T4468] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  335.263059][T16789] A link change request failed with some changes committed already. Interface 
70� may have been left with an inconsistent configuration, please check.
[  335.288130][T16787] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.387740][T16805] netlink: 5560 bytes leftover after parsing attributes in process `syz.4.4113'.
[  335.419599][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.427025][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.434463][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.442494][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.449946][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.457423][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.464911][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.472334][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.479795][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.487169][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.494569][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.495910][T16812] sd 0:0:1:0: device reset
[  335.502092][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.513886][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.526642][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.534110][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.541494][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.548929][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.556363][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.563829][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.571283][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.578709][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.586137][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.593591][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.599019][T16814] IPv6: NLM_F_CREATE should be specified when creating new route
[  335.600982][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.616112][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.616533][T16814] loop0: detected capacity change from 0 to 512
[  335.623508][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.634924][T16814] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  335.637107][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.648480][T16814] EXT4-fs (loop0): 1 truncate cleaned up
[  335.654319][T11915] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  335.661388][T11915] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  335.667920][T16814] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.716814][T16814] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  335.866551][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.927709][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.086250][T16822] IPv6: Can't replace route, no match found
[  336.110423][T16824] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4121'.
[  336.119508][T16824] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4121'.
[  336.137068][T16821] netlink: 8 bytes leftover after parsing attributes in process `����H�A?���N'.
[  336.219553][T16822] loop5: detected capacity change from 0 to 1024
[  336.226572][T16822] ext4: Unknown parameter 'uid<00000000000000000000'
[  336.236602][T16818] loop0: detected capacity change from 0 to 2048
[  336.272079][T16818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  336.317418][T16818] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  336.319233][T16841] netlink: 27 bytes leftover after parsing attributes in process `syz.4.4126'.
[  336.348769][T16818] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  336.361083][T16818] EXT4-fs (loop0): This should not happen!! Data will be lost
[  336.361083][T16818] 
[  336.370835][T16818] EXT4-fs (loop0): Total free blocks count 0
[  336.376843][T16818] EXT4-fs (loop0): Free/Dirty block details
[  336.382770][T16818] EXT4-fs (loop0): free_blocks=2415919504
[  336.388485][T16818] EXT4-fs (loop0): dirty_blocks=16
[  336.393650][T16818] EXT4-fs (loop0): Block reservation details
[  336.399771][T16818] EXT4-fs (loop0): i_reserved_data_blocks=1
[  336.416899][T16844] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4127'.
[  336.526988][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.534461][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.541966][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.554060][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.561585][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.569123][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.576625][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.584099][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.591510][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.598978][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.606384][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.613942][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.621426][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.628889][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.636283][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.636937][T16857] sd 0:0:1:0: device reset
[  336.643732][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.655601][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.663088][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.670513][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.677974][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.685383][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.692791][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.700190][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.707595][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.715102][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.722637][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.730049][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.737496][T11915] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  336.750474][T11915] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  336.847672][T16895] loop3: detected capacity change from 0 to 256
[  336.860554][T16895] vfat: Unknown parameter 'utf;'
[  336.985387][T16934] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4140'.
[  337.143649][T16948] netlink: 9 bytes leftover after parsing attributes in process `syz.5.4144'.
[  337.143860][T16944] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  337.152797][T16948] 1�: renamed from 
70� (while UP)
[  337.172065][T16948] A link change request failed with some changes committed already. Interface 
71� may have been left with an inconsistent configuration, please check.
[  337.189362][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.286044][T16966] loop5: detected capacity change from 0 to 128
[  337.294559][T16966] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  337.302572][T16966] FAT-fs (loop5): Filesystem has been set read-only
[  337.313764][T16966] bio_check_eod: 24397 callbacks suppressed
[  337.313857][T16966] syz.5.4151: attempt to access beyond end of device
[  337.313857][T16966] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  337.320152][T16963] loop0: detected capacity change from 0 to 256
[  337.333539][T16966] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  337.347587][T16966] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  337.357820][T16966] syz.5.4151: attempt to access beyond end of device
[  337.357820][T16966] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  337.371220][T16966] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  337.379709][T16966] syz.5.4151: attempt to access beyond end of device
[  337.379709][T16966] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  337.393475][T16966] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  337.401406][T16966] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  337.409377][T16966] syz.5.4151: attempt to access beyond end of device
[  337.409377][T16966] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  337.423829][T16966] syz.5.4151: attempt to access beyond end of device
[  337.423829][T16966] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  337.437730][T16963] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  337.449572][T16966] syz.5.4151: attempt to access beyond end of device
[  337.449572][T16966] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  337.466083][T16966] syz.5.4151: attempt to access beyond end of device
[  337.466083][T16966] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  337.507346][T16966] syz.5.4151: attempt to access beyond end of device
[  337.507346][T16966] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  337.513611][T16968] loop3: detected capacity change from 0 to 512
[  337.521488][T16966] syz.5.4151: attempt to access beyond end of device
[  337.521488][T16966] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  337.542140][T16966] syz.5.4151: attempt to access beyond end of device
[  337.542140][T16966] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  337.599283][T16982] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  337.608273][T16963] FAT-fs (loop0): Directory bread(block 64) failed
[  337.613272][T16968] EXT4-fs (loop3): 1 orphan inode deleted
[  337.614944][T16963] FAT-fs (loop0): Directory bread(block 65) failed
[  337.625982][T16968] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.627179][T16963] FAT-fs (loop0): Directory bread(block 66) failed
[  337.627203][T16963] FAT-fs (loop0): Directory bread(block 67) failed
[  337.660086][T16963] FAT-fs (loop0): Directory bread(block 68) failed
[  337.666615][T16963] FAT-fs (loop0): Directory bread(block 69) failed
[  337.673229][T16963] FAT-fs (loop0): Directory bread(block 70) failed
[  337.679775][T16963] FAT-fs (loop0): Directory bread(block 71) failed
[  337.686293][T16963] FAT-fs (loop0): Directory bread(block 72) failed
[  337.692902][T16963] FAT-fs (loop0): Directory bread(block 73) failed
[  337.702214][T16907] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:44: Failed to release dquot type 1
[  337.728105][T16968] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.803639][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.929012][T17002] loop0: detected capacity change from 0 to 2048
[  337.939123][T17002] EXT4-fs: Ignoring removed mblk_io_submit option
[  337.960143][T17006] lo speed is unknown, defaulting to 1000
[  337.981591][T17002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.047302][T17002] FAULT_INJECTION: forcing a failure.
[  338.047302][T17002] name failslab, interval 1, probability 0, space 0, times 0
[  338.060028][T17002] CPU: 1 UID: 0 PID: 17002 Comm: syz.0.4164 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  338.060058][T17002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  338.060068][T17002] Call Trace:
[  338.060074][T17002]  <TASK>
[  338.060082][T17002]  __dump_stack+0x1d/0x30
[  338.060104][T17002]  dump_stack_lvl+0xe8/0x140
[  338.060130][T17002]  dump_stack+0x15/0x1b
[  338.060143][T17002]  should_fail_ex+0x265/0x280
[  338.060180][T17002]  ? audit_log_d_path+0x8d/0x150
[  338.060212][T17002]  should_failslab+0x8c/0xb0
[  338.060236][T17002]  __kmalloc_cache_noprof+0x4c/0x320
[  338.060313][T17002]  audit_log_d_path+0x8d/0x150
[  338.060338][T17002]  audit_log_d_path_exe+0x42/0x70
[  338.060506][T17002]  audit_log_task+0x1e9/0x250
[  338.060535][T17002]  audit_seccomp+0x61/0x100
[  338.060630][T17002]  ? __seccomp_filter+0x68c/0x10d0
[  338.060653][T17002]  __seccomp_filter+0x69d/0x10d0
[  338.060720][T17002]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  338.060752][T17002]  ? vfs_write+0x75e/0x8e0
[  338.060775][T17002]  ? __rcu_read_unlock+0x4f/0x70
[  338.060844][T17002]  ? __fget_files+0x184/0x1c0
[  338.060937][T17002]  __secure_computing+0x82/0x150
[  338.061036][T17002]  syscall_trace_enter+0xcf/0x1e0
[  338.061084][T17002]  do_syscall_64+0xac/0x200
[  338.061166][T17002]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  338.061186][T17002]  ? clear_bhb_loop+0x40/0x90
[  338.061228][T17002]  ? clear_bhb_loop+0x40/0x90
[  338.061306][T17002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.061327][T17002] RIP: 0033:0x7fdb10bde929
[  338.061343][T17002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.061361][T17002] RSP: 002b:00007fdb0f247038 EFLAGS: 00000246 ORIG_RAX: 0000000000000080
[  338.061381][T17002] RAX: ffffffffffffffda RBX: 00007fdb10e05fa0 RCX: 00007fdb10bde929
[  338.061396][T17002] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  338.061409][T17002] RBP: 00007fdb0f247090 R08: 0000000000000000 R09: 0000000000000000
[  338.061469][T17002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.061487][T17002] R13: 0000000000000000 R14: 00007fdb10e05fa0 R15: 00007fffe2b42378
[  338.061505][T17002]  </TASK>
[  338.322470][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.335376][T17013] 9pnet_fd: Insufficient options for proto=fd
[  338.346790][T17013] loop3: detected capacity change from 0 to 1024
[  338.353716][T17013] EXT4-fs: Ignoring removed orlov option
[  338.359477][T17013] EXT4-fs: Ignoring removed nomblk_io_submit option
[  338.377060][T17013] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.432580][T17027] loop5: detected capacity change from 0 to 1024
[  338.447263][T17027] EXT4-fs: Ignoring removed orlov option
[  338.453198][T17027] EXT4-fs: Ignoring removed nomblk_io_submit option
[  338.469465][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.576184][T17027] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.631220][T17041] lo speed is unknown, defaulting to 1000
[  338.703956][T17056] loop3: detected capacity change from 0 to 256
[  338.728063][T17056] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  338.744700][T17061] loop0: detected capacity change from 0 to 128
[  338.753687][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.764495][T17061] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  338.772354][T17061] FAT-fs (loop0): Filesystem has been set read-only
[  338.794868][T17056] FAT-fs (loop3): Directory bread(block 64) failed
[  338.807168][T17056] FAT-fs (loop3): Directory bread(block 65) failed
[  338.817568][T17061] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  338.825474][T17061] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  338.834622][T17056] FAT-fs (loop3): Directory bread(block 66) failed
[  338.841266][T17056] FAT-fs (loop3): Directory bread(block 67) failed
[  338.844165][T17061] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  338.847868][T17056] FAT-fs (loop3): Directory bread(block 68) failed
[  338.862510][T17056] FAT-fs (loop3): Directory bread(block 69) failed
[  338.869201][T17056] FAT-fs (loop3): Directory bread(block 70) failed
[  338.877119][T17056] FAT-fs (loop3): Directory bread(block 71) failed
[  338.877627][T17061] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  338.883667][T17056] FAT-fs (loop3): Directory bread(block 72) failed
[  338.883686][T17056] FAT-fs (loop3): Directory bread(block 73) failed
[  338.904743][T17061] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  339.040990][T17077] loop5: detected capacity change from 0 to 512
[  339.048152][T17077] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  339.072071][T17079] lo speed is unknown, defaulting to 1000
[  339.089541][T17077] EXT4-fs (loop5): 1 truncate cleaned up
[  339.095647][T17077] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.196832][T17077] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  339.312924][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.535973][T17100] loop3: detected capacity change from 0 to 512
[  339.556894][T17100] ext4: Unknown parameter 'permit_directio'
[  339.613774][T17100] loop3: detected capacity change from 0 to 512
[  339.634828][T17100] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  339.670115][T17100] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  339.687349][T17100] System zones: 0-2, 18-18, 34-34
[  339.714526][T17100] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.734810][T17100] ext4 filesystem being mounted at /242/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  339.826218][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.861286][T17127] loop0: detected capacity change from 0 to 512
[  339.887197][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.894704][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.902265][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.934068][T17133] loop3: detected capacity change from 0 to 2048
[  339.944094][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.951655][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.959892][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.967493][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.975016][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.982491][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.990037][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  339.997418][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.004819][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.012328][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.020302][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.027700][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.035127][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.042585][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.050032][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.057498][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.064931][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.072440][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.079887][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.087375][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.094837][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.102322][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.109752][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.117339][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.124853][T11908] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  340.135492][T17134] sd 0:0:1:0: device reset
[  340.150933][T11908] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  340.171882][T17127] EXT4-fs (loop0): 1 orphan inode deleted
[  340.182383][T17127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.198580][T17133] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.235467][T17127] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  340.274286][T16913] __quota_error: 663 callbacks suppressed
[  340.274301][T16913] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  340.289977][T16913] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:50: Failed to release dquot type 1
[  340.318229][T17133] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  340.341971][T17133] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  340.354308][T17133] EXT4-fs (loop3): This should not happen!! Data will be lost
[  340.354308][T17133] 
[  340.364079][T17133] EXT4-fs (loop3): Total free blocks count 0
[  340.370105][T17133] EXT4-fs (loop3): Free/Dirty block details
[  340.376161][T17133] EXT4-fs (loop3): free_blocks=2415919504
[  340.382155][T17133] EXT4-fs (loop3): dirty_blocks=16
[  340.387122][T17147] __nla_validate_parse: 8 callbacks suppressed
[  340.387136][T17147] netlink: 5560 bytes leftover after parsing attributes in process `syz.2.4215'.
[  340.387256][T17133] EXT4-fs (loop3): Block reservation details
[  340.408861][T17133] EXT4-fs (loop3): i_reserved_data_blocks=1
[  340.475030][T17124] syz.4.4208 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  340.489283][T17124] CPU: 0 UID: 0 PID: 17124 Comm: syz.4.4208 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  340.489345][T17124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  340.489358][T17124] Call Trace:
[  340.489365][T17124]  <TASK>
[  340.489372][T17124]  __dump_stack+0x1d/0x30
[  340.489392][T17124]  dump_stack_lvl+0xe8/0x140
[  340.489412][T17124]  dump_stack+0x15/0x1b
[  340.489430][T17124]  dump_header+0x81/0x220
[  340.489524][T17124]  oom_kill_process+0x334/0x3f0
[  340.489556][T17124]  out_of_memory+0x979/0xb80
[  340.489627][T17124]  try_charge_memcg+0x5e6/0x9e0
[  340.489729][T17124]  obj_cgroup_charge_pages+0xa6/0x150
[  340.489808][T17124]  __memcg_kmem_charge_page+0x9f/0x170
[  340.489873][T17124]  __alloc_frozen_pages_noprof+0x188/0x360
[  340.489906][T17124]  alloc_pages_mpol+0xb3/0x250
[  340.489934][T17124]  alloc_pages_noprof+0x90/0x130
[  340.489961][T17124]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  340.490052][T17124]  __kvmalloc_node_noprof+0x30f/0x4e0
[  340.490079][T17124]  ? ip_set_alloc+0x1f/0x30
[  340.490102][T17124]  ? ip_set_alloc+0x1f/0x30
[  340.490210][T17124]  ? __kmalloc_cache_noprof+0x189/0x320
[  340.490236][T17124]  ip_set_alloc+0x1f/0x30
[  340.490303][T17124]  hash_netiface_create+0x282/0x740
[  340.490471][T17124]  ? __pfx_hash_netiface_create+0x10/0x10
[  340.490503][T17124]  ip_set_create+0x3c9/0x960
[  340.490541][T17124]  ? __nla_parse+0x40/0x60
[  340.490630][T17124]  nfnetlink_rcv_msg+0x4c3/0x590
[  340.490666][T17124]  ? selinux_capable+0x1f9/0x270
[  340.490731][T17124]  netlink_rcv_skb+0x120/0x220
[  340.490763][T17124]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  340.490807][T17124]  nfnetlink_rcv+0x16b/0x1690
[  340.490830][T17124]  ? __kfree_skb+0x109/0x150
[  340.490856][T17124]  ? nlmon_xmit+0x4f/0x60
[  340.490937][T17124]  ? consume_skb+0x49/0x150
[  340.490963][T17124]  ? nlmon_xmit+0x4f/0x60
[  340.491057][T17124]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  340.491085][T17124]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  340.491113][T17124]  ? __dev_queue_xmit+0x182/0x1fb0
[  340.491170][T17124]  ? skb_clone+0x151/0x1f0
[  340.491193][T17124]  ? ref_tracker_free+0x37d/0x3e0
[  340.491264][T17124]  ? __netlink_deliver_tap+0x4dc/0x500
[  340.491302][T17124]  netlink_unicast+0x59e/0x670
[  340.491333][T17124]  netlink_sendmsg+0x58b/0x6b0
[  340.491351][T17124]  ? __pfx_netlink_sendmsg+0x10/0x10
[  340.491389][T17124]  __sock_sendmsg+0x145/0x180
[  340.491414][T17124]  ____sys_sendmsg+0x31e/0x4e0
[  340.491467][T17124]  ___sys_sendmsg+0x17b/0x1d0
[  340.491589][T17124]  __x64_sys_sendmsg+0xd4/0x160
[  340.491625][T17124]  x64_sys_call+0x2999/0x2fb0
[  340.491673][T17124]  do_syscall_64+0xd2/0x200
[  340.491690][T17124]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  340.491714][T17124]  ? clear_bhb_loop+0x40/0x90
[  340.491810][T17124]  ? clear_bhb_loop+0x40/0x90
[  340.491829][T17124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.491891][T17124] RIP: 0033:0x7f0b36dce929
[  340.491907][T17124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.491923][T17124] RSP: 002b:00007f0b35437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  340.491941][T17124] RAX: ffffffffffffffda RBX: 00007f0b36ff5fa0 RCX: 00007f0b36dce929
[  340.491954][T17124] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  340.491969][T17124] RBP: 00007f0b36e50b39 R08: 0000000000000000 R09: 0000000000000000
[  340.491981][T17124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  340.492031][T17124] R13: 0000000000000000 R14: 00007f0b36ff5fa0 R15: 00007ffd6681f9d8
[  340.492047][T17124]  </TASK>
[  340.492066][T17124] memory: usage 307200kB, limit 307200kB, failcnt 654
[  340.847736][T17124] memory+swap: usage 308420kB, limit 9007199254740988kB, failcnt 0
[  340.855643][T17124] kmem: usage 307108kB, limit 9007199254740988kB, failcnt 0
[  340.862998][T17124] Memory cgroup stats for /syz4:
[  340.863584][T17124] cache 8192
[  340.871795][T17124] rss 0
[  340.874749][T17124] shmem 0
[  340.877036][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.877807][T17124] mapped_file 0
[  340.890182][T17124] dirty 0
[  340.893178][T17124] writeback 0
[  340.896455][T17124] workingset_refault_anon 332
[  340.901221][T17124] workingset_refault_file 809
[  340.905891][T17124] swap 1249280
[  340.909288][T17124] swapcached 8192
[  340.912911][T17124] pgpgin 322837
[  340.916478][T17124] pgpgout 322814
[  340.920071][T17124] pgfault 360404
[  340.923610][T17124] pgmajfault 271
[  340.927366][T17124] inactive_anon 0
[  340.931177][T17124] active_anon 8192
[  340.934938][T17124] inactive_file 0
[  340.938569][T17124] active_file 86016
[  340.942418][T17124] unevictable 0
[  340.945873][T17124] hierarchical_memory_limit 314572800
[  340.951264][T17124] hierarchical_memsw_limit 9223372036854771712
[  340.957411][T17124] total_cache 8192
[  340.961158][T17124] total_rss 0
[  340.964438][T17124] total_shmem 0
[  340.967899][T17124] total_mapped_file 0
[  340.971911][T17124] total_dirty 0
[  340.975394][T17124] total_writeback 0
[  340.977049][T17159] loop0: detected capacity change from 0 to 512
[  340.979207][T17124] total_workingset_refault_anon 332
[  340.979218][T17124] total_workingset_refault_file 809
[  340.979227][T17124] total_swap 1249280
[  340.979235][T17124] total_swapcached 8192
[  340.987793][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  340.990643][T17124] total_pgpgin 322837
[  340.990652][T17124] total_pgpgout 322814
[  340.990717][T17124] total_pgfault 360404
[  340.995847][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  340.999725][T17124] total_pgmajfault 271
[  340.999736][T17124] total_inactive_anon 0
[  340.999743][T17124] total_active_anon 8192
[  341.003909][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.011280][T17124] total_inactive_file 0
[  341.011291][T17124] total_active_file 86016
[  341.011298][T17124] total_unevictable 0
[  341.011306][T17124] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4208,pid=17122,uid=0
[  341.011379][T17124] Memory cgroup out of memory: Killed process 17122 (syz.4.4208) total-vm:93752kB, anon-rss:936kB, file-rss:22052kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  341.096228][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.096309][T17162] sd 0:0:1:0: device reset
[  341.103744][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.115531][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.122954][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.130447][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.137900][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.138571][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.145400][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.162076][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.169578][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.176960][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.208950][T17159] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  341.235862][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.243403][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.248127][T17159] EXT4-fs (loop0): mount failed
[  341.250846][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.250905][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.270548][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.277937][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.285633][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.293061][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.300466][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.307864][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.315322][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.322723][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.330191][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.337585][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.345055][T11908] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  341.426965][T17168] loop5: detected capacity change from 0 to 128
[  341.439054][T11908] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  341.498989][T17168] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  341.506987][T17168] FAT-fs (loop5): Filesystem has been set read-only
[  341.513732][T17171] loop0: detected capacity change from 0 to 2048
[  341.523830][T17168] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  341.531833][T17168] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  341.644259][T17171] Alternate GPT is invalid, using primary GPT.
[  341.650614][T17171]  loop0: p2 p3 p7
[  341.666032][T17180] buffer_io_error: 24382 callbacks suppressed
[  341.666117][T17180] Buffer I/O error on dev loop5, logical block 2065, async page read
[  341.667797][T17182] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4228'.
[  341.672581][T17180] Buffer I/O error on dev loop5, logical block 2066, async page read
[  341.692445][T17182] bridge0: port 5(batadv3) entered blocking state
[  341.704104][T17182] bridge0: port 5(batadv3) entered disabled state
[  341.712942][T17180] Buffer I/O error on dev loop5, logical block 2067, async page read
[  341.721202][T17180] Buffer I/O error on dev loop5, logical block 2068, async page read
[  341.731114][T17182] batadv3: entered allmulticast mode
[  341.737078][T17182] batadv3: entered promiscuous mode
[  341.747943][T17180] Buffer I/O error on dev loop5, logical block 2069, async page read
[  341.758064][T17180] Buffer I/O error on dev loop5, logical block 2070, async page read
[  341.769537][T17180] Buffer I/O error on dev loop5, logical block 2071, async page read
[  341.777748][T17180] Buffer I/O error on dev loop5, logical block 2072, async page read
[  341.786789][T17187] netlink: 5560 bytes leftover after parsing attributes in process `syz.4.4229'.
[  341.789399][T17180] Buffer I/O error on dev loop5, logical block 2065, async page read
[  341.808150][T17180] Buffer I/O error on dev loop5, logical block 2066, async page read
[  341.969668][T17200] loop3: detected capacity change from 0 to 512
[  341.987902][T17200] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  342.015639][T17200] EXT4-fs (loop3): mount failed
[  342.188745][T16878] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  342.197984][T16878] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  342.287315][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.294767][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.302177][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.309741][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.317153][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.324589][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.332027][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.339454][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.346911][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.354340][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.361776][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.369213][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.376645][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.384581][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.392015][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.399421][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.406875][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.413190][T17208] sd 0:0:1:0: device reset
[  342.414293][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.426088][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.433490][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.440912][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.448314][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.455806][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.463222][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.470650][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.478028][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.485432][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.493021][T11908] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  342.532359][T11908] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  342.606634][T17221] loop0: detected capacity change from 0 to 512
[  342.613377][T17221] ext4: Unknown parameter 'permit_directio'
[  342.628240][   T29] audit: type=1326 audit(2000000066.609:13207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  342.655819][T17221] loop0: detected capacity change from 0 to 512
[  342.663341][T17222] netlink: 'syz.5.4240': attribute type 1 has an invalid length.
[  342.671198][T17222] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4240'.
[  342.680483][   T29] audit: type=1326 audit(2000000066.639:13208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  342.704116][   T29] audit: type=1326 audit(2000000066.639:13209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  342.704283][T17221] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  342.727737][   T29] audit: type=1326 audit(2000000066.639:13210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  342.727759][   T29] audit: type=1326 audit(2000000066.639:13211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdb10bde963 code=0x7ffc0000
[  342.779720][T17221] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  342.783379][   T29] audit: type=1326 audit(2000000066.639:13212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdb10bdd3df code=0x7ffc0000
[  342.797499][T17221] System zones: 
[  342.814695][   T29] audit: type=1326 audit(2000000066.639:13213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdb10bde9b7 code=0x7ffc0000
[  342.814721][   T29] audit: type=1326 audit(2000000066.639:13214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb10bdd290 code=0x7ffc0000
[  342.818251][T17221] 0-2, 18-18, 34-34
[  342.823738][T17221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.841757][   T29] audit: type=1326 audit(2000000066.639:13215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17220 comm="syz.0.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb10bde52b code=0x7ffc0000
[  342.865491][T17221] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.994037][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.023041][T17235] lo speed is unknown, defaulting to 1000
[  343.111821][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.119268][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.122901][T17250] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4248'.
[  343.126655][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.135672][T17250] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4248'.
[  343.143116][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.159399][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.166878][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.174303][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.181812][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.189232][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.195123][T17241] loop0: detected capacity change from 0 to 2048
[  343.196614][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.210414][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.217865][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.225332][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.233707][T17253] sd 0:0:1:0: device reset
[  343.241101][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.243872][T17241] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.248566][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.248592][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.275365][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.282774][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.290192][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.297583][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.305076][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.312552][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.319960][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.327377][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.334812][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.342374][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.349771][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.357320][T11908] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  343.368355][T11908] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  343.859332][T17286] lo speed is unknown, defaulting to 1000
[  343.910932][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.934550][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  343.942059][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  343.949547][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  343.958576][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  343.966097][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  343.973620][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  343.981231][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  343.988682][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  343.996102][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.003534][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.011026][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.018559][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.026048][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.033734][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.041178][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.048561][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.056057][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.063493][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.070901][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.078327][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.085743][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.093156][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.100635][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.108165][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.115596][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.123009][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.130522][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.137979][T11908] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  344.145836][T11908] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  344.156993][T17295] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4267'.
[  344.166088][T17295] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4267'.
[  344.192390][T17299] loop0: detected capacity change from 0 to 128
[  344.230897][T17302] netlink: 8 bytes leftover after parsing attributes in process `����H�A?���N'.
[  344.567177][T17333] loop3: detected capacity change from 0 to 512
[  344.574402][T17333] ext4: Unknown parameter 'permit_directio'
[  344.595184][T17333] loop3: detected capacity change from 0 to 512
[  344.608539][T17333] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  344.634355][T17333] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  344.649479][T17333] System zones: 0-2, 18-18, 34-34
[  344.655485][T17333] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.263677][T17342] netlink: 8 bytes leftover after parsing attributes in process `����H�A?���N'.
[  345.450370][T17364] FAULT_INJECTION: forcing a failure.
[  345.450370][T17364] name failslab, interval 1, probability 0, space 0, times 0
[  345.463143][T17364] CPU: 1 UID: 0 PID: 17364 Comm: syz.2.4294 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  345.463180][T17364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  345.463192][T17364] Call Trace:
[  345.463198][T17364]  <TASK>
[  345.463205][T17364]  __dump_stack+0x1d/0x30
[  345.463288][T17364]  dump_stack_lvl+0xe8/0x140
[  345.463306][T17364]  dump_stack+0x15/0x1b
[  345.463319][T17364]  should_fail_ex+0x265/0x280
[  345.463346][T17364]  should_failslab+0x8c/0xb0
[  345.463437][T17364]  kmem_cache_alloc_node_noprof+0x57/0x320
[  345.463466][T17364]  ? __alloc_skb+0x101/0x320
[  345.463494][T17364]  __alloc_skb+0x101/0x320
[  345.463529][T17364]  ? avc_has_perm+0xd3/0x150
[  345.463555][T17364]  alloc_skb_with_frags+0x7d/0x470
[  345.463583][T17364]  ? selinux_file_open+0x2df/0x330
[  345.463658][T17364]  ? should_fail_ex+0xdb/0x280
[  345.463746][T17364]  sock_alloc_send_pskb+0x43a/0x4f0
[  345.463771][T17364]  tun_get_user+0x8d3/0x2500
[  345.463796][T17364]  ? ref_tracker_alloc+0x1f2/0x2f0
[  345.463822][T17364]  ? selinux_file_permission+0x1e4/0x320
[  345.463879][T17364]  tun_chr_write_iter+0x15e/0x210
[  345.463977][T17364]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  345.464048][T17364]  vfs_write+0x4a0/0x8e0
[  345.464079][T17364]  ksys_write+0xda/0x1a0
[  345.464172][T17364]  __x64_sys_write+0x40/0x50
[  345.464235][T17364]  x64_sys_call+0x2cdd/0x2fb0
[  345.464334][T17364]  do_syscall_64+0xd2/0x200
[  345.464349][T17364]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  345.464389][T17364]  ? clear_bhb_loop+0x40/0x90
[  345.464409][T17364]  ? clear_bhb_loop+0x40/0x90
[  345.464535][T17364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.464624][T17364] RIP: 0033:0x7f9af162e929
[  345.464639][T17364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.464698][T17364] RSP: 002b:00007f9aefc97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  345.464718][T17364] RAX: ffffffffffffffda RBX: 00007f9af1855fa0 RCX: 00007f9af162e929
[  345.464731][T17364] RDX: 000000000000fd6c RSI: 0000200000000280 RDI: 0000000000000008
[  345.464744][T17364] RBP: 00007f9aefc97090 R08: 0000000000000000 R09: 0000000000000000
[  345.464755][T17364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.464798][T17364] R13: 0000000000000000 R14: 00007f9af1855fa0 R15: 00007ffeb2264188
[  345.464871][T17364]  </TASK>
[  345.710973][T17358] loop0: detected capacity change from 0 to 512
[  345.756680][   T29] kauditd_printk_skb: 256 callbacks suppressed
[  345.756695][   T29] audit: type=1326 audit(2000000069.739:13472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68499e929 code=0x7ffc0000
[  345.767013][T17358] EXT4-fs (loop0): 1 orphan inode deleted
[  345.794723][T17358] EXT4-fs mount: 2 callbacks suppressed
[  345.794752][T17358] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.822059][T16928] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  345.822472][T17358] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.831864][T16928] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:65: Failed to release dquot type 1
[  345.841471][   T29] audit: type=1326 audit(2000000069.739:13473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb68499e929 code=0x7ffc0000
[  345.877731][   T29] audit: type=1326 audit(2000000069.739:13474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68499e929 code=0x7ffc0000
[  345.901445][   T29] audit: type=1326 audit(2000000069.739:13475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fb68499e929 code=0x7ffc0000
[  345.925191][   T29] audit: type=1326 audit(2000000069.739:13476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68499e929 code=0x7ffc0000
[  345.948875][   T29] audit: type=1326 audit(2000000069.739:13477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb68499e929 code=0x7ffc0000
[  345.972474][   T29] audit: type=1326 audit(2000000069.739:13478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68499e929 code=0x7ffc0000
[  345.996210][   T29] audit: type=1326 audit(2000000069.739:13479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb68499d290 code=0x7ffc0000
[  346.019809][   T29] audit: type=1326 audit(2000000069.739:13480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17367 comm="syz.3.4295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb68499d290 code=0x7ffc0000
[  346.057507][T17369] loop3: detected capacity change from 0 to 2048
[  346.088127][T17369] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  346.096583][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.150020][T17391] netlink: 176 bytes leftover after parsing attributes in process `syz.2.4304'.
[  346.197423][T17391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4304'.
[  346.207154][T17391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4304'.
[  346.237773][T17398] loop5: detected capacity change from 0 to 2048
[  346.253885][T17398] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  346.269406][T17398] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  346.284457][T17398] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  346.296688][T17398] EXT4-fs (loop5): This should not happen!! Data will be lost
[  346.296688][T17398] 
[  346.306434][T17398] EXT4-fs (loop5): Total free blocks count 0
[  346.312513][T17398] EXT4-fs (loop5): Free/Dirty block details
[  346.318428][T17398] EXT4-fs (loop5): free_blocks=2415919504
[  346.324176][T17398] EXT4-fs (loop5): dirty_blocks=16
[  346.329349][T17398] EXT4-fs (loop5): Block reservation details
[  346.335327][T17398] EXT4-fs (loop5): i_reserved_data_blocks=1
[  346.376990][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.442840][T17409] loop5: detected capacity change from 0 to 128
[  346.510700][T17415] netlink: 8 bytes leftover after parsing attributes in process `����H�A?���N'.
[  346.548231][T17424] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4316'.
[  346.557275][T17424] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4316'.
[  346.601016][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.648772][T17434] loop3: detected capacity change from 0 to 2048
[  346.664488][T17434] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  346.679570][T17434] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  346.694540][T17434] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  346.706824][T17434] EXT4-fs (loop3): This should not happen!! Data will be lost
[  346.706824][T17434] 
[  346.716492][T17434] EXT4-fs (loop3): Total free blocks count 0
[  346.722601][T17434] EXT4-fs (loop3): Free/Dirty block details
[  346.728489][T17434] EXT4-fs (loop3): free_blocks=2415919504
[  346.734284][T17434] EXT4-fs (loop3): dirty_blocks=16
[  346.739437][T17434] EXT4-fs (loop3): Block reservation details
[  346.745414][T17434] EXT4-fs (loop3): i_reserved_data_blocks=1
[  346.754612][T17426] loop5: detected capacity change from 0 to 2048
[  346.783895][T17426] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.074669][T17459] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4329'.
[  347.083840][T17459] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4329'.
[  347.185312][T17467] lo speed is unknown, defaulting to 1000
[  347.213191][T17460] loop0: detected capacity change from 0 to 2048
[  347.243814][T17460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.265857][T17473] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4332'.
[  347.294335][T17473] bridge0: port 9(batadv7) entered blocking state
[  347.300934][T17473] bridge0: port 9(batadv7) entered disabled state
[  347.314675][T17473] batadv7: entered allmulticast mode
[  347.333684][T17473] batadv7: entered promiscuous mode
[  347.446273][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.497626][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.547354][T17483] loop5: detected capacity change from 0 to 512
[  347.564730][T17483] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  347.591708][T17483] EXT4-fs (loop5): mount failed
[  347.653266][T17487] loop3: detected capacity change from 0 to 512
[  347.762830][T17494] tipc: New replicast peer: 0.0.255.255
[  347.768451][T17494] tipc: Enabled bearer <udp:s>, priority 10
[  347.771216][T17487] EXT4-fs (loop3): 1 orphan inode deleted
[  347.790803][   T41] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  347.790950][T17487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.806904][T16902] batman_adv: batadv7: No IGMP Querier present - multicast optimizations disabled
[  347.824320][T16902] batman_adv: batadv7: No MLD Querier present - multicast optimizations disabled
[  347.847661][T17487] ext4 filesystem being mounted at /262/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.873102][T17501] loop5: detected capacity change from 0 to 1024
[  347.881410][T17501] EXT4-fs: Ignoring removed nobh option
[  347.887209][T17501] EXT4-fs: Ignoring removed mblk_io_submit option
[  347.899558][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.909065][T17501] EXT4-fs: Ignoring removed oldalloc option
[  347.910568][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.915080][T17501] EXT4-fs: Ignoring removed bh option
[  347.936144][T17501] EXT4-fs: Mount option(s) incompatible with ext2
[  347.951093][T17504] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4341'.
[  348.027368][T17510] bridge0: port 7(batadv4) entered blocking state
[  348.033991][T17510] bridge0: port 7(batadv4) entered disabled state
[  348.041109][T17510] batadv4: entered allmulticast mode
[  348.047071][T17510] batadv4: entered promiscuous mode
[  348.060101][T17512] pim6reg1: entered promiscuous mode
[  348.065426][T17512] pim6reg1: entered allmulticast mode
[  348.159545][T17524] loop3: detected capacity change from 0 to 512
[  348.175403][T17524] ext4: Unknown parameter 'permit_directio'
[  348.204922][T17524] loop3: detected capacity change from 0 to 512
[  348.211306][T17526] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  348.217853][T17526] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  348.225592][T17526] vhci_hcd vhci_hcd.0: Device attached
[  348.244835][T17524] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  348.270902][T17524] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  348.283277][T17524] System zones: 0-2, 18-18, 34-34
[  348.292281][T17524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.312815][T17524] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.324228][T17527] vhci_hcd: connection closed
[  348.324450][   T41] vhci_hcd: stop threads
[  348.333529][   T41] vhci_hcd: release socket
[  348.337951][   T41] vhci_hcd: disconnect device
[  348.351828][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.437373][T17547] bridge0: port 6(batadv4) entered blocking state
[  348.443916][T17547] bridge0: port 6(batadv4) entered disabled state
[  348.450574][T17547] batadv4: entered allmulticast mode
[  348.456327][T17547] batadv4: entered promiscuous mode
[  348.528874][T16902] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  348.538187][T16902] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  348.873697][T17557] loop5: detected capacity change from 0 to 2048
[  348.880188][ T3393] tipc: Node number set to 700372695
[  348.910943][T17557] Alternate GPT is invalid, using primary GPT.
[  348.917281][T17557]  loop5: p2 p3 p7
[  348.939445][T16875] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  348.948696][T16875] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  349.300837][T17575] 9pnet_fd: Insufficient options for proto=fd
[  349.334308][T17577] program syz.2.4371 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  349.496120][T17581] loop5: detected capacity change from 0 to 2048
[  349.516047][T17581] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.705281][T17606] 9pnet_fd: Insufficient options for proto=fd
[  349.721640][T17606] loop3: detected capacity change from 0 to 1024
[  349.725265][T17608] pim6reg1: entered promiscuous mode
[  349.728424][T17606] EXT4-fs: Ignoring removed orlov option
[  349.733325][T17608] pim6reg1: entered allmulticast mode
[  349.739212][T17606] EXT4-fs: Ignoring removed nomblk_io_submit option
[  349.760722][T17606] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.788239][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.136002][T17617] program syz.2.4385 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  350.236593][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.345355][T17628] loop5: detected capacity change from 0 to 512
[  350.373063][T17628] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  350.388507][T17628] EXT4-fs (loop5): mount failed
[  350.440313][T17637] loop5: detected capacity change from 0 to 128
[  350.448862][T17637] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  350.456769][T17637] FAT-fs (loop5): Filesystem has been set read-only
[  350.467862][T17637] bio_check_eod: 74922 callbacks suppressed
[  350.467875][T17637] syz.5.4393: attempt to access beyond end of device
[  350.467875][T17637] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  350.508068][T17637] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  350.515977][T17637] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  350.526345][T17641] loop0: detected capacity change from 0 to 512
[  350.533755][T17640] syz.5.4393: attempt to access beyond end of device
[  350.533755][T17640] loop5: rw=0, sector=2065, nr_sectors = 1 limit=128
[  350.547210][T17640] buffer_io_error: 40246 callbacks suppressed
[  350.547222][T17640] Buffer I/O error on dev loop5, logical block 2065, async page read
[  350.547685][T17641] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  350.571061][T17640] syz.5.4393: attempt to access beyond end of device
[  350.571061][T17640] loop5: rw=0, sector=2066, nr_sectors = 1 limit=128
[  350.584336][T17640] Buffer I/O error on dev loop5, logical block 2066, async page read
[  350.592945][T17640] syz.5.4393: attempt to access beyond end of device
[  350.592945][T17640] loop5: rw=0, sector=2067, nr_sectors = 1 limit=128
[  350.606223][T17640] Buffer I/O error on dev loop5, logical block 2067, async page read
[  350.616099][T17640] syz.5.4393: attempt to access beyond end of device
[  350.616099][T17640] loop5: rw=0, sector=2068, nr_sectors = 1 limit=128
[  350.629413][T17640] Buffer I/O error on dev loop5, logical block 2068, async page read
[  350.638462][T17640] syz.5.4393: attempt to access beyond end of device
[  350.638462][T17640] loop5: rw=0, sector=2069, nr_sectors = 1 limit=128
[  350.651745][T17640] Buffer I/O error on dev loop5, logical block 2069, async page read
[  350.660053][T17640] syz.5.4393: attempt to access beyond end of device
[  350.660053][T17640] loop5: rw=0, sector=2070, nr_sectors = 1 limit=128
[  350.669880][T17650] program syz.0.4398 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  350.673303][T17640] Buffer I/O error on dev loop5, logical block 2070, async page read
[  350.690900][T17640] syz.5.4393: attempt to access beyond end of device
[  350.690900][T17640] loop5: rw=0, sector=2071, nr_sectors = 1 limit=128
[  350.704160][T17640] Buffer I/O error on dev loop5, logical block 2071, async page read
[  350.712408][T17640] syz.5.4393: attempt to access beyond end of device
[  350.712408][T17640] loop5: rw=0, sector=2072, nr_sectors = 1 limit=128
[  350.725675][T17640] Buffer I/O error on dev loop5, logical block 2072, async page read
[  350.733952][T17637] syz.5.4393: attempt to access beyond end of device
[  350.733952][T17637] loop5: rw=0, sector=2065, nr_sectors = 1 limit=128
[  350.736837][T17652] bridge0: port 10(batadv8) entered blocking state
[  350.747220][T17637] Buffer I/O error on dev loop5, logical block 2065, async page read
[  350.752653][T17637] Buffer I/O error on dev loop5, logical block 2066, async page read
[  350.753847][T17652] bridge0: port 10(batadv8) entered disabled state
[  350.786312][T17652] batadv8: entered allmulticast mode
[  350.797074][T17652] batadv8: entered promiscuous mode
[  350.837424][T17656] loop0: detected capacity change from 0 to 2048
[  350.846162][T17658] loop3: detected capacity change from 0 to 512
[  350.860954][T17658] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  350.877803][T17658] EXT4-fs (loop3): mount failed
[  350.901533][T17656] Alternate GPT is invalid, using primary GPT.
[  350.908051][T17656]  loop0: p2 p3 p7
[  351.239232][T16875] batman_adv: batadv8: No IGMP Querier present - multicast optimizations disabled
[  351.248472][T16875] batman_adv: batadv8: No MLD Querier present - multicast optimizations disabled
[  351.289370][T17685] pim6reg1: entered promiscuous mode
[  351.294708][T17685] pim6reg1: entered allmulticast mode
[  351.478623][T17703] lo speed is unknown, defaulting to 1000
[  351.549455][T17711] loop0: detected capacity change from 0 to 1024
[  351.557633][T17711] EXT4-fs: Ignoring removed orlov option
[  351.563352][T17711] EXT4-fs: Ignoring removed nomblk_io_submit option
[  351.611020][T17711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.636431][T17717] __nla_validate_parse: 15 callbacks suppressed
[  351.636446][T17717] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4410'.
[  351.651850][T17717] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4410'.
[  351.816104][T17721] lo speed is unknown, defaulting to 1000
[  351.929843][T17730] loop3: detected capacity change from 0 to 512
[  351.938010][T17730] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  352.057765][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.081714][   T29] kauditd_printk_skb: 660 callbacks suppressed
[  352.081727][   T29] audit: type=1326 audit(2000000076.069:14140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.111496][   T29] audit: type=1326 audit(2000000076.069:14141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.135074][   T29] audit: type=1326 audit(2000000076.069:14142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.158712][   T29] audit: type=1326 audit(2000000076.069:14143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.192233][   T29] audit: type=1326 audit(2000000076.169:14144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.215888][   T29] audit: type=1326 audit(2000000076.169:14145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.239483][   T29] audit: type=1326 audit(2000000076.169:14146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.263199][   T29] audit: type=1326 audit(2000000076.169:14147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.286894][   T29] audit: type=1326 audit(2000000076.169:14148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.310509][   T29] audit: type=1326 audit(2000000076.169:14149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.0.4427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb10bde929 code=0x7ffc0000
[  352.372815][T17707] syz.5.4416 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  352.383891][T17707] CPU: 1 UID: 0 PID: 17707 Comm: syz.5.4416 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  352.383924][T17707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  352.383935][T17707] Call Trace:
[  352.383941][T17707]  <TASK>
[  352.383949][T17707]  __dump_stack+0x1d/0x30
[  352.383969][T17707]  dump_stack_lvl+0xe8/0x140
[  352.383991][T17707]  dump_stack+0x15/0x1b
[  352.384007][T17707]  dump_header+0x81/0x220
[  352.384109][T17707]  oom_kill_process+0x334/0x3f0
[  352.384139][T17707]  out_of_memory+0x979/0xb80
[  352.384164][T17707]  try_charge_memcg+0x5e6/0x9e0
[  352.384189][T17707]  charge_memcg+0x51/0xc0
[  352.384218][T17707]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  352.384277][T17707]  __read_swap_cache_async+0x1df/0x350
[  352.384310][T17707]  swap_cluster_readahead+0x277/0x3e0
[  352.384421][T17707]  swapin_readahead+0xde/0x6f0
[  352.384451][T17707]  ? __filemap_get_folio+0x4f7/0x6b0
[  352.384483][T17707]  ? __rcu_read_unlock+0x34/0x70
[  352.384502][T17707]  ? swap_cache_get_folio+0x77/0x200
[  352.384589][T17707]  do_swap_page+0x301/0x2430
[  352.384611][T17707]  ? css_rstat_updated+0xcd/0x5b0
[  352.384642][T17707]  ? __pfx_default_wake_function+0x10/0x10
[  352.384668][T17707]  handle_mm_fault+0x9a5/0x2be0
[  352.384767][T17707]  ? mas_walk+0xf2/0x120
[  352.384797][T17707]  do_user_addr_fault+0x636/0x1090
[  352.384832][T17707]  exc_page_fault+0x62/0xa0
[  352.384894][T17707]  asm_exc_page_fault+0x26/0x30
[  352.384915][T17707] RIP: 0033:0x7f0618e61347
[  352.384932][T17707] Code: 2f fb ff ff eb a6 b8 01 00 00 00 48 81 c4 b8 00 00 00 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 44 00 00 80 3d 62 68 36 00 00 <48> 8b 47 10 48 8b 4f 18 74 1f 48 8b 30 89 f2 83 c6 02 48 8d 04 f0
[  352.385028][T17707] RSP: 002b:00007ffe9711b8a8 EFLAGS: 00010202
[  352.385045][T17707] RAX: 0000000000000001 RBX: 00007f06191c5fa0 RCX: 0000000000055f00
[  352.385058][T17707] RDX: 0000000000000143 RSI: 00007ffe9711b890 RDI: 00007f06191c6038
[  352.385072][T17707] RBP: 00007f06191c7ba0 R08: 00007f06191c5fa0 R09: 7fffffffffffffff
[  352.385136][T17707] R10: 3fffffffffffffff R11: 0000000000000293 R12: 0000000000056033
[  352.385271][T17707] R13: 00007f06191c6080 R14: ffffffffffffffff R15: 00007ffe9711b9c0
[  352.385287][T17707]  </TASK>
[  352.385293][T17707] memory: usage 307200kB, limit 307200kB, failcnt 1023
[  352.493614][T17746] loop0: detected capacity change from 0 to 2048
[  352.495249][T17707] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[  352.618808][T17707] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[  352.626088][T17707] Memory cgroup stats for /syz5:
[  352.626702][T17707] cache 0
[  352.627772][T17746] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.631655][T17707] rss 0
[  352.631664][T17707] shmem 0
[  352.631671][T17707] mapped_file 0
[  352.655703][T17707] dirty 0
[  352.658700][T17707] writeback 0
[  352.662026][T17707] workingset_refault_anon 361
[  352.666699][T17707] workingset_refault_file 37
[  352.671305][T17707] swap 200704
[  352.674584][T17707] swapcached 4096
[  352.678208][T17707] pgpgin 191037
[  352.681689][T17707] pgpgout 191034
[  352.685228][T17707] pgfault 215802
[  352.688791][T17707] pgmajfault 216
[  352.692344][T17707] inactive_anon 0
[  352.696030][T17707] active_anon 4096
[  352.699758][T17707] inactive_file 0
[  352.703401][T17707] active_file 8192
[  352.707117][T17707] unevictable 0
[  352.710594][T17707] hierarchical_memory_limit 314572800
[  352.715971][T17707] hierarchical_memsw_limit 9223372036854771712
[  352.722138][T17707] total_cache 0
[  352.725603][T17707] total_rss 0
[  352.728906][T17707] total_shmem 0
[  352.732351][T17707] total_mapped_file 0
[  352.736395][T17707] total_dirty 0
[  352.739909][T17707] total_writeback 0
[  352.743708][T17707] total_workingset_refault_anon 361
[  352.748913][T17707] total_workingset_refault_file 37
[  352.754025][T17707] total_swap 200704
[  352.757899][T17707] total_swapcached 4096
[  352.762075][T17707] total_pgpgin 191037
[  352.766055][T17707] total_pgpgout 191034
[  352.770140][T17707] total_pgfault 215802
[  352.774204][T17707] total_pgmajfault 216
[  352.778268][T17707] total_inactive_anon 0
[  352.782486][T17707] total_active_anon 4096
[  352.786715][T17707] total_inactive_file 0
[  352.790869][T17707] total_active_file 8192
[  352.795156][T17707] total_unevictable 0
[  352.799182][T17707] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.4416,pid=17707,uid=0
[  352.813894][T17707] Memory cgroup out of memory: Killed process 17707 (syz.5.4416) total-vm:93752kB, anon-rss:1064kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  352.857582][T17758] lo speed is unknown, defaulting to 1000
[  352.908786][T17768] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4432'.
[  352.938288][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.954142][T17768] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4432'.
[  352.967172][T17770] loop3: detected capacity change from 0 to 128
[  352.981467][T17770] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  352.989397][T17770] FAT-fs (loop3): Filesystem has been set read-only
[  353.002663][T17770] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  353.010547][T17770] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  353.121744][T17781] loop0: detected capacity change from 0 to 1024
[  353.128519][T17781] EXT4-fs: Ignoring removed orlov option
[  353.134341][T17781] EXT4-fs: Ignoring removed nomblk_io_submit option
[  353.533119][T17803] loop5: detected capacity change from 0 to 512
[  353.593213][T17803] EXT4-fs (loop5): can't mount with data_err=abort, fs mounted w/o journal
[  353.628148][T17781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.726748][T17807] xt_connbytes: Forcing CT accounting to be enabled
[  353.750734][T17807] set match dimension is over the limit!
[  353.790303][T17807] loop5: detected capacity change from 0 to 512
[  353.831088][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.840636][T17807] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  353.864713][T17807] EXT4-fs (loop5): orphan cleanup on readonly fs
[  353.950499][T17807] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm +}[@: corrupted inode contents
[  353.966187][T17807] EXT4-fs (loop5): Remounting filesystem read-only
[  353.973317][T17807] EXT4-fs (loop5): 1 truncate cleaned up
[  353.984312][T16866] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  353.994950][T16866] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  354.010401][T16866] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  354.036837][T17807] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  354.110249][T17825] pim6reg1: entered promiscuous mode
[  354.115587][T17825] pim6reg1: entered allmulticast mode
[  354.132267][T17823] loop0: detected capacity change from 0 to 2048
[  354.159053][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.178376][T17823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.195935][T17832] netlink: 'syz.5.4453': attribute type 1 has an invalid length.
[  354.203810][T17832] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4453'.
[  354.220483][T17823] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4449'.
[  354.250879][T17838] loop3: detected capacity change from 0 to 128
[  354.263421][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.289118][T17838] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  354.296953][T17838] FAT-fs (loop3): Filesystem has been set read-only
[  354.330315][T17843] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4458'.
[  354.343020][T17843] bridge0: port 11(batadv9) entered blocking state
[  354.344241][T17838] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  354.349586][T17843] bridge0: port 11(batadv9) entered disabled state
[  354.357387][T17838] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  354.364118][T17843] batadv9: entered allmulticast mode
[  354.378213][T17843] batadv9: entered promiscuous mode
[  354.406034][T17847] loop0: detected capacity change from 0 to 512
[  354.435755][T17847] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  354.444010][T17847] EXT4-fs (loop0): orphan cleanup on readonly fs
[  354.456003][T17847] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.4459: corrupted inode contents
[  354.468373][T17847] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.4459: mark_inode_dirty error
[  354.468481][T17853] netlink: 'syz.2.4461': attribute type 21 has an invalid length.
[  354.495894][T17847] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.4459: corrupted inode contents
[  354.526532][T17847] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.4459: mark_inode_dirty error
[  354.555594][T17855] lo speed is unknown, defaulting to 1000
[  354.573182][T17855] lo speed is unknown, defaulting to 1000
[  354.587561][T17847] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.4459: corrupted inode contents
[  354.609528][T17855] lo speed is unknown, defaulting to 1000
[  354.616259][T17855] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  354.619322][T17847] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  354.627883][T17855] lo speed is unknown, defaulting to 1000
[  354.637808][T17847] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.4459: corrupted inode contents
[  354.638054][T17855] lo speed is unknown, defaulting to 1000
[  354.655809][T17855] lo speed is unknown, defaulting to 1000
[  354.662081][T17855] lo speed is unknown, defaulting to 1000
[  354.662353][T17847] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.4459: mark_inode_dirty error
[  354.674829][T17855] lo speed is unknown, defaulting to 1000
[  354.678998][T17859] 9pnet: Could not find request transport: 0xffffffffffffffff
[  354.692406][T17855] lo speed is unknown, defaulting to 1000
[  354.698425][T17847] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  354.725142][T17847] EXT4-fs (loop0): 1 truncate cleaned up
[  354.735352][T17855] lo speed is unknown, defaulting to 1000
[  354.830024][T16865] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:15: Failed to release dquot type 1
[  354.846991][T17847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  354.859836][T16925] batman_adv: batadv9: No IGMP Querier present - multicast optimizations disabled
[  354.869060][T16925] batman_adv: batadv9: No MLD Querier present - multicast optimizations disabled
[  354.893933][T17872] pim6reg1: entered promiscuous mode
[  354.899269][T17872] pim6reg1: entered allmulticast mode
[  354.938327][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.024636][T17881] loop0: detected capacity change from 0 to 1024
[  355.036116][T17881] EXT4-fs: Ignoring removed orlov option
[  355.042046][T17881] EXT4-fs: Ignoring removed nomblk_io_submit option
[  355.077155][T17881] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.158321][T17892] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4473'.
[  355.176702][T17892] bridge0: port 7(batadv5) entered blocking state
[  355.183244][T17892] bridge0: port 7(batadv5) entered disabled state
[  355.196546][T17892] batadv5: entered allmulticast mode
[  355.202897][T17892] batadv5: entered promiscuous mode
[  355.237731][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.251421][T17898] netlink: 176 bytes leftover after parsing attributes in process `syz.3.4474'.
[  355.376208][T17908] FAULT_INJECTION: forcing a failure.
[  355.376208][T17908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.389423][T17908] CPU: 0 UID: 0 PID: 17908 Comm: syz.3.4478 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  355.389489][T17908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  355.389499][T17908] Call Trace:
[  355.389505][T17908]  <TASK>
[  355.389513][T17908]  __dump_stack+0x1d/0x30
[  355.389534][T17908]  dump_stack_lvl+0xe8/0x140
[  355.389575][T17908]  dump_stack+0x15/0x1b
[  355.389592][T17908]  should_fail_ex+0x265/0x280
[  355.389669][T17908]  should_fail+0xb/0x20
[  355.389696][T17908]  should_fail_usercopy+0x1a/0x20
[  355.389791][T17908]  _copy_from_user+0x1c/0xb0
[  355.389873][T17908]  memdup_user+0x5e/0xd0
[  355.389897][T17908]  strndup_user+0x68/0xb0
[  355.389927][T17908]  __se_sys_mount+0x4d/0x2e0
[  355.389942][T17908]  ? fput+0x8f/0xc0
[  355.389961][T17908]  ? ksys_write+0x192/0x1a0
[  355.389992][T17908]  __x64_sys_mount+0x67/0x80
[  355.390010][T17908]  x64_sys_call+0xd36/0x2fb0
[  355.390073][T17908]  do_syscall_64+0xd2/0x200
[  355.390093][T17908]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  355.390189][T17908]  ? clear_bhb_loop+0x40/0x90
[  355.390210][T17908]  ? clear_bhb_loop+0x40/0x90
[  355.390232][T17908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.390254][T17908] RIP: 0033:0x7fb68499e929
[  355.390270][T17908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.390325][T17908] RSP: 002b:00007fb683007038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  355.390345][T17908] RAX: ffffffffffffffda RBX: 00007fb684bc5fa0 RCX: 00007fb68499e929
[  355.390357][T17908] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  355.390369][T17908] RBP: 00007fb683007090 R08: 0000200000000240 R09: 0000000000000000
[  355.390382][T17908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.390395][T17908] R13: 0000000000000000 R14: 00007fb684bc5fa0 R15: 00007fff69b30d88
[  355.390449][T17908]  </TASK>
[  355.599648][T17909] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4476'.
[  355.683926][T16865] batman_adv: batadv5: No IGMP Querier present - multicast optimizations disabled
[  355.693179][T16865] batman_adv: batadv5: No MLD Querier present - multicast optimizations disabled
[  355.804960][T17925] bridge0: port 12(batadv10) entered blocking state
[  355.811753][T17925] bridge0: port 12(batadv10) entered disabled state
[  355.824654][T17927] loop3: detected capacity change from 0 to 512
[  355.834867][T17925] batadv10: entered allmulticast mode
[  355.844085][T17927] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  355.854486][T17927] EXT4-fs (loop3): orphan cleanup on readonly fs
[  355.872236][T17925] batadv10: entered promiscuous mode
[  355.889779][T17927] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm +}[@: corrupted inode contents
[  355.901439][T17927] EXT4-fs (loop3): Remounting filesystem read-only
[  355.908174][T17927] EXT4-fs (loop3): 1 truncate cleaned up
[  355.914052][T16865] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  355.924734][T16865] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  355.946735][T16865] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  355.975215][T17927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  356.034946][T17927] FAULT_INJECTION: forcing a failure.
[  356.034946][T17927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.048306][T17927] CPU: 0 UID: 0 PID: 17927 Comm: +}[@ Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  356.048408][T17927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  356.048420][T17927] Call Trace:
[  356.048427][T17927]  <TASK>
[  356.048435][T17927]  __dump_stack+0x1d/0x30
[  356.048456][T17927]  dump_stack_lvl+0xe8/0x140
[  356.048472][T17927]  dump_stack+0x15/0x1b
[  356.048537][T17927]  should_fail_ex+0x265/0x280
[  356.048563][T17927]  should_fail+0xb/0x20
[  356.048587][T17927]  should_fail_usercopy+0x1a/0x20
[  356.048689][T17927]  strncpy_from_user+0x25/0x230
[  356.048742][T17927]  ? kmem_cache_alloc_noprof+0x186/0x310
[  356.048765][T17927]  ? getname_flags+0x80/0x3b0
[  356.048808][T17927]  getname_flags+0xae/0x3b0
[  356.048826][T17927]  user_path_at+0x28/0x130
[  356.048846][T17927]  __se_sys_name_to_handle_at+0xff/0x5d0
[  356.048866][T17927]  ? ksys_write+0x192/0x1a0
[  356.048969][T17927]  __x64_sys_name_to_handle_at+0x67/0x80
[  356.048986][T17927]  x64_sys_call+0x279f/0x2fb0
[  356.049083][T17927]  do_syscall_64+0xd2/0x200
[  356.049098][T17927]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  356.049119][T17927]  ? clear_bhb_loop+0x40/0x90
[  356.049136][T17927]  ? clear_bhb_loop+0x40/0x90
[  356.049196][T17927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.049215][T17927] RIP: 0033:0x7fb68499e929
[  356.049228][T17927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.049318][T17927] RSP: 002b:00007fb683007038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  356.049336][T17927] RAX: ffffffffffffffda RBX: 00007fb684bc5fa0 RCX: 00007fb68499e929
[  356.049347][T17927] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  356.049358][T17927] RBP: 00007fb683007090 R08: 0000000000000200 R09: 0000000000000000
[  356.049371][T17927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.049381][T17927] R13: 0000000000000000 R14: 00007fb684bc5fa0 R15: 00007fff69b30d88
[  356.049402][T17927]  </TASK>
[  356.298044][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.312714][T17937] program syz.4.4488 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  356.323421][T17808] batman_adv: batadv10: No IGMP Querier present - multicast optimizations disabled
[  356.332770][T17808] batman_adv: batadv10: No MLD Querier present - multicast optimizations disabled
[  356.386497][T17948] pim6reg1: entered promiscuous mode
[  356.391885][T17948] pim6reg1: entered allmulticast mode
[  356.458299][T17954] vlan2: entered allmulticast mode
[  356.772023][T17988] loop0: detected capacity change from 0 to 2048
[  356.805613][T17988] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  356.831523][T17988] __nla_validate_parse: 5 callbacks suppressed
[  356.831540][T17988] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4506'.
[  356.867804][T17986] loop3: detected capacity change from 0 to 2048
[  356.879200][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.896524][T17986] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.023335][T17998] loop0: detected capacity change from 0 to 512
[  357.036673][T17998] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  357.052018][T17998] tmpfs: Bad value for 'nr_inodes'
[  357.252254][T18005] loop0: detected capacity change from 0 to 1024
[  357.259148][T18005] EXT4-fs: Ignoring removed orlov option
[  357.264842][T18005] EXT4-fs: Ignoring removed nomblk_io_submit option
[  357.291756][   T29] kauditd_printk_skb: 336 callbacks suppressed
[  357.291830][   T29] audit: type=1326 audit(2000000081.279:14473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.329756][T18009] netdevsim netdevsim5: Direct firmware load for ./file0 failed with error -2
[  357.347932][   T29] audit: type=1326 audit(2000000081.309:14474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.351250][T18005] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.371496][   T29] audit: type=1326 audit(2000000081.309:14475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.407312][   T29] audit: type=1326 audit(2000000081.309:14476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.431059][   T29] audit: type=1326 audit(2000000081.309:14477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.454826][   T29] audit: type=1326 audit(2000000081.309:14478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.478402][   T29] audit: type=1326 audit(2000000081.309:14479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.501989][   T29] audit: type=1326 audit(2000000081.309:14480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.525477][   T29] audit: type=1326 audit(2000000081.309:14481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.549085][   T29] audit: type=1326 audit(2000000081.309:14482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18008 comm="syz.5.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f0618f9e929 code=0x7ffc0000
[  357.592677][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.635554][T18029] 9pnet_fd: Insufficient options for proto=fd
[  357.653041][T18029] loop5: detected capacity change from 0 to 1024
[  357.660883][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.672112][T18029] EXT4-fs: Ignoring removed orlov option
[  357.677808][T18029] EXT4-fs: Ignoring removed nomblk_io_submit option
[  357.693955][T18031] loop3: detected capacity change from 0 to 512
[  357.703884][T18031] ext4: Unknown parameter 'permit_directio'
[  357.704652][T18029] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.737503][T18037] netlink: 176 bytes leftover after parsing attributes in process `syz.2.4519'.
[  357.760842][T18039] loop3: detected capacity change from 0 to 512
[  357.768199][T18039] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  357.777817][ T9871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.779214][T18039] tmpfs: Bad value for 'nr_inodes'
[  357.826072][T18041] loop5: detected capacity change from 0 to 2048
[  357.845448][T18033] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.865828][T18041] Alternate GPT is invalid, using primary GPT.
[  357.872280][T18041]  loop5: p2 p3 p7
[  357.886350][T18051] lo speed is unknown, defaulting to 1000
[  357.892893][T18051] lo speed is unknown, defaulting to 1000
[  357.913107][T18033] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.984941][T18033] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.040608][T18033] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.111749][T18055] loop3: detected capacity change from 0 to 2048
[  358.156779][T18033] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.181298][T18033] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.192130][T18055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.194868][T18033] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.229052][T18033] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.278760][T18077] lo speed is unknown, defaulting to 1000
[  358.284946][T18077] lo speed is unknown, defaulting to 1000
[  358.292396][T18080] FAULT_INJECTION: forcing a failure.
[  358.292396][T18080] name failslab, interval 1, probability 0, space 0, times 0
[  358.305224][T18080] CPU: 0 UID: 0 PID: 18080 Comm: syz.4.4532 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  358.305320][T18080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.305331][T18080] Call Trace:
[  358.305336][T18080]  <TASK>
[  358.305342][T18080]  __dump_stack+0x1d/0x30
[  358.305361][T18080]  dump_stack_lvl+0xe8/0x140
[  358.305377][T18080]  dump_stack+0x15/0x1b
[  358.305468][T18080]  should_fail_ex+0x265/0x280
[  358.305496][T18080]  should_failslab+0x8c/0xb0
[  358.305520][T18080]  kmem_cache_alloc_node_noprof+0x57/0x320
[  358.305599][T18080]  ? __alloc_skb+0x101/0x320
[  358.305684][T18080]  __alloc_skb+0x101/0x320
[  358.305709][T18080]  ? audit_log_start+0x365/0x6c0
[  358.305819][T18080]  audit_log_start+0x380/0x6c0
[  358.305854][T18080]  audit_seccomp+0x48/0x100
[  358.305914][T18080]  ? __seccomp_filter+0x68c/0x10d0
[  358.306012][T18080]  __seccomp_filter+0x69d/0x10d0
[  358.306032][T18080]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  358.306124][T18080]  ? vfs_write+0x75e/0x8e0
[  358.306280][T18080]  ? __rcu_read_unlock+0x4f/0x70
[  358.306308][T18080]  __secure_computing+0x82/0x150
[  358.306329][T18080]  syscall_trace_enter+0xcf/0x1e0
[  358.306351][T18080]  do_syscall_64+0xac/0x200
[  358.306370][T18080]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  358.306429][T18080]  ? clear_bhb_loop+0x40/0x90
[  358.306447][T18080]  ? clear_bhb_loop+0x40/0x90
[  358.306489][T18080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.306511][T18080] RIP: 0033:0x7f0b36dce929
[  358.306527][T18080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.306545][T18080] RSP: 002b:00007f0b35437038 EFLAGS: 00000246 ORIG_RAX: 000000000000006b
[  358.306563][T18080] RAX: ffffffffffffffda RBX: 00007f0b36ff5fa0 RCX: 00007f0b36dce929
[  358.306575][T18080] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  358.306648][T18080] RBP: 00007f0b35437090 R08: 0000000000000000 R09: 0000000000000000
[  358.306661][T18080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.306674][T18080] R13: 0000000000000000 R14: 00007f0b36ff5fa0 R15: 00007ffd6681f9d8
[  358.306743][T18080]  </TASK>
[  358.590470][T18086] lo speed is unknown, defaulting to 1000
[  358.597693][T18086] lo speed is unknown, defaulting to 1000
[  358.735231][T18095] netlink: 8 bytes leftover after parsing attributes in process `����H�A?���N'.
[  358.803477][T18103] loop0: detected capacity change from 0 to 512
[  358.827541][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.855213][T18103] ext4: Unknown parameter 'permit_directio'
[  358.867541][T18108] xt_connbytes: Forcing CT accounting to be enabled
[  358.874270][T18108] set match dimension is over the limit!
[  358.883723][T18108] loop3: detected capacity change from 0 to 512
[  358.903250][T18108] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  358.912332][T18108] EXT4-fs (loop3): orphan cleanup on readonly fs
[  358.932047][T18108] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm +}[@: corrupted inode contents
[  358.954333][T18108] EXT4-fs (loop3): Remounting filesystem read-only
[  358.954510][T18108] EXT4-fs (loop3): 1 truncate cleaned up
[  358.955217][T16865] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  358.977832][T16865] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  358.999207][T16865] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  359.002087][T18116] lo speed is unknown, defaulting to 1000
[  359.009858][T18108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  359.028426][T18120] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4540'.
[  359.037506][T18120] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4540'.
[  359.070836][T18116] lo speed is unknown, defaulting to 1000
[  359.222665][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.313384][T18133] netlink: 8 bytes leftover after parsing attributes in process `����H�A?���N'.
[  359.442711][T18142] pim6reg1: entered promiscuous mode
[  359.448091][T18142] pim6reg1: entered allmulticast mode
[  359.495162][T18144] FAULT_INJECTION: forcing a failure.
[  359.495162][T18144] name failslab, interval 1, probability 0, space 0, times 0
[  359.507948][T18144] CPU: 0 UID: 0 PID: 18144 Comm: syz.0.4557 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  359.507972][T18144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  359.508052][T18144] Call Trace:
[  359.508058][T18144]  <TASK>
[  359.508066][T18144]  __dump_stack+0x1d/0x30
[  359.508084][T18144]  dump_stack_lvl+0xe8/0x140
[  359.508105][T18144]  dump_stack+0x15/0x1b
[  359.508122][T18144]  should_fail_ex+0x265/0x280
[  359.508187][T18144]  should_failslab+0x8c/0xb0
[  359.508319][T18144]  kmem_cache_alloc_node_noprof+0x57/0x320
[  359.508357][T18144]  ? __alloc_skb+0x101/0x320
[  359.508456][T18144]  __alloc_skb+0x101/0x320
[  359.508488][T18144]  ? avc_has_perm+0xd3/0x150
[  359.508548][T18144]  alloc_skb_with_frags+0x7d/0x470
[  359.508579][T18144]  ? selinux_file_open+0x2df/0x330
[  359.508604][T18144]  ? __rcu_read_unlock+0x4f/0x70
[  359.508628][T18144]  sock_alloc_send_pskb+0x43a/0x4f0
[  359.508673][T18144]  ? terminate_walk+0x27f/0x2a0
[  359.508695][T18144]  tun_get_user+0x8d3/0x2500
[  359.508786][T18144]  ? ref_tracker_alloc+0x1f2/0x2f0
[  359.508812][T18144]  ? selinux_file_permission+0x1e4/0x320
[  359.508846][T18144]  tun_chr_write_iter+0x15e/0x210
[  359.508943][T18144]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  359.509023][T18144]  vfs_write+0x4a0/0x8e0
[  359.509058][T18144]  ksys_write+0xda/0x1a0
[  359.509097][T18144]  __x64_sys_write+0x40/0x50
[  359.509132][T18144]  x64_sys_call+0x2cdd/0x2fb0
[  359.509152][T18144]  do_syscall_64+0xd2/0x200
[  359.509167][T18144]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  359.509193][T18144]  ? clear_bhb_loop+0x40/0x90
[  359.509277][T18144]  ? clear_bhb_loop+0x40/0x90
[  359.509299][T18144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.509375][T18144] RIP: 0033:0x7fdb10bde929
[  359.509391][T18144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.509540][T18144] RSP: 002b:00007fdb0f247038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  359.509582][T18144] RAX: ffffffffffffffda RBX: 00007fdb10e05fa0 RCX: 00007fdb10bde929
[  359.509594][T18144] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 00000000000000c8
[  359.509605][T18144] RBP: 00007fdb0f247090 R08: 0000000000000000 R09: 0000000000000000
[  359.509615][T18144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.509626][T18144] R13: 0000000000000000 R14: 00007fdb10e05fa0 R15: 00007fffe2b42378
[  359.509697][T18144]  </TASK>
[  359.776371][T18148] Falling back ldisc for ttyS3.
[  359.830556][T18156] lo speed is unknown, defaulting to 1000
[  359.836630][T18156] lo speed is unknown, defaulting to 1000
[  359.883631][T18146] loop3: detected capacity change from 0 to 2048
[  359.915791][T18146] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.016126][T18164] infiniband syz!: set down
[  360.020723][T18164] infiniband syz!: added team_slave_0
[  360.047486][T18168] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4562'.
[  360.056445][T18168] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4562'.
[  360.070108][T18168] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4562'.
[  360.081244][T18167] FAULT_INJECTION: forcing a failure.
[  360.081244][T18167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  360.083930][T18164] RDS/IB: syz!: added
[  360.094385][T18167] CPU: 0 UID: 0 PID: 18167 Comm: syz.4.4563 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  360.094425][T18167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  360.094438][T18167] Call Trace:
[  360.094445][T18167]  <TASK>
[  360.094454][T18167]  __dump_stack+0x1d/0x30
[  360.094524][T18167]  dump_stack_lvl+0xe8/0x140
[  360.094544][T18167]  dump_stack+0x15/0x1b
[  360.094560][T18167]  should_fail_ex+0x265/0x280
[  360.094589][T18167]  should_fail+0xb/0x20
[  360.094669][T18167]  should_fail_usercopy+0x1a/0x20
[  360.094760][T18167]  strncpy_from_user+0x25/0x230
[  360.094783][T18167]  ? kmem_cache_alloc_noprof+0x186/0x310
[  360.094807][T18167]  ? getname_flags+0x80/0x3b0
[  360.094881][T18167]  getname_flags+0xae/0x3b0
[  360.094903][T18167]  __x64_sys_unlink+0x21/0x40
[  360.094931][T18167]  x64_sys_call+0x22a6/0x2fb0
[  360.094977][T18167]  do_syscall_64+0xd2/0x200
[  360.094995][T18167]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  360.095052][T18167]  ? clear_bhb_loop+0x40/0x90
[  360.095072][T18167]  ? clear_bhb_loop+0x40/0x90
[  360.095092][T18167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.095118][T18167] RIP: 0033:0x7f0b36dce929
[  360.095145][T18167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.095162][T18167] RSP: 002b:00007f0b35437038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  360.095181][T18167] RAX: ffffffffffffffda RBX: 00007f0b36ff5fa0 RCX: 00007f0b36dce929
[  360.095193][T18167] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  360.095206][T18167] RBP: 00007f0b35437090 R08: 0000000000000000 R09: 0000000000000000
[  360.095218][T18167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  360.095296][T18167] R13: 0000000000000000 R14: 00007f0b36ff5fa0 R15: 00007ffd6681f9d8
[  360.095320][T18167]  </TASK>
[  360.212090][T18168] hub 6-0:1.0: USB hub found
[  360.308283][T18164] smc: adding ib device syz! with port count 1
[  360.329061][T18164] smc:    ib device syz! port 1 has pnetid 
[  360.342687][T18168] hub 6-0:1.0: 8 ports detected
[  360.361477][T18179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4565'.
[  360.384349][T18179] bridge0: port 9(batadv7) entered blocking state
[  360.390931][T18179] bridge0: port 9(batadv7) entered disabled state
[  360.417503][T18179] batadv7: entered allmulticast mode
[  360.435686][T18179] batadv7: entered promiscuous mode
[  360.558545][T18186] netlink: 'syz.2.4571': attribute type 21 has an invalid length.
[  360.610201][T12604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.646601][T18190] loop0: detected capacity change from 0 to 512
[  360.666801][T18190] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  360.689082][T18190] EXT4-fs (loop0): orphan cleanup on readonly fs
[  360.721653][T18190] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.4574: corrupted inode contents
[  360.738091][T18190] EXT4-fs (loop0): Remounting filesystem read-only
[  360.748945][T18190] EXT4-fs (loop0): 1 truncate cleaned up
[  360.754687][T17808] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  360.765280][T17808] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  360.782922][T18197] netlink: zone id is out of range
[  360.788139][T18197] netlink: zone id is out of range
[  360.794177][T18197] netlink: zone id is out of range
[  360.799381][T18197] netlink: zone id is out of range
[  360.804504][T18197] netlink: zone id is out of range
[  360.809629][T18197] netlink: zone id is out of range
[  360.816977][T18197] netlink: zone id is out of range
[  360.822321][T17808] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  360.832561][T18197] netlink: zone id is out of range
[  360.837682][T18197] netlink: zone id is out of range
[  360.843518][T18190] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  360.869179][T18197] netlink: del zone limit has 8 unknown bytes
[  360.888037][T12885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.888047][T18200] loop3: detected capacity change from 0 to 128
[  360.888147][T12885] ==================================================================
[  360.888179][T12885] BUG: KCSAN: data-race in data_push_tail / vsnprintf
[  360.888221][T12885] 
[  360.888229][T12885] write to 0xffffffff88e52f37 of 32 bytes by task 18200 on cpu 1:
[  360.888246][T12885]  vsnprintf+0x2ce/0x890
[  360.888270][T12885]  vscnprintf+0x41/0x90
[  360.888293][T12885]  printk_sprint+0x30/0x2d0
[  360.888310][T12885]  vprintk_store+0x599/0x860
[  360.888329][T12885]  vprintk_emit+0x178/0x650
[  360.888348][T12885]  vprintk_default+0x26/0x30
[  360.888368][T12885]  vprintk+0x1d/0x30
[  360.888390][T12885]  _printk+0x79/0xa0
[  360.888414][T12885]  set_capacity_and_notify+0x14c/0x1f0
[  360.888444][T12885]  loop_set_size+0x2e/0x70
[  360.888460][T12885]  loop_configure+0x8d3/0xa50
[  360.888485][T12885]  lo_ioctl+0x559/0x15d0
[  360.888507][T12885]  blkdev_ioctl+0x34f/0x440
[  360.888536][T12885]  __se_sys_ioctl+0xce/0x140
[  360.888561][T12885]  __x64_sys_ioctl+0x43/0x50
[  360.888585][T12885]  x64_sys_call+0x19a8/0x2fb0
[  360.888607][T12885]  do_syscall_64+0xd2/0x200
[  360.888626][T12885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.888647][T12885] 
[  360.888654][T12885] read to 0xffffffff88e52f38 of 8 bytes by task 12885 on cpu 0:
[  360.888671][T12885]  data_push_tail+0xfd/0x420
[  360.888701][T12885]  data_alloc+0xbf/0x2b0
[  360.888728][T12885]  prb_reserve+0x808/0xaf0
[  360.888755][T12885]  vprintk_store+0x56d/0x860
[  360.888773][T12885]  vprintk_emit+0x178/0x650
[  360.888792][T12885]  vprintk_default+0x26/0x30
[  360.888812][T12885]  vprintk+0x1d/0x30
[  360.888835][T12885]  _printk+0x79/0xa0
[  360.888862][T12885]  __ext4_msg+0x18f/0x1a0
[  360.888883][T12885]  ext4_put_super+0x90/0x7d0
[  360.888907][T12885]  generic_shutdown_super+0xe3/0x210
[  360.888935][T12885]  kill_block_super+0x2a/0x70
[  360.888964][T12885]  ext4_kill_sb+0x42/0x80
[  360.888984][T12885]  deactivate_locked_super+0x72/0x1c0
[  360.889011][T12885]  deactivate_super+0x97/0xa0
[  360.889036][T12885]  cleanup_mnt+0x269/0x2e0
[  360.889058][T12885]  __cleanup_mnt+0x19/0x20
[  360.889079][T12885]  task_work_run+0x131/0x1a0
[  360.889102][T12885]  exit_to_user_mode_loop+0xe4/0x100
[  360.889125][T12885]  do_syscall_64+0x1d6/0x200
[  360.889143][T12885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.889165][T12885] 
[  360.889171][T12885] value changed: 0x0000000100000fcc -> 0x2064657463657465
[  360.889185][T12885] 
[  360.889198][T12885] Reported by Kernel Concurrency Sanitizer on:
[  360.889211][T12885] CPU: 0 UID: 0 PID: 12885 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  360.889236][T12885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  360.889249][T12885] ==================================================================
[  360.903710][T16925] batman_adv: batadv7: No IGMP Querier present - multicast optimizations disabled
[  360.929332][T18200] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  360.930073][T16925] batman_adv: batadv7: No MLD Querier present - multicast optimizations disabled
[  360.934268][T18200] FAT-fs (loop3): Filesystem has been set read-only
[  361.208726][T18200] bio_check_eod: 119056 callbacks suppressed
[  361.208742][T18200] syz.3.4576: attempt to access beyond end of device
[  361.208742][T18200] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  361.234296][T18200] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  361.242209][T18200] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  361.257680][T18201] syz.3.4576: attempt to access beyond end of device
[  361.257680][T18201] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128
[  361.271173][T18201] buffer_io_error: 98854 callbacks suppressed
[  361.271187][T18201] Buffer I/O error on dev loop3, logical block 2065, async page read
[  361.289412][T18201] syz.3.4576: attempt to access beyond end of device
[  361.289412][T18201] loop3: rw=0, sector=2066, nr_sectors = 1 limit=128
[  361.302741][T18201] Buffer I/O error on dev loop3, logical block 2066, async page read
[  361.311110][T18201] syz.3.4576: attempt to access beyond end of device
[  361.311110][T18201] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  361.324391][T18201] Buffer I/O error on dev loop3, logical block 2067, async page read
[  361.332632][T18201] syz.3.4576: attempt to access beyond end of device
[  361.332632][T18201] loop3: rw=0, sector=2068, nr_sectors = 1 limit=128
[  361.345908][T18201] Buffer I/O error on dev loop3, logical block 2068, async page read
[  361.354285][T18201] syz.3.4576: attempt to access beyond end of device
[  361.354285][T18201] loop3: rw=0, sector=2069, nr_sectors = 1 limit=128
[  361.367586][T18201] Buffer I/O error on dev loop3, logical block 2069, async page read
[  361.375859][T18201] syz.3.4576: attempt to access beyond end of device
[  361.375859][T18201] loop3: rw=0, sector=2070, nr_sectors = 1 limit=128
[  361.389175][T18201] Buffer I/O error on dev loop3, logical block 2070, async page read
[  361.397450][T18201] syz.3.4576: attempt to access beyond end of device
[  361.397450][T18201] loop3: rw=0, sector=2071, nr_sectors = 1 limit=128
[  361.410697][T18201] Buffer I/O error on dev loop3, logical block 2071, async page read
[  361.418977][T18201] syz.3.4576: attempt to access beyond end of device
[  361.418977][T18201] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  361.432210][T18201] Buffer I/O error on dev loop3, logical block 2072, async page read
[  361.442893][T18200] syz.3.4576: attempt to access beyond end of device
[  361.442893][T18200] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128
[  361.456207][T18200] Buffer I/O error on dev loop3, logical block 2065, async page read
[  361.464408][T18200] Buffer I/O error on dev loop3, logical block 2066, async page read