last executing test programs:

1m11.514548591s ago: executing program 4 (id=26):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1000401, &(0x7f00000000c0)={[{@resgid}, {@errors_continue}, {@noblock_validity}]}, 0x1, 0x497, &(0x7f0000001540)="$eJzs3MtvG8UfAPDvrvPoO/n1Vx59QAMFEVFImrRAD0gIBFIvSEhwgGNIQ1XqtqgJEq0q2iJUjoi/ADgi8RdwggsCTiCucEdIFeqlhQMyWns3cWLXuHYdh/rzkdaZ2dfM7OxkZ3e8DmBgTWQfScS2iPglIsZq0dUrTNT+3Lx+cf7P6xfnk6hUXv1jtLrejesX54tVi+225pHJNCL9MIm9TdJdPH/h1Fy5vHAuj08vnX5nevH8hSdPnp47sXBi4czs0aNHDs888/TsU3eknFm5bux5/+y+3cfe+OTl+Uq8+f2XWX635cvry1Ez3nWaEzERlUqlkq6aO1L9fLTrvW8s2yPiSh5OhvqcGdpWioisuoar7X8sSrFSeWPx0gd9zRzQU9n1abRhbin/O5RkyzfVrQvcTRLtGgZUccXP7n+Lab36HhvBteezz4Vq+W/mU23JUGT37cl47Y691KP0t0XE65f/+jSboulzCACAO+vrrP/zRLP+Xxr31q23Ix9DGY+IgxGxMyL+HxG7IuKeiOq690XE/beZfnX86cpKvLH/89PmjgvXhqz/92w+trW6/7c8ajNeymPbq+UfTt46WV44lB+TyRgezeIzLdL45sWfP77Vsom6/l82ZekXfcE8H78PrXlAd3xuaa6bMte7diViz1Cz8ifLIwFJROyOiD0d7D87Zicf/2JfFt6xtXH5v5e/lcsd5Gi1yucRj9Xq/3KsKX8hqQ2R3Gp8cnpTlBcOTRdnRaMffrz6Sn18uC7cXfm7l9X/lqbnf17+ohkU47WLbe54ZCV49deP8n02NuVOz/+R5LVVybw3t7R0biZiZCQa58+ubFvEi/Wz8k8eiLiaDwTXt/+dEX9/lm+3NyKyk/iBiHgwIvbneX8oIh6OiAMtDsV3LzzyduuD1d/6P96q/iPGk/rx+g4CpVPfflXsbLkq838u7dX/kWpoMp/Tzv+/djN4J44hAAAAbHRpdQw6SaeWw2k6NVX7Dv+u2JKWzy4uHZyId88cr41Vj8dwWjzpGqt7HjqTPxsu4rNr4ocj4n/Vbxptrsan5s+Wt/e78DDgtt6i/Wd+69WXXoCN47be10p6lw9g/XlfEwZX2+1/uLf5ANaf6z8MLu0fBlez9n8p4mYfsgKss9u6/j/Xu3wA669V+/fID+5u7v9hcGn/MJAaX4kvfqOhkzf9VwI7j3W1+QAFSj3ac9T/aEcPApH2/dB1Hkg3Qjb254HRiGh3q0s9rdO15w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/3z8BAAD//yxO2No=")
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0xfffffff7)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x84, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340), 0x0, 0x0, 0x1)

1m11.038551049s ago: executing program 4 (id=33):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x1, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x10}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f93f8e795a9b29420fa62d", 0x11}], 0x1}}], 0x1, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

1m10.839246112s ago: executing program 4 (id=34):
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, 0x0, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x52, &(0x7f0000000200)={@local, @local, @val={@void, {0x8100, 0x1, 0x0, 0x1}}, {@ipv6={0x86dd, @udp={0x0, 0x6, "a24b9f", 0x18, 0x2b, 0x1, @remote, @empty, {[], {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}}, 0x0)

1m10.806663483s ago: executing program 4 (id=35):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

1m10.765355563s ago: executing program 4 (id=37):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x5}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000002100)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0x18, @multicast1}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data}}}}}, 0x0)

1m10.36891363s ago: executing program 4 (id=44):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f0000000100)={[{@fat=@time_offset={'time_offset', 0x3d, 0x4f7}}, {@fat=@nocase}, {@nodots}, {@fat=@flush}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x7fff}}, {@nodots}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x4}}, {@fat=@quiet}, {@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x9}}, {@dots}, {@fat=@fmask={'fmask', 0x3d, 0x7fffffff}}, {@fat=@sys_immutable}, {@fat=@usefree}, {@fat=@check_normal}]}, 0x1, 0x23d, &(0x7f0000000a40)="$eJzs3cFqE0EcBvB/27Td9mLP4mHBi6eivkGQCOKCENmDnlyoXloR0svqKY/hM/hIPkZPva3YXZq6UQ+yySbu7wdhP/IxMHPJ5DCTvHvw8fzs0+WH6vvXSJI0RhHzuI44id3Yi9pO89y9yQdx1zwAgG0znRbjvudAh3aW3jmKiGI/Ig6XqvzbmmYFAAAAAAAAAABAx5z/B4Dhcf7//zebjYvj5vvbr5z/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpzXVX3qr+8+p4fANA9+z8ADI/9HwCGx/4PAMPz+s3bl+Msm0zTNIm4mpd5mdfPun/+Ips8Tm+cLEZdlWW+3+Rs8qTu03Z/3Ix/+tv+IB49rPuf3bNXWas/jLNVLx4AAAAAAAAAAAAAAAAAAAA2xGl6q3W/f6/uT//U1+nO7wO07u+P4v5obcsAAAAAAAAAAAAAAAAAAACArXb5+ct5cXHxfiYIt+Eo/mFUEpsxeaGT0PcnEwAAAAAAAAAAAAAAAAAADM/i0m/fMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/iz+/391oe81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMPwIwAA//++jJCI")
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = socket$xdp(0x2c, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x100000004)

1m10.36857742s ago: executing program 32 (id=44):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f0000000100)={[{@fat=@time_offset={'time_offset', 0x3d, 0x4f7}}, {@fat=@nocase}, {@nodots}, {@fat=@flush}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x7fff}}, {@nodots}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x4}}, {@fat=@quiet}, {@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x9}}, {@dots}, {@fat=@fmask={'fmask', 0x3d, 0x7fffffff}}, {@fat=@sys_immutable}, {@fat=@usefree}, {@fat=@check_normal}]}, 0x1, 0x23d, &(0x7f0000000a40)="$eJzs3cFqE0EcBvB/27Td9mLP4mHBi6eivkGQCOKCENmDnlyoXloR0svqKY/hM/hIPkZPva3YXZq6UQ+yySbu7wdhP/IxMHPJ5DCTvHvw8fzs0+WH6vvXSJI0RhHzuI44id3Yi9pO89y9yQdx1zwAgG0znRbjvudAh3aW3jmKiGI/Ig6XqvzbmmYFAAAAAAAAAABAx5z/B4Dhcf7//zebjYvj5vvbr5z/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpzXVX3qr+8+p4fANA9+z8ADI/9HwCGx/4PAMPz+s3bl+Msm0zTNIm4mpd5mdfPun/+Ips8Tm+cLEZdlWW+3+Rs8qTu03Z/3Ix/+tv+IB49rPuf3bNXWas/jLNVLx4AAAAAAAAAAAAAAAAAAAA2xGl6q3W/f6/uT//U1+nO7wO07u+P4v5obcsAAAAAAAAAAAAAAAAAAACArXb5+ct5cXHxfiYIt+Eo/mFUEpsxeaGT0PcnEwAAAAAAAAAAAAAAAAAADM/i0m/fMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/iz+/391oe81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMPwIwAA//++jJCI")
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = socket$xdp(0x2c, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x100000004)

3.653044241s ago: executing program 3 (id=859):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003140)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000300)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000100), 0x4) (fail_nth: 3)

3.366748246s ago: executing program 0 (id=861):
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000280)={0x2, 0x0, 0x98, &(0x7f00000001c0)={0x2d, 0xdd81, 0x7}})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x3}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'syztnl0\x00', <r5=>0x0, 0x4, 0x1, 0x3, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x34}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8000, 0x700, 0x367, 0x3}})
bind$packet(r2, &(0x7f00000003c0)={0x11, 0x7, r5, 0x1, 0x4b, 0x6, @link_local}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r4}, &(0x7f0000000a00), &(0x7f0000000a40)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r4}, &(0x7f0000000880), &(0x7f00000008c0)=r3}, 0x20)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r7, 0x0, 0xa20, 0x8000c64)
pwritev2(r7, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x2)

3.318487816s ago: executing program 3 (id=863):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$dupfd(r2, 0x406, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
socket(0x10, 0x2, 0x6)
r5 = socket(0x2, 0x3, 0xff)
sendto$inet(r5, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2.203464684s ago: executing program 3 (id=876):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x200000000000005e)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r2=>r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb2321, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000020001000900000001000000", @ANYRES32, @ANYRESHEX=r2, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000004000000000000000000000000f1520f5b39843b"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000019500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000162, &(0x7f0000000580)=ANY=[@ANYRES8=r5, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r6}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10) (async)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02}) (async)
readv(r7, &(0x7f0000000400)=[{&(0x7f0000002140)=""/4096, 0x1000}], 0x1) (async)
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$netlink(0xffffffffffffffff, &(0x7f00000003c0)={0x10, 0x0, 0x25dfdbfd, 0x4}, 0xc) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x18) (async)
sendto$inet(r0, &(0x7f0000000780)="25d7fe", 0x3, 0x1, 0x0, 0x0) (async)
io_uring_setup(0x5594, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x1, 0x1d2})
syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)

1.968646768s ago: executing program 3 (id=878):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000340)={0x24, 0x2, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x5}, @CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x40884}, 0x4040000)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
write$tun(r3, &(0x7f0000000280)={@void, @void, @mpls={[{0x1}, {0x1379, 0x0, 0x1}, {0x7cc79, 0x0, 0x1}, {}, {0x8}, {}], @ipv4=@igmp={{0x14, 0x4, 0x0, 0x1f, 0x112, 0x64, 0x0, 0x3f, 0x2, 0x0, @multicast2, @rand_addr=0x64010101, {[@lsrr={0x83, 0x27, 0xfd, [@dev={0xac, 0x14, 0x14, 0xf}, @private=0xa010100, @local, @remote, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x30}, @dev={0xac, 0x14, 0x14, 0x19}, @loopback, @local]}, @timestamp_addr={0x44, 0x14, 0x58, 0x1, 0x4, [{@rand_addr=0x64010101, 0x3}, {@empty, 0xcb1}]}, @noop]}}, {0x15, 0x5, 0x0, @private=0xa010100, "bf7c313302028ee27735d33a932c5cab43001c6e68ed1f9e7d2c1cc1b0cfde5a1ff9c946c3d8baba348a4c4b91cab11174d27f1e3a4d2df0eb99cd6213e1c3b3330af46ea5af61b77e5fae33074aa25aa14304534600cb9b48b7a056ada5a7afea826d35b692b9db5b36911be92a0bff447cc4560ffef61f16483235d83cb8e39177063cabaa0f12b70140c98b3af8481e47163063f90246763c491a787d755980210d44e2333ed560e19059d5ecc5fc19c3a79ca5f2c35c8b56"}}}}, 0x12a)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

1.700152572s ago: executing program 0 (id=881):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_io_uring_setup(0x6b88, &(0x7f0000000000)={0x0, 0x7c87, 0x800, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x3}]}, 0x1, 0x3}, 0x1)

1.659034353s ago: executing program 0 (id=882):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0xa20, 0x8000c64)
write$binfmt_elf64(r0, 0x0, 0x478)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x2)

1.602763854s ago: executing program 2 (id=883):
r0 = socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7f}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x4a4c, &(0x7f0000000000)=ANY=[], 0xa, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[], 0x32600)

1.559563215s ago: executing program 2 (id=884):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$dupfd(r2, 0x406, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
socket(0x10, 0x2, 0x6)
r5 = socket(0x2, 0x3, 0xff)
sendto$inet(r5, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.295543449s ago: executing program 1 (id=888):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x68, 0x68, 0x5, [@fwd={0xf}, @int={0xe, 0x0, 0x0, 0x1, 0x0, 0x70, 0x0, 0x43, 0x3}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x54, 0x0, 0x49}, @struct={0x0, 0x4, 0x0, 0x4, 0x1, 0x6, [{0x8, 0x5, 0x2}, {0xa, 0x2, 0x5}, {0x8, 0x5}, {0x9, 0x4, 0x200}]}]}, {0x0, [0x61, 0x30, 0x0]}}, &(0x7f0000000380)=""/62, 0x85, 0x3e, 0x1, 0x9, 0x10000, @value=r0}, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x4, 0x8, 0x8}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
unshare(0x22020600)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r3, 0x0, 0x20000000}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x18)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
r6 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r7 = inotify_init1(0x0)
r8 = inotify_add_watch(r7, &(0x7f0000000080)='./file0\x00', 0x40000022)
write$binfmt_elf32(r6, &(0x7f0000000000)=ANY=[@ANYRES64=r8], 0x69)
close(r6)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1018e58, &(0x7f0000000380)={[{@nodioread_nolock}, {@noblock_validity}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@inlinecrypt}, {@i_version}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc0000001900010000000000000000002001000000ffffffffffffffeb000000ac1414aa0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400000000000000000080000000000000000000000000000000044000500ac1414aa000000000000000000000000000000003c0000"], 0xfc}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x41, &(0x7f0000000280)={[{@bsdgroups}, {@grpquota}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@abort}, {@discard}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000940)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

1.059039563s ago: executing program 5 (id=890):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0xd0, 0x0, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x4d}}}}, [@NL80211_ATTR_QOS_MAP={0xe, 0xc7, {[{0x2}], "adf28b5c34ad4b1a"}}, @NL80211_ATTR_QOS_MAP={0xe, 0xc7, {[{0x3, 0x7}], "a5306553c93b57b9"}}, @NL80211_ATTR_QOS_MAP={0x32, 0xc7, {[{0x9, 0x7}, {0x7f, 0x6}, {0x9, 0x5}, {0x81, 0x7}, {0x1, 0x4}, {0xe0, 0x1}, {0x0, 0x6}, {0x53}, {0xa9}, {0x4, 0x3}, {0xc}, {0x7, 0x3}, {0x8, 0x3}, {0x6, 0x2}, {0x2, 0x5}, {0xc0, 0x3}, {0x1, 0x7}, {0x1, 0x3}, {0x3}], '\x00\x00\x00\x00\x00\x00\x00\n'}}, @NL80211_ATTR_QOS_MAP={0x2a, 0xc7, {[{0xf, 0x1}, {0x5, 0x5}, {0x9, 0x6}, {0x0, 0x1}, {0x0, 0xd4}, {0x6, 0x2}, {0x3, 0x5}, {0xbf}, {0xa, 0x7}, {0x1, 0x2}, {0x4, 0x6}, {0x6, 0x6}, {0x8, 0x5}, {0x7, 0x1}, {0x5}], "88453c682c9076a1"}}, @NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0x5}, {0x6, 0x1}, {0x8, 0x4}, {0xe6}, {0xad, 0x2}], "f1436c5674389b75"}}, @NL80211_ATTR_QOS_MAP={0x10, 0xc7, {[{0x75, 0x1}, {0x9, 0x6}], "6d1a49f4ce474fe7"}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x90}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a7c000000090a010400000000f1ff00000a0000040900020073797a320000000008000a40fffffffc0900010073797a31"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
pipe2$9p(0x0, 0x80080)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000980)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_AUTORATE={0x8, 0x9, 0x8}, @TCA_CAKE_TARGET={0x8, 0x8, 0x1a}]}}]}, 0x44}}, 0x8850)
r5 = socket$kcm(0x10, 0x2, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000006c0)=0x14)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de85000000040000"], &(0x7f0000000040)='GPL\x00', 0x7ffffff, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f0000000200)='./file0\x00', 0x86)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x7}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
sendmsg$kcm(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001201", 0x2e}], 0x1}, 0x0)

898.196485ms ago: executing program 3 (id=891):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a70000000060a0b0400000000000000000200000044000480400001800a0001006d6174636800000030000280080002400000000118000300d67a854a7a4124a91520800000000000000030000a0001006f776e65720000000900010073797a30000000000900020073797a32"], 0x98}, 0x1, 0x0, 0x0, 0x4000000}, 0x4044010)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="0000b23c62b7821058e767ccaf9600080000000000000000000000000000000004c8bc3750d793b0ffde663357186d5a7ca1c054b291e1a4e8382e3b5bd5929a2a02dd24061ce63d45789419bfa4fff7d0528074d4f5a7529bb963d144e1c1021fb076569702509b2901b48d03482425eaea4a004cebe65927c61dbad69dfee92156b68b37255e528885ce3c3fd4a5c6ac18c919499e9208197a917f475e188826709905f3fac5a388d4a412813eba8761e19da43677b5b23618e66b5e6e870b50adf5fb834b18418098ade037df406ce37942413df87e0688c95c6da6de45f81d99040086bb7c01bebbe1e4f5600deb3e7eaa04358e8f97672bcf923446cc53a320476c62e784df89a9c5dc1e2d8e9d8f5e2c1e3a7a58dd722ba3147e58990d5e77ce1f5d1bce95c28495e4196d3fda10d3e138ef19adf1eb7f3789c3f97d4f1c4df9a73a5c6c7c6627241d811365f5870bc37f84cbfb713fcf2443f569585f77b3fc1e67b4f713a439a28cc86d6cad51d9a02f1e95902e3511c1242f9f910d6e860517904b6fa6ef3b43757778323d207ef06fb0c79f0e3f30aa07a954fd0b179581b7795fe749e1cf8be159c9c816", @ANYRESDEC, @ANYRESHEX=r1, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0xfffffffffffffe5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x61801680, 0x0, 0x1f, 0x0, 0x0, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x8, 0xdd18b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, @perf_config_ext={0x4, 0xffffffff}, 0x3323, 0x4, 0xd3ed, 0x0, 0x9, 0x800001, 0xfff7, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x18, 0xb, &(0x7f0000000b40)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x21}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x200000000000000, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0))
syz_open_dev$tty1(0xc, 0x4, 0x2)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
eventfd2(0xd8, 0x0)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @remote}, {0x2, 0x0, @empty}, 0x78})
newfstatat(0xffffffffffffff9c, &(0x7f00000007c0)='./file0\x00', 0x0, 0x4400)

897.314236ms ago: executing program 5 (id=892):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_io_uring_setup(0x6b88, &(0x7f0000000000)={0x0, 0x7c87, 0x800, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x3}]}, 0x1, 0x3}, 0x1)

821.083357ms ago: executing program 5 (id=893):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
truncate(&(0x7f0000000100)='./file0/file0\x00', 0x5)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x1)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

674.644709ms ago: executing program 1 (id=894):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$dupfd(r2, 0x406, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
socket(0x10, 0x2, 0x6)
r6 = socket(0x2, 0x3, 0xff)
sendto$inet(r6, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$inet6_sctp(0xa, 0x1, 0x84)
getcwd(&(0x7f0000000380)=""/188, 0xbc)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
close(0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r0)

665.152629ms ago: executing program 3 (id=895):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='mm_page_alloc\x00', r0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
io_setup(0x6, &(0x7f0000000300)=<r3=>0x0)
io_destroy(r3)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0xb)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r5 = msgget$private(0x0, 0x790)
msgsnd(r5, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
perf_event_open(&(0x7f0000000500)={0x0, 0x80, 0x64, 0x1, 0x0, 0x0, 0x0, 0x210e, 0xe108a, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_bp={&(0x7f0000000040), 0xe}, 0xcd05, 0x32, 0xfffffbff, 0x8, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x541a, &(0x7f0000000000))
r8 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r8, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
set_mempolicy(0x4000, &(0x7f00000002c0)=0xd, 0x5)
msgctl$IPC_RMID(r5, 0x0)

556.445671ms ago: executing program 2 (id=896):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000008000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='writeback_queue_io\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x24, r2, 0x2cb3b0415539fbbb, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffff81}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x0)

483.416782ms ago: executing program 2 (id=897):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000002540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, 0x0, 0x2)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x3ffff)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x18)

422.945813ms ago: executing program 5 (id=898):
r0 = fsmount(0xffffffffffffffff, 0x0, 0x1)
fchdir(r0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x0)
write$binfmt_script(r5, &(0x7f00000001c0)={'#! ', './file0'}, 0xb)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000003300)={0x15ec, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x14c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x3a, 0x5, "aa394efd7ef9ae6500cb8ebbb3fd9a5ff96d500b49ee6e753f2bce0a88ee53e396f690a26a3273b50ead4f9f0c3269b4b361d5c7c831"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x3a7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x80}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x50, 0x3, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, 'GPL\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1c31868c}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10000}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0x2a, 0x5, "e7f75e5167177d43e3f7be253f3d5d38a7c7752ea3f122c027689397ecf1f7bc13676649f085"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x70, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '}-.b[.\\\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xa}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '+#-\\%\x80\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '9p\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xe}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '9p\x00'}]}]}]}, @ETHTOOL_A_DEBUG_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_DEBUG_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x7c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x31, 0x5, "a53499937b7e61c3072cd54c427cbb5febd56d00ac2d8ec7bdfedad246a083886495510f703ef00739001272ad"}, @ETHTOOL_A_BITSET_BITS={0x44, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '^\x00'}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'kfree\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, ':&&}\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}, @ETHTOOL_A_DEBUG_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x168, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x72, 0x4, "3a9bfd2cc5d599d789863e18cfe1c36c21f744ba55e775b23b96f56357190e0deef595f1236e8b0d03ec77a57e5b46c809e01fd749648cb858bd902b85f44c18c6231656ac8903bb59d7d630c5c24ff188ddbea244d81fa3234ac95e8c657bf3112f3838ed3e2e211b48aba4acaa"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x401}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x3ff}, @ETHTOOL_A_BITSET_VALUE={0xda, 0x4, "e613c7b6d8973ec5bd70debd18894de97d603653d7ffc2d7a02b7685f67d3f2f15ab7eac3e3a2fc1d466a56dcd0c1ad0eaf27808ff9d6dd20f2821ea6e443dd961e999c5a72f55774290626cff55022b2a4f44a764728d25c11985e1a035f72c2f4c312b2aad786bd85cf34971d62bdf756bf99031317d675e25ac2036d07d76355160afa8d19901a88f6991465e6194cb0fe8e7adc4f0b3c9a7c976ee4690c1a8aab892ad1bbeee038e7b1feedd9aab32ecf67279e4c3f3b481533c273252c4b5a23ddb3ea1e4065890bdf4561d6a1b150d222e31fd"}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x1144, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, '.\'(%\xa7%*\xff[#{t\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '*{,/\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x40}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xfffff001}, @ETHTOOL_A_BITSET_MASK={0x1004, 0x5, "d35d32965ab3d48911bbb0c085ac7a6b1fd5dc51bdcfd5a488eac3e37212fbe2665cc869c9c1b8a8b19212724a030af01721a677313cca5bd05a092064f6a4f5bd3fa90d26d95f430f99fd6abcaefd82d1e68f020323db64109f8fff2078c7e83df5e72f91d3142278a9524bd266c2450d7f5844fec0490acb9e3351b4c9c1ff50a069a0133abc8fdfced5c338e1d73c0d52dc841873f73be4d5ba6b773393ddb1899743901586f2f4348b60829a59ccbcb04372cec4df1465e669456699bd77a916a338fef412cce04bd60f7ec3c193fe224a21a6a4ccc59b52f11a9a099410465ccdbe2481a03fe353fcf87c59ff0cd9fa183e92157cb4e97e25cbc23342352cd0ac4857fc41bf474f943270f2b0e8768935c9d51f714468ced4390e6e2adba272addc139470011a0ee14123a127a660139b02998a951e4e1e601f8c1aedfc68202044e4044cf27cbac84e5d3e578d8e83e7d8639d1cf0a67c98526de8d84cc6784a028f29e4f5e9f23fc4f74ca7141a681f94a7fcab7115c21a2876b1dc2d3e9db08ac2651e6eb7ebd403cf2aff136000483a3a14e24cf970153325ccace724f400a174cc3d9e055ac301fb39dc3d954337b2017f18146d132269fb2dcd46c22f292736c1786168a10d9c982b4e60b58454441d044da289d4a2f37a99d9ceb52d534867a6f1ab1dafb016a088c588b6657e573613885d26c57a50883f359077026350644fbcd1f1a9f0727173b84182b8459da0ca05b665920b09017a14138f5356b9f27770fad8f60361da0d854e707359005b372f195966e01a3b1e3028274dc0866958142684cd5d74cc29723c853338912042df951bb017e41731ed2aeac019418c37272dac563d1dffe754f821a3c908d265ce6ddfacd6b1d6f32e0e71e2d2e8555fa55d042834652c80a2f44fe515e1c78cc1eec9c10c39fa7320bc52090d6f149a58f2e5f6dbd1e2224f7dcdb4f604c450304d3e9459e379c3211a327c73c98516a291bebf5ef5d0bd73dbc51b7427e77fcc43ff9bf2c265592b9f001e25677eda942d715f98dad452d6e62192b16bbb5ee1d581d71a274a336577124ea90f6cbd067c92b126fcebe20bf241ba753214446421b85bee570c2eea615825f14392b297e6013ba28accc20d1235da75fd5ebe3d0b4dc9119d6a6e1ecbaa3d317e81fb77136c555e5c733b2a0923408b529be60cfda4a99920a70e5f9e0c317b908d610227e5b0e287d7c81a63b31f8aef61fd7c8ffc80904b8c29c3f66bce7fdd9d4366e97bc1eef953fe998f220ce56b73ea7ef37c6448c07f197d0b157029fae6137f3da9920f6a775100af3f39e2700c318aff6f7e4848babb6e16f518b7862da945193f7d59512f21d73b8252111ac63087b853d9e8d5a7adebb27975a5368d06ee842fd49fc1ed656c8b9f4959607c61268d9d8692bda7813afbdb21332538f8fde63045d816602770fbbb4a00aa8e85d2738fb41b2129b928cd216ae2acf38da5ccc2c6f787835b8f9fe6ac690f48df5421bba32f1d24a691c3408822dca3506a5abbfedfb1262ff7d531289568920a599dd8e6a6e79ca8cca20c8790efa257b8fea6951b0a936050e15751cf1c5a931767b9f1b9e402ebdba9b60ad97c66d1f8548600e26a5912773369c4ceda15cd5cbf4f5bdb2a188327c0dce2924ec3871103c1dad815eaf155023e4d014a3cc6a99beec077279b647cea70597b6fa8345f3755ac9b47300eb390b9bf2189ebfc1625c6152e2f445e2f491d543a677a6c8e8be0873e145549a13a978e576dc34ff4b7453b0d99350d22bf95acb86efad5530b83795875dff6fe08b0d125f87668463b7b892952da8141a3782e1486c130169033eeaaebde9d94ede99692ca2bc0d0a568b5885de1aefa90be0b14e8e9dc0cc680537d046ffa8cb255f1f4dd3a8426ec32d6252ae48ca70923da3802259886eb4ffee392c9a79a0d5d82b9a5340679705995ec28397ec1a807499561cef27919a35c7b86a710fe11842b07373ba3dd461d989d4dd977dd21719b4250d68de0c815aeb84e66428c4a0168342e35d084b5ac5bfa802349906234badd8fab3eed8f4bd1484eefb6c8300afa48dc6d24c35bb8e5f82871f4051e5e399dbfcd51e592e6b50f812edeee515502c0ae52f95f0aef2948be2ed354b6aac0883e80438d9e4955a585eb35bd61f8781dc59f85d4c38accc212304d0cf421675853a1bb8285b8d4db5973b2bdc3f58948dab748e86a6a1cc35198c94f0e638ecc1fd01a44ff79087776c24e3a99da186b9149106aaa4c13102485aaf667d489172dd5386b56310aed8651558762542485c687f70c16a06a1f0d4bf175bc783f2ead32d9d23c37501c6f83c91ea8557158dd41231334bcd2799f2c39d33f99a607aa88a5fd9844fd49c47cd04c0e4a0604d45a2f2bb9afbc9555f732e599d19158d686edce2b4bc8668ee0742be7b404d63822c3a6a78005b54b3acb5f7e3ae377afae66784a5c9a50513ae8276fe32d13b38d291134edc2df2705559fca33e851833563fc21e4c83e32b084d59204ac0ac5042ade7b5ec07c41ea67202dbb74e7c5f9febc2a6f2514f321e3ddc6b442f1444fb8e1499be70420b7a2fbda1830f1c34645d4c9f2a931199a3a04e69cbbfb906fc5d28a3b86a1ac84e40dd046938766669d1cee24a488f01b84b2a639fa818d961b74e6e05a5cc70892f8ff9068aa46f79e8840054a56feaae0df5e520a0a5a6d027e3bf2bfadfd1e7d59ddb3695942ba4ee993883ad7e99ab8eb29308e84422fae912f6e6a272e5024da70e98208296de11a7ab8934e5efc9240421b8a378cdcff5d27c038f09f0da21d33304966a42a9cdc4903fb8b5d5b39dce4a9421bb2528bac96e2fae729c8180a980b267ee9406ef227e2a611456a91a0a03268168654ba19a97dde48627c40e70a4de23cb603f1b92a4da70f6cf7b2972a28045054eabd5a740f674e85e727023cff5202be95344ac7feab6932fea5f450ddd8de44bda64fc4f23a675feceff1afa725f97cd3fc631ce0e10b8ce241460648635826eb3b60a6bbe7b7b93d2879d30e914d234818a12dbabcb3cf79c555ee89d943628fe009f35cc89cefc8f9ee42ed1f2ada74b202f8436a36704b581634f61ffaa35224f935a7985f5d939120c0b347bb597b9b05c33a5bf07884d8862f946e49902179f8bbe5d7a09a4f724fb88249386965af3c9478dda873692b4a72a48927a7c73dd1991c7c9bb7962f78768ab1eda3585024f1932cbe64fa1527559f0ffbd9196b27a2e378fb08784f2a72318b3f9c7322e56571e36d29d6a7289b0e231a5f79aa983a2f02f34a385730d20da0b3ffba6307b60f60b8886e0e96e56a120590e8a769388addd26e889d7028392f5c14a7bac8348c316c17e3c282f65bb2eafda7b277c2dd5d23f5f4026f027a30295125a765d0cccfdad89c1bee2d16ffd59ddb29623d15bedc6b7274a06e1e7a9c8aa863a9fb9c8de2362acce08bfee9b099a0463d3e7ee517ba5559285cc77d8561416f131eda30887be1453859ba35d45175ef81e51e9723f90b7dd716983fb4402faab9fd063cd64a7b2fd1a2c38ca3a56ce4eb2e5426dbc6f0c309fedbfecbe1f6b0d159d3f36536708259a9050ef41d52ea80935bbb5b0f88d58510d8a83968ba34e6df3532d6f89bb99246fc68171c9cd14aa59d61837acbf3da59e474c845fb56f39c36bb604f84143cda142853068b67f9e9b0f68981a179a7a10ce9fc46fedace4cdf9b233d00283ea3914fb5b0cec1634513d593e957cbcdcfd89768eeef61ddc46aecc91ba78b2d9806cb85130f801c75371a55c1ff9f58ed8018be6bd226f160e87ef1db1167c57d46fdbe5a31f8279c3504edce261b7c87b1f766839503631d208971f9fb9b5f71c01fa3719ca115ce0591e9c6a35b1846eb08581d6a171c3ca2d2679dbe606b61efdba24421389d16c5a22b9e446a72bec1ed6618576edc2e988b96261e07f7ff1dd6a21e06f0e678f13351f9c890420cf0c1686fb858aebbef4c34dfe70f041a7e21385be2b2efccb7d5cc266bea72148f34d27cccd866c38345d5eca615667fe20c1c8f82ccef1018d272f67efd8bc68c02ccac56b0588d166f5b8496c8cf46b007c215b1267cb2c4daa39b8d2b9a702ed0ec29d3b326d42980fe6a908066dcf3f3f7e298889b0dc75d370173d75e3a38b9ca407616362bd5f0a3c4d09685c30085a8a6133b5e7b3ebbed79798290ffaca3116614f92cb4cda21bd191a812d7399bf50d360dc6407a447f66fc6b9dd9a1ea71c9180272e29edf6a85e292892e46c1a63447cd5532fa7e3dda125ecf8adc8c664aa8ca333aa3a8d8556b24f670a87187075f95ad5a14af45eb804764be7ca337e38e190ec0a87aae323e00eafd41c513de5f393dcc5213453f5cbf259c5a336268059cb0f5088d2048553c8c35a033da3e61b707bbe95e0bc6afb013417daeed13405425c3047e08e278d7a690d5801f1e97d743b348717ee4591cd8a7efea707d4a9805b1e49ad33e541f7197d845ec89fb1e59c436acfbc95d6bd94b50bb38f2398c24d1c827acbb16afb272638cbf55a77000e7225f71443e783791acfdcba781e2873d1761f9eda2b726214f6253df28783f3f8a618b739c5e78ea6fa28ae56e14d1302c445f26f12903a4a527fd80493577a9fdf3a16a253b800947042d785a392d3eb0ec5a4f41d7dc15889be79742d067693e9076ff71e7aba7680ef51c0bc2b2cde486a94186dfb824de2014d385a4e813519141528e5747d50599e37df67c76df9ebab003a0c8201577fc7783a0a3b27697332c64b3c8fb4e23074b32ad3de6a0467f852acda7af31171fcdf40326cd17f75578d073bbe497523df0d776459233ff7c5065f35d3756c9274552303964bd87b1c13e29c63401ccabc2b86161e1dc090c99a1dfc3ebbc576d4abbbf289d3da43a1e2bb8a2763e742f38160500fd16577ee3080c0dbfe8996e137dcdfd944c18bafd86193d2754f13b8c27934f4d68bf88cb1cf3023a6bde6685236e0a21998e6446d3fe50643c5e6f67749780604c9aa1b77200aafe818eefab40b4b9b56cfa9d66d4d1d1d689b89901fb916e84350c596208a883bfe5435e1b2c2ad1022c1163eca5ac24b95a0e4fe92dd6f78686f3bc1723e417858d97acce2b4a4bae705edc94c2626f53fca1dd46204ed4dd561e70899788a938a3c0aa0eaac75a98fa4f8b6a057132652cd54f035b0e11e67692a688b6d15db8255c651c4f11b412e54645bbad2518f9918a2c8f4aefe02f6d4ba7f9167ab6fcd434a7e92470691cca3a15d24951f305696a45808b0fe5eca1bcac1d97035f334bbe944ecfed49b34687d5623c25e4b5aed309ec5d15d2af78e6ebf952a68ad5009adec48745ec138315ba522888cd4d8b261659beb093dce9c13b205c83b0c2c7c81dc50ee5976883ab0ce5f6ea383cab7e5a962c223cf6cccef38b088cf7f326ec0c792a74d0ad0e9697cdfe66206e2f87cd438a40fc022f70718adecfb0c95e810cd033624da1847994263d5e6420cd92c424296478895e5db92bd6993f84db97887588f0b63e1be7956ffa7f3451a0b1b5c7196c79287d80f9cdf1e52a57444ce92388fff6253807d3f8160e1832bebf40e212cb8794b09ff6485c75452e718e01b030eea256c6a1770bacdf76041fdc7fd996615609634abf40a0f001251d89383984b1dcfde3f7357d9052e7f68589ae6bc5147f7cb3c3d83b569a5d3b7ed5185c1c977a903629a82a2318da8ba2"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0xf0, 0x5, "7389a5f971d218e64dd18023e067d8fff9ef37f70034cb0ee3adbf018f15f203a921d51a92d7642ab6880f87cb7aa446b44ce46178330d7ac1396d9761b4c100a18c4c950df1b19561959193b744882e33ec27cee98167b4c39a3b25310626e75de5afbd3e05d9e21ae584fcc38dfda870c93d75998406f774eb4a75499d177e3e1994fecce2f1eb6fa63ae06d9e79169e8566943616f97f867d18f41ff7dd2d94a6ca6a8d6b2d5d79f8f38d33b8abcbc842cf4fd421ff05cbf974372a0f94561719c4caea2aa1f1fa5159efb5c4b2d2562dfa6c8c93489598528f897feb4fed0a0d53eaa5fe7d7a2664c3f8"}]}, @ETHTOOL_A_DEBUG_MSGMASK={0xec, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x50, 0x5, "fcc6e7dbde23bfa4d915aebf499581078f06f1033362f7ae25f2ddf4ea7afce1fed3ef8d2d40776a373245aecb46d02115c22a359464cb3ad7b857f4df06efed37d92f6ffa811e202f1cb4e7"}, @ETHTOOL_A_BITSET_BITS={0x74, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x14, 0x2, 'kmem_cache_free\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '+\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3719}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x1e, 0x4, "77d252bca6a9dd299a79e48f15933ebbd15a628196fa6720c9cc"}]}]}, 0x15ec}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r6, 0x2284, &(0x7f0000000080))

344.974314ms ago: executing program 2 (id=899):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
socket$kcm(0x10, 0x2, 0x4)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c646973636172642c757466383d312c757466383d312c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c757466383d312c00ef5c3556"], 0xfd, 0x2a8, &(0x7f0000000280)="$eJzs3E9rE08YwPGnaZOmKW1y+PEDBfFBL3pZ2vgKgrQgBpTaiHoQpnajIWtSsjESEdubV19H8ehNsL6BXrx5Fy9FELz0IF3pbrfZ1qW2te3W5vuBstOdeTKzfxKeXZhZu/fmab3qWlXTllRWJSXZJVkXKUhKQgNb25RfzkjUklwd/fH5wp37D26WyuWpGdXp0uy1oqqOX/zw/OXbSx/bo3ffjb8fltXCw7XvxS+r/6+eW9uYDT+92Vajc81m28w5ts7X3LqletuxjWtrreHarR31Vae5sNBV05gfyy20bNdV0+hq3e5qu6ntVlfNY1NrqGVZOpaTOJnYvWfD4IEjKsszM6Z0LINBEkbidrZaJTMYW1lZPolBAQCA0+X3/F9OJP9/UnO15mrjT/l/So42/0eUn/9vxCaNOBvSmw8AJZPb+v7uRP4PAAAAAAAAAAAAAAAAAAAAAMC/YN3z8p7n5cNt+DcsIlkRCf9Pepw4Hoe4/gMJDhdHLDJxLyvivO5UOpVgG9SXqlITR2yZSPtzibxtQXn6RnlqQn0FWXEWt+L9SYLDYXyoEB8/GcRrJH6xU0lLLtp/UfLyX3x8cVd8WkQ6lYxcuRyJtyQvnx5JUxyZ9+/rXvyrSdXrt8q7+h/x2wEAAAAAcBZYuq2w8/k3WE3SsjRcNmRXfbCz935A8vJzz/cDKisZ6cUPyfmh5I4bAAAAAIB+4nZf1I3j2K1+LozIwaP68dRZ2eCm2bOx53mLm43+vtOUiCR0pN9E5BSc8KMufH0WXMD9NE7yVwkAAADAcegl/UmPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/rXfxcPC9odZeyzS3WAyRwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcDr8CAAD//4DOGY4=")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x84042, 0x1fb)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x40, 0x400, 0x5, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r5, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x60, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x4, 0x3})
close(r5)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)

344.647324ms ago: executing program 0 (id=900):
mkdir(&(0x7f0000000000)='./cgroup/file0\x00', 0xd0939199c36b4d28)

323.339554ms ago: executing program 0 (id=901):
socket(0xa, 0x1, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
openat$selinux_avc_hash_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, r3)
add_key(&(0x7f0000000240)='keyring\x00', 0x0, &(0x7f0000000680)="0000000000000002ff6900000000000100000014f200000000861f4104bfeacdd5a9007d16dcdc2850b5366cba1483795706454badc0d4df19c2ef1923d60ba1ec8ddd9847ad7309ad785c287458c8fb259df7971a68075de4d431e67f93e26b77a738a39f4d7995a596d0c7443c718e44e8e96f737f7980f106c30600d99cf02f2c66b6a5f6b298879152424eda396d9b228c39377323cfdbc13f1c832e9500eeb8294a776da07d54bdf20618fc", 0xae, r4)
socket$unix(0x1, 0x1, 0x0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x8}, 0x0, 0x53e}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4e, 0x8, 0x22}, 0x50)
r6 = socket(0x1, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r5, &(0x7f0000000240), &(0x7f0000000180)=@tcp=r6}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r5, &(0x7f0000000440), &(0x7f0000000380)=@udp=r6, 0x1}, 0x20)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c0000000b0601020000000000000000030000000900020073797a30000000000500010007000000240007"], 0x4c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0x9, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x9, 0xfffffffb, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, 0x0, {0x0, 0xe}, {0x2, 0x2}, {0xd, 0xb}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r9, 0xc0a85320, &(0x7f0000000900)={{0x80}, 'port0\x00', 0xf3, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2, 0xf8})
close_range(r8, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)

305.880654ms ago: executing program 5 (id=902):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
clock_adjtime(0x0, 0x0)

237.193026ms ago: executing program 1 (id=903):
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})

168.185897ms ago: executing program 5 (id=904):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='mm_page_alloc\x00', r0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
io_setup(0x6, &(0x7f0000000300)=<r3=>0x0)
io_destroy(r3)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0xb)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r5 = msgget$private(0x0, 0x790)
msgsnd(r5, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
perf_event_open(&(0x7f0000000500)={0x0, 0x80, 0x64, 0x1, 0x0, 0x0, 0x0, 0x210e, 0xe108a, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_bp={&(0x7f0000000040), 0xe}, 0xcd05, 0x32, 0xfffffbff, 0x8, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000280)=0x3)
r8 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r8, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
set_mempolicy(0x4000, &(0x7f00000002c0)=0xd, 0x5)
msgctl$IPC_RMID(r5, 0x0)

167.628997ms ago: executing program 1 (id=905):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
r2 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000140), 0x12)
r5 = openat$cgroup(r3, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='kfree\x00', r7, 0x0, 0x8}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1, 0x0, 0x8}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)
r10 = openat$cgroup_procs(r5, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
r11 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r11)
ptrace$setregs(0xd, r11, 0x0, &(0x7f0000000540))
ptrace$cont(0x20, r11, 0x9, 0xfffffffffffffffd)
write$cgroup_pid(r10, &(0x7f0000000500), 0x12)

105.532958ms ago: executing program 2 (id=906):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$dupfd(r2, 0x406, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
socket(0x10, 0x2, 0x6)
r5 = socket(0x2, 0x3, 0xff)
sendto$inet(r5, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

82.706539ms ago: executing program 1 (id=907):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000008000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='writeback_queue_io\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x24, r2, 0x2cb3b0415539fbbb, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffff81}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x0)

66.169319ms ago: executing program 1 (id=908):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00"/11], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)

0s ago: executing program 0 (id=909):
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000280)={0x2, 0x0, 0x98, &(0x7f00000001c0)={0x2d, 0xdd81, 0x7}})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x3}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'syztnl0\x00', <r5=>0x0, 0x4, 0x1, 0x3, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x34}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8000, 0x700, 0x367, 0x3}})
bind$packet(r2, &(0x7f00000003c0)={0x11, 0x7, r5, 0x1, 0x4b, 0x6, @link_local}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r4}, &(0x7f0000000a00), &(0x7f0000000a40)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r4}, &(0x7f0000000880), &(0x7f00000008c0)=r3}, 0x20)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
write$binfmt_elf64(r7, 0x0, 0x478)
pwritev2(r7, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x2)

kernel console output (not intermixed with test programs):

__set_task_blocked+0x23a/0x2a0
[   74.228566][ T5351]  __ia32_sys_rt_sigreturn+0xdc/0x350
[   74.228583][ T5351]  ? _raw_spin_unlock_irq+0x26/0x50
[   74.228603][ T5351]  ? signal_setup_done+0x266/0x290
[   74.228689][ T5351]  ? xfd_validate_state+0x45/0xf0
[   74.228712][ T5351]  ? fpu__clear_user_states+0x63/0x1e0
[   74.228737][ T5351]  ? fpregs_mark_activate+0x66/0x140
[   74.228815][ T5351]  ? fpu__clear_user_states+0x63/0x1e0
[   74.228844][ T5351]  ? arch_do_signal_or_restart+0x2f3/0x480
[   74.228894][ T5351]  ? __rcu_read_unlock+0x4f/0x70
[   74.228915][ T5351]  x64_sys_call+0x2e8a/0x2fb0
[   74.228936][ T5351]  do_syscall_64+0xd2/0x200
[   74.229001][ T5351]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.229051][ T5351]  ? clear_bhb_loop+0x40/0x90
[   74.229159][ T5351]  ? clear_bhb_loop+0x40/0x90
[   74.229179][ T5351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.229200][ T5351] RIP: 0033:0x7f7c2858ab89
[   74.229216][ T5351] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   74.229230][ T5351] RSP: 002b:00007f7c26c56a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   74.229273][ T5351] RAX: ffffffffffffffda RBX: 00007f7c28815fa0 RCX: 00007f7c2858ab89
[   74.229287][ T5351] RDX: 00007f7c26c56a80 RSI: 00007f7c26c56bb0 RDI: 0000000000000021
[   74.229300][ T5351] RBP: 00007f7c26c57090 R08: 0000200000048000 R09: 0000000000000300
[   74.229313][ T5351] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   74.229333][ T5351] R13: 0000000000000000 R14: 00007f7c28815fa0 R15: 00007ffc00f4c628
[   74.229350][ T5351]  </TASK>
[   74.504198][ T5354] loop5: detected capacity change from 0 to 512
[   74.523264][ T5354] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.537898][ T5354] ext4 filesystem being mounted at /70/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.542463][ T5360] loop1: detected capacity change from 0 to 128
[   74.563790][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.575139][ T5360] syz.1.523: attempt to access beyond end of device
[   74.575139][ T5360] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[   74.590792][ T5339] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.618472][ T5365] netlink: 8 bytes leftover after parsing attributes in process `syz.0.522'.
[   74.628957][ T5364] loop5: detected capacity change from 0 to 512
[   74.638515][ T5367] netlink: 8 bytes leftover after parsing attributes in process `syz.1.526'.
[   74.659411][ T5364] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.681344][ T5339] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.700724][ T5364] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.706958][ T5372] loop1: detected capacity change from 0 to 1024
[   74.720884][ T5339] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.737894][ T5372] EXT4-fs: inline encryption not supported
[   74.744055][ T5372] EXT4-fs: Ignoring removed i_version option
[   74.753622][ T5339] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.766686][ T5339] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.778332][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.792066][ T5372] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   74.807628][ T5372] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   74.824567][ T5376] loop2: detected capacity change from 0 to 512
[   74.836086][ T5378] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=5378 comm=syz.5.528
[   74.852658][ T5372] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.527: lblock 2 mapped to illegal pblock 2 (length 1)
[   74.863730][   T29] kauditd_printk_skb: 86 callbacks suppressed
[   74.863812][   T29] audit: type=1326 audit(1753276478.477:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   74.899641][   T29] audit: type=1326 audit(1753276478.477:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   74.900727][ T5382] loop3: detected capacity change from 0 to 128
[   74.924737][   T29] audit: type=1326 audit(1753276478.477:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   74.924766][   T29] audit: type=1326 audit(1753276478.477:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   74.948688][ T5372] Quota error (device loop1): qtree_write_dquot: dquota write failed
[   74.955910][   T29] audit: type=1326 audit(1753276478.477:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   75.013219][   T29] audit: type=1326 audit(1753276478.477:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   75.021978][ T5372] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 48: comm syz.1.527: lblock 0 mapped to illegal pblock 48 (length 1)
[   75.036825][   T29] audit: type=1326 audit(1753276478.477:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   75.078191][   T29] audit: type=1326 audit(1753276478.477:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   75.102612][   T29] audit: type=1326 audit(1753276478.477:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.5.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c285ee9a9 code=0x7ffc0000
[   75.131808][ T5372] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.527: Failed to acquire dquot type 0
[   75.151798][ T5372] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   75.153080][ T5383] loop5: detected capacity change from 0 to 128
[   75.177244][ T5376] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.529: invalid block
[   75.192132][ T5372] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.527: mark_inode_dirty error
[   75.192990][ T5376] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.529: invalid indirect mapped block 4294967295 (level 1)
[   75.218488][ T5383] FAT-fs (loop5): Directory bread(block 162) failed
[   75.218775][ T5376] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.529: invalid indirect mapped block 4294967295 (level 1)
[   75.225188][ T5372] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   75.239300][ T5383] FAT-fs (loop5): Directory bread(block 163) failed
[   75.249850][ T5372] EXT4-fs (loop1): 1 orphan inode deleted
[   75.263505][ T5372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.276803][ T5383] FAT-fs (loop5): Directory bread(block 164) failed
[   75.281950][   T51] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[   75.291756][ T5383] FAT-fs (loop5): Directory bread(block 165) failed
[   75.320774][ T5383] FAT-fs (loop5): Directory bread(block 166) failed
[   75.322763][ T5376] EXT4-fs (loop2): 2 truncates cleaned up
[   75.329097][ T5372] netlink: 68 bytes leftover after parsing attributes in process `syz.1.527'.
[   75.372240][ T5376] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.385516][   T51] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[   75.401705][ T5383] FAT-fs (loop5): Directory bread(block 167) failed
[   75.418551][ T5383] FAT-fs (loop5): Directory bread(block 168) failed
[   75.437703][ T5372] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   75.449017][ T5383] FAT-fs (loop5): Directory bread(block 169) failed
[   75.466990][ T5376] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=5376 comm=syz.2.529
[   75.472007][ T5383] FAT-fs (loop5): Directory bread(block 162) failed
[   75.496126][ T5383] FAT-fs (loop5): Directory bread(block 163) failed
[   75.504311][ T5383] syz.5.531: attempt to access beyond end of device
[   75.504311][ T5383] loop5: rw=3, sector=226, nr_sectors = 6 limit=128
[   75.519333][ T5383] syz.5.531: attempt to access beyond end of device
[   75.519333][ T5383] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128
[   75.634438][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.685631][ T5400] loop5: detected capacity change from 0 to 1024
[   75.716998][ T5400] EXT4-fs: inline encryption not supported
[   75.723568][ T5400] EXT4-fs: Ignoring removed i_version option
[   75.763939][ T5400] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   75.793181][ T5400] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   75.835887][ T5400] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 2: comm syz.5.534: lblock 2 mapped to illegal pblock 2 (length 1)
[   75.888785][ T5400] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 48: comm syz.5.534: lblock 0 mapped to illegal pblock 48 (length 1)
[   75.944361][ T5400] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.534: Failed to acquire dquot type 0
[   75.988755][ T5372] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.994143][ T5400] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   76.017230][ T5400] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.534: mark_inode_dirty error
[   76.023391][ T5407] loop2: detected capacity change from 0 to 512
[   76.037658][ T5400] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   76.049069][ T5372] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.527: Invalid inode table block 1 in block_group 0
[   76.049903][ T5400] EXT4-fs (loop5): 1 orphan inode deleted
[   76.067846][   T12] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[   76.068276][ T5400] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.089861][ T5372] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   76.108297][   T12] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 0
[   76.133200][ T5407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.133887][ T5400] netlink: 68 bytes leftover after parsing attributes in process `syz.5.534'.
[   76.146544][ T5407] ext4 filesystem being mounted at /114/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.165864][ T5372] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz.1.527: mark_inode_dirty error
[   76.193644][ T5400] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   76.219674][ T5411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.537'.
[   76.241658][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.258697][ T5415] loop3: detected capacity change from 0 to 512
[   76.272472][ T5400] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.286651][ T5400] EXT4-fs error (device loop5): __ext4_get_inode_loc:4792: comm syz.5.534: Invalid inode table block 1 in block_group 0
[   76.307190][ T5415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.324089][ T5419] loop0: detected capacity change from 0 to 128
[   76.330857][ T5415] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.334992][ T5400] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   76.353612][ T5400] EXT4-fs error (device loop5): ext4_quota_off:7217: inode #3: comm syz.5.534: mark_inode_dirty error
[   76.380860][ T5419] syz.0.541: attempt to access beyond end of device
[   76.380860][ T5419] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[   76.396099][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.410856][ T5422] loop5: detected capacity change from 0 to 128
[   76.419355][ T5422] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   76.438444][ T5422] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.440891][ T5425] loop2: detected capacity change from 0 to 512
[   76.463533][ T5429] netlink: 4 bytes leftover after parsing attributes in process `syz.3.542'.
[   76.523966][ T5425] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   76.598145][ T3597] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   76.611376][ T5425] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.540: Unimplemented hash flags: 0x0001
[   76.622905][ T5425] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.540: Corrupt directory, running e2fsck is recommended
[   76.638229][ T5425] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.540: Unimplemented hash flags: 0x0001
[   76.650016][ T5425] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.540: Corrupt directory, running e2fsck is recommended
[   76.670704][ T5425] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.540: Unimplemented hash flags: 0x0001
[   76.682442][ T5425] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.540: Corrupt directory, running e2fsck is recommended
[   76.697605][ T5425] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.540: Unimplemented hash flags: 0x0001
[   76.709342][ T5425] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.540: Corrupt directory, running e2fsck is recommended
[   76.765153][ T5441] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.540: Unimplemented hash flags: 0x0001
[   76.765182][ T5441] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.540: Corrupt directory, running e2fsck is recommended
[   76.801466][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.843177][ T5444] loop5: detected capacity change from 0 to 1024
[   76.844441][ T5444] EXT4-fs: Ignoring removed orlov option
[   76.860916][ T5444] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.919721][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.941008][ T5452] netlink: 4 bytes leftover after parsing attributes in process `syz.2.550'.
[   76.957152][ T5460] loop5: detected capacity change from 0 to 512
[   76.973522][ T5460] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.990736][ T5466] loop0: detected capacity change from 0 to 128
[   76.997847][ T5465] loop2: detected capacity change from 0 to 1024
[   77.005387][ T5465] EXT4-fs: inline encryption not supported
[   77.011842][ T5465] EXT4-fs: Ignoring removed i_version option
[   77.018412][ T5460] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.029952][ T5465] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   77.039209][ T5465] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   77.066860][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.094505][ T5465] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.554: lblock 2 mapped to illegal pblock 2 (length 1)
[   77.109914][ T5465] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.554: lblock 0 mapped to illegal pblock 48 (length 1)
[   77.135495][ T5470] loop5: detected capacity change from 0 to 128
[   77.143677][ T5470] FAT-fs (loop5): Directory bread(block 162) failed
[   77.151575][ T5470] FAT-fs (loop5): Directory bread(block 163) failed
[   77.159313][ T5465] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.554: Failed to acquire dquot type 0
[   77.169491][ T5470] FAT-fs (loop5): Directory bread(block 164) failed
[   77.181524][ T5470] FAT-fs (loop5): Directory bread(block 165) failed
[   77.190208][ T5470] FAT-fs (loop5): Directory bread(block 166) failed
[   77.193759][ T5465] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   77.197986][ T5470] FAT-fs (loop5): Directory bread(block 167) failed
[   77.215258][ T5470] FAT-fs (loop5): Directory bread(block 168) failed
[   77.222096][ T5470] FAT-fs (loop5): Directory bread(block 169) failed
[   77.236474][ T5470] FAT-fs (loop5): Directory bread(block 162) failed
[   77.238348][ T5465] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.554: mark_inode_dirty error
[   77.247209][ T5470] FAT-fs (loop5): Directory bread(block 163) failed
[   77.267100][ T5465] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   77.289873][ T5465] EXT4-fs (loop2): 1 orphan inode deleted
[   77.300015][ T5465] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.305406][ T5480] loop5: detected capacity change from 0 to 128
[   77.315003][   T12] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[   77.339676][   T12] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 0
[   77.359694][ T5465] netlink: 68 bytes leftover after parsing attributes in process `syz.2.554'.
[   77.373172][ T5465] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   77.395640][ T5480] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   77.413997][ T5480] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.453280][ T5465] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.465560][ T5465] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.554: Invalid inode table block 1 in block_group 0
[   77.494561][ T5490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.564'.
[   77.507097][ T5465] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   77.541807][ T5465] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz.2.554: mark_inode_dirty error
[   77.708099][ T3597] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   77.984087][ T5512] loop2: detected capacity change from 0 to 128
[   77.999787][ T5514] loop5: detected capacity change from 0 to 128
[   78.011865][ T5514] FAT-fs (loop5): Directory bread(block 162) failed
[   78.019171][ T5514] FAT-fs (loop5): Directory bread(block 163) failed
[   78.026330][ T5514] FAT-fs (loop5): Directory bread(block 164) failed
[   78.037374][ T5514] FAT-fs (loop5): Directory bread(block 165) failed
[   78.051383][ T5514] FAT-fs (loop5): Directory bread(block 166) failed
[   78.066431][ T5514] FAT-fs (loop5): Directory bread(block 167) failed
[   78.073855][ T5514] FAT-fs (loop5): Directory bread(block 168) failed
[   78.080753][ T5514] FAT-fs (loop5): Directory bread(block 169) failed
[   78.090952][ T5514] FAT-fs (loop5): Directory bread(block 162) failed
[   78.109673][ T5514] FAT-fs (loop5): Directory bread(block 163) failed
[   78.135098][ T5514] bio_check_eod: 2 callbacks suppressed
[   78.135115][ T5514] syz.5.568: attempt to access beyond end of device
[   78.135115][ T5514] loop5: rw=3, sector=226, nr_sectors = 6 limit=128
[   78.161343][ T5524] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   78.174454][ T5524] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.186035][ T5514] syz.5.568: attempt to access beyond end of device
[   78.186035][ T5514] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128
[   78.291384][ T5531] netlink: 4 bytes leftover after parsing attributes in process `syz.5.576'.
[   78.314637][ T5537] FAULT_INJECTION: forcing a failure.
[   78.314637][ T5537] name failslab, interval 1, probability 0, space 0, times 0
[   78.328085][ T5537] CPU: 1 UID: 0 PID: 5537 Comm: syz.1.577 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   78.328107][ T5537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   78.328117][ T5537] Call Trace:
[   78.328123][ T5537]  <TASK>
[   78.328129][ T5537]  __dump_stack+0x1d/0x30
[   78.328147][ T5537]  dump_stack_lvl+0xe8/0x140
[   78.328166][ T5537]  dump_stack+0x15/0x1b
[   78.328182][ T5537]  should_fail_ex+0x265/0x280
[   78.328206][ T5537]  should_failslab+0x8c/0xb0
[   78.328222][ T5537]  kmem_cache_alloc_noprof+0x50/0x310
[   78.328245][ T5537]  ? mas_alloc_nodes+0x265/0x520
[   78.328266][ T5537]  mas_alloc_nodes+0x265/0x520
[   78.328286][ T5537]  mas_preallocate+0x33e/0x520
[   78.328313][ T5537]  mmap_region+0xb7e/0x1580
[   78.328349][ T5537]  do_mmap+0x9b3/0xbe0
[   78.328373][ T5537]  vm_mmap_pgoff+0x17a/0x2e0
[   78.328394][ T5537]  ksys_mmap_pgoff+0xc2/0x310
[   78.328416][ T5537]  ? __x64_sys_mmap+0x49/0x70
[   78.328438][ T5537]  x64_sys_call+0x1602/0x2fb0
[   78.328457][ T5537]  do_syscall_64+0xd2/0x200
[   78.328474][ T5537]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   78.328493][ T5537]  ? clear_bhb_loop+0x40/0x90
[   78.328508][ T5537]  ? clear_bhb_loop+0x40/0x90
[   78.328524][ T5537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.328541][ T5537] RIP: 0033:0x7fd6de60e9e3
[   78.328553][ T5537] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   78.328568][ T5537] RSP: 002b:00007fd6dcc6ed68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   78.328587][ T5537] RAX: ffffffffffffffda RBX: 00000000000005c1 RCX: 00007fd6de60e9e3
[   78.328598][ T5537] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   78.328608][ T5537] RBP: 00002000000005c2 R08: 00000000ffffffff R09: 0000000000000000
[   78.328617][ T5537] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000008
[   78.328629][ T5537] R13: 00007fd6dcc6edec R14: 00007fd6dcc6edf0 R15: 00007ffd9f547a78
[   78.328648][ T5537]  </TASK>
[   78.574136][ T5524] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   78.584565][ T5524] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.605922][ T5545] loop1: detected capacity change from 0 to 512
[   78.633196][ T5545] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   78.654675][ T5545] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.578: Unimplemented hash flags: 0x0001
[   78.667969][ T5545] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.578: Corrupt directory, running e2fsck is recommended
[   78.683842][ T5545] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.578: Unimplemented hash flags: 0x0001
[   78.696446][ T5545] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.578: Corrupt directory, running e2fsck is recommended
[   78.712461][ T5545] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.578: Unimplemented hash flags: 0x0001
[   78.712910][ T5524] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   78.724449][ T5545] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.578: Corrupt directory, running e2fsck is recommended
[   78.735266][ T5524] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.759395][ T3379] usb 5-1: enqueue for inactive port 0
[   78.765358][ T3379] usb 5-1: enqueue for inactive port 0
[   78.768460][ T5545] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.578: Unimplemented hash flags: 0x0001
[   78.783941][ T5545] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.578: Corrupt directory, running e2fsck is recommended
[   78.802879][ T5545] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.578: Unimplemented hash flags: 0x0001
[   78.806270][ T5552] loop5: detected capacity change from 0 to 1024
[   78.816205][ T5545] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.578: Corrupt directory, running e2fsck is recommended
[   78.837853][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.843056][ T5552] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.860434][ T5552] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.876377][ T5552] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   78.889217][ T5552] EXT4-fs (loop5): This should not happen!! Data will be lost
[   78.889217][ T5552] 
[   78.899340][ T3379] vhci_hcd: vhci_device speed not set
[   78.899758][ T5552] EXT4-fs (loop5): Total free blocks count 0
[   78.911951][ T5552] EXT4-fs (loop5): Free/Dirty block details
[   78.918612][ T5552] EXT4-fs (loop5): free_blocks=0
[   78.923931][ T5552] EXT4-fs (loop5): dirty_blocks=0
[   78.929211][ T5552] EXT4-fs (loop5): Block reservation details
[   78.935402][ T5552] EXT4-fs (loop5): i_reserved_data_blocks=0
[   78.973826][ T5560] loop1: detected capacity change from 0 to 1024
[   78.981265][ T5560] EXT4-fs: inline encryption not supported
[   78.988127][ T5560] EXT4-fs: Ignoring removed i_version option
[   78.995299][ T5560] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.005180][ T5560] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   79.025900][ T5560] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.582: lblock 2 mapped to illegal pblock 2 (length 1)
[   79.042463][ T5560] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 48: comm syz.1.582: lblock 0 mapped to illegal pblock 48 (length 1)
[   79.060484][ T5524] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   79.071413][ T5524] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.071906][ T5560] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.582: Failed to acquire dquot type 0
[   79.098035][ T5552] af_packet: tpacket_rcv: packet too big, clamped from 16 to 4294967272. macoff=96
[   79.159951][ T5568] loop3: detected capacity change from 0 to 128
[   79.172108][ T5568] FAT-fs (loop3): Directory bread(block 162) failed
[   79.180044][ T5568] FAT-fs (loop3): Directory bread(block 163) failed
[   79.192061][ T5568] FAT-fs (loop3): Directory bread(block 164) failed
[   79.201849][ T5568] FAT-fs (loop3): Directory bread(block 165) failed
[   79.209849][ T5568] FAT-fs (loop3): Directory bread(block 166) failed
[   79.217265][ T5568] FAT-fs (loop3): Directory bread(block 167) failed
[   79.226034][ T5568] FAT-fs (loop3): Directory bread(block 168) failed
[   79.234082][ T5568] FAT-fs (loop3): Directory bread(block 169) failed
[   79.245103][   T51] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xff
[   79.257242][ T5568] FAT-fs (loop3): Directory bread(block 162) failed
[   79.266725][ T5568] FAT-fs (loop3): Directory bread(block 163) failed
[   79.274828][ T5568] syz.3.586: attempt to access beyond end of device
[   79.274828][ T5568] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[   79.291198][ T5568] syz.3.586: attempt to access beyond end of device
[   79.291198][ T5568] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[   79.350215][ T5575] loop3: detected capacity change from 0 to 128
[   79.372543][ T5575] FAT-fs (loop3): Directory bread(block 162) failed
[   79.379799][ T5575] FAT-fs (loop3): Directory bread(block 163) failed
[   79.392024][ T5575] FAT-fs (loop3): Directory bread(block 164) failed
[   79.425091][ T5524] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   79.433725][ T5524] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.443837][ T5575] FAT-fs (loop3): Directory bread(block 165) failed
[   79.451026][ T5575] FAT-fs (loop3): Directory bread(block 166) failed
[   79.480738][ T5524] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   79.489569][ T5524] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.504474][ T5575] FAT-fs (loop3): Directory bread(block 167) failed
[   79.509295][ T5560] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   79.512147][ T5575] FAT-fs (loop3): Directory bread(block 168) failed
[   79.528737][ T5560] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.582: mark_inode_dirty error
[   79.529553][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.541517][ T5524] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   79.550378][ T5575] FAT-fs (loop3): Directory bread(block 169) failed
[   79.559214][ T5524] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.575684][ T5560] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   79.588683][ T5560] EXT4-fs (loop1): 1 orphan inode deleted
[   79.589360][ T5575] FAT-fs (loop3): Directory bread(block 162) failed
[   79.597491][ T5560] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.625917][ T5575] FAT-fs (loop3): Directory bread(block 163) failed
[   79.628801][ T5524] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   79.633554][  T560] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[   79.641854][ T5524] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.658618][ T5575] syz.3.587: attempt to access beyond end of device
[   79.658618][ T5575] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[   79.684702][  T560] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[   79.700993][ T5575] syz.3.587: attempt to access beyond end of device
[   79.700993][ T5575] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[   79.715606][ T5560] netlink: 68 bytes leftover after parsing attributes in process `syz.1.582'.
[   79.733869][ T5560] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   79.755042][ T5577] ������: renamed from vlan1 (while UP)
[   79.872854][ T5560] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.893932][ T5560] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.582: Invalid inode table block 1 in block_group 0
[   79.948475][ T5590] netlink: 16 bytes leftover after parsing attributes in process `syz.2.590'.
[   79.958221][ T5560] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   79.971740][ T5560] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz.1.582: mark_inode_dirty error
[   80.779036][   T29] kauditd_printk_skb: 76 callbacks suppressed
[   80.779049][   T29] audit: type=1326 audit(1753276484.397:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5613 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3678dae9a9 code=0x7ffc0000
[   80.808621][   T29] audit: type=1326 audit(1753276484.397:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5613 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3678dae9a9 code=0x7ffc0000
[   80.832156][   T29] audit: type=1326 audit(1753276484.397:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5613 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3678dae9a9 code=0x7ffc0000
[   80.855585][   T29] audit: type=1326 audit(1753276484.397:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5613 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3678dae9a9 code=0x7ffc0000
[   80.878966][   T29] audit: type=1326 audit(1753276484.397:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5613 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3678dae9a9 code=0x7ffc0000
[   80.902619][   T29] audit: type=1326 audit(1753276484.397:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5613 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f3678dae9a9 code=0x7ffc0000
[   80.926156][   T29] audit: type=1326 audit(1753276484.397:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5613 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3678dae9a9 code=0x7ffc0000
[   80.950041][   T29] audit: type=1326 audit(1753276484.397:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5613 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3678dae9a9 code=0x7ffc0000
[   80.978870][ T5622] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.014340][ T5624] FAULT_INJECTION: forcing a failure.
[   81.014340][ T5624] name failslab, interval 1, probability 0, space 0, times 0
[   81.027242][ T5624] CPU: 0 UID: 0 PID: 5624 Comm: syz.1.602 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   81.027265][ T5624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   81.027276][ T5624] Call Trace:
[   81.027331][ T5624]  <TASK>
[   81.027339][ T5624]  __dump_stack+0x1d/0x30
[   81.027398][ T5624]  dump_stack_lvl+0xe8/0x140
[   81.027414][ T5624]  dump_stack+0x15/0x1b
[   81.027427][ T5624]  should_fail_ex+0x265/0x280
[   81.027456][ T5624]  should_failslab+0x8c/0xb0
[   81.027555][ T5624]  kmem_cache_alloc_node_noprof+0x57/0x320
[   81.027630][ T5624]  ? __alloc_skb+0x101/0x320
[   81.027653][ T5624]  __alloc_skb+0x101/0x320
[   81.027677][ T5624]  ? audit_log_start+0x365/0x6c0
[   81.027743][ T5624]  audit_log_start+0x380/0x6c0
[   81.027772][ T5624]  audit_seccomp+0x48/0x100
[   81.027792][ T5624]  ? __seccomp_filter+0x68c/0x10d0
[   81.027857][ T5624]  __seccomp_filter+0x69d/0x10d0
[   81.027875][ T5624]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   81.027984][ T5624]  ? vfs_write+0x75e/0x8e0
[   81.028008][ T5624]  ? __rcu_read_unlock+0x4f/0x70
[   81.028032][ T5624]  ? __fget_files+0x184/0x1c0
[   81.028053][ T5624]  __secure_computing+0x82/0x150
[   81.028073][ T5624]  syscall_trace_enter+0xcf/0x1e0
[   81.028093][ T5624]  do_syscall_64+0xac/0x200
[   81.028109][ T5624]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   81.028151][ T5624]  ? clear_bhb_loop+0x40/0x90
[   81.028172][ T5624]  ? clear_bhb_loop+0x40/0x90
[   81.028278][ T5624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.028300][ T5624] RIP: 0033:0x7fd6de60e9a9
[   81.028319][ T5624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.028335][ T5624] RSP: 002b:00007fd6dcc6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   81.028351][ T5624] RAX: ffffffffffffffda RBX: 00007fd6de835fa0 RCX: 00007fd6de60e9a9
[   81.028406][ T5624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   81.028419][ T5624] RBP: 00007fd6dcc6f090 R08: 0000000000000000 R09: 0000000000000000
[   81.028446][ T5624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.028534][ T5624] R13: 0000000000000000 R14: 00007fd6de835fa0 R15: 00007ffd9f547a78
[   81.028565][ T5624]  </TASK>
[   81.028574][ T5624] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[   81.141709][   T29] audit: type=1326 audit(1753276484.637:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.1.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6de60e9a9 code=0x7ffc0000
[   81.214876][ T5636] loop2: detected capacity change from 0 to 7
[   81.333363][ T5622] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.347775][ T5641] netlink: 'syz.1.605': attribute type 10 has an invalid length.
[   81.355639][ T5641] netlink: 40 bytes leftover after parsing attributes in process `syz.1.605'.
[   81.368529][ T5641] team0: Port device geneve1 added
[   81.377222][ T5643] netlink: 68 bytes leftover after parsing attributes in process `syz.0.609'.
[   81.463362][ T5622] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.523408][ T5622] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.862028][ T5654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.612'.
[   81.891150][ T5622] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.975986][ T5622] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.001357][ T5659] loop2: detected capacity change from 0 to 7
[   82.027924][ T5622] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.044699][ T5622] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.088889][ T5661] loop5: detected capacity change from 0 to 128
[   82.097426][ T5661] FAT-fs (loop5): Directory bread(block 162) failed
[   82.107447][ T5661] FAT-fs (loop5): Directory bread(block 163) failed
[   82.114452][ T5661] FAT-fs (loop5): Directory bread(block 164) failed
[   82.121554][ T5661] FAT-fs (loop5): Directory bread(block 165) failed
[   82.128636][ T5661] FAT-fs (loop5): Directory bread(block 166) failed
[   82.135499][ T5661] FAT-fs (loop5): Directory bread(block 167) failed
[   82.142253][ T5661] FAT-fs (loop5): Directory bread(block 168) failed
[   82.148866][ T5661] FAT-fs (loop5): Directory bread(block 169) failed
[   82.156443][ T5661] FAT-fs (loop5): Directory bread(block 162) failed
[   82.163152][ T5661] FAT-fs (loop5): Directory bread(block 163) failed
[   82.170158][ T5661] syz.5.614: attempt to access beyond end of device
[   82.170158][ T5661] loop5: rw=3, sector=226, nr_sectors = 6 limit=128
[   82.176205][ T5669] netlink: 'syz.3.615': attribute type 10 has an invalid length.
[   82.183217][ T5661] syz.5.614: attempt to access beyond end of device
[   82.183217][ T5661] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128
[   82.204778][ T5669] netlink: 40 bytes leftover after parsing attributes in process `syz.3.615'.
[   82.213886][ T5670] loop1: detected capacity change from 0 to 512
[   82.233418][ T5670] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.253779][ T5670] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.266764][ T5675] loop5: detected capacity change from 0 to 512
[   82.288711][ T5670] netlink: 47 bytes leftover after parsing attributes in process `syz.1.617'.
[   82.302608][ T5675] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.315715][ T5678] loop2: detected capacity change from 0 to 1024
[   82.322819][ T5678] EXT4-fs: Ignoring removed orlov option
[   82.325981][ T5675] ext4 filesystem being mounted at /90/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.342603][ T5678] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.370418][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.416075][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.425309][ T5685] loop5: detected capacity change from 0 to 1024
[   82.432379][ T5685] EXT4-fs: inline encryption not supported
[   82.438440][ T5685] EXT4-fs: Ignoring removed i_version option
[   82.445300][ T5685] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.457067][ T5687] sch_tbf: peakrate 5 is lower than or equals to rate 16 !
[   82.457948][ T5685] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   82.476146][ T5687] loop2: detected capacity change from 0 to 512
[   82.476565][ T5685] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 2: comm syz.5.620: lblock 2 mapped to illegal pblock 2 (length 1)
[   82.483377][ T5687] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.497053][ T5685] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 48: comm syz.5.620: lblock 0 mapped to illegal pblock 48 (length 1)
[   82.519663][ T5685] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.620: Failed to acquire dquot type 0
[   82.531141][ T5685] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   82.540660][ T5685] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.620: mark_inode_dirty error
[   82.543761][ T5687] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.552485][ T5685] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   82.575033][ T5685] EXT4-fs (loop5): 1 orphan inode deleted
[   82.581255][ T5687] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.591780][  T560] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[   82.597623][ T5685] netlink: 68 bytes leftover after parsing attributes in process `syz.5.620'.
[   82.621210][ T5685] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   82.627171][  T560] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[   82.649101][ T5685] EXT4-fs error (device loop5): __ext4_get_inode_loc:4792: comm syz.5.620: Invalid inode table block 1 in block_group 0
[   82.662418][ T5685] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   82.672451][ T5685] EXT4-fs error (device loop5): ext4_quota_off:7217: inode #3: comm syz.5.620: mark_inode_dirty error
[   82.696077][ T5693] netlink: 8 bytes leftover after parsing attributes in process `syz.5.623'.
[   82.772559][ T5696] lo speed is unknown, defaulting to 1000
[   82.809766][ T5699] loop5: detected capacity change from 0 to 128
[   82.838654][ T5699] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.968135][ T5704] loop2: detected capacity change from 0 to 7
[   83.015900][ T5712] loop5: detected capacity change from 0 to 128
[   83.029408][ T5712] syz.5.630: attempt to access beyond end of device
[   83.029408][ T5712] loop5: rw=0, sector=2072, nr_sectors = 1 limit=128
[   83.097279][ T5715] syz.5.633 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   83.124354][ T5723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.635'.
[   83.318767][ T5726] loop5: detected capacity change from 0 to 1024
[   83.393325][ T5726] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.633: Failed to acquire dquot type 0
[   83.427545][ T5726] EXT4-fs (loop5): 1 truncate cleaned up
[   83.692955][ T5738] netlink: 'syz.2.637': attribute type 10 has an invalid length.
[   83.700765][ T5738] netlink: 40 bytes leftover after parsing attributes in process `syz.2.637'.
[   83.716444][ T5738] team0: Port device geneve1 added
[   83.746280][ T5742] FAULT_INJECTION: forcing a failure.
[   83.746280][ T5742] name failslab, interval 1, probability 0, space 0, times 0
[   83.754323][ T5740] vlan2: entered promiscuous mode
[   83.759608][ T5742] CPU: 1 UID: 0 PID: 5742 Comm: syz.5.638 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   83.759638][ T5742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.759649][ T5742] Call Trace:
[   83.759654][ T5742]  <TASK>
[   83.759662][ T5742]  __dump_stack+0x1d/0x30
[   83.759690][ T5742]  dump_stack_lvl+0xe8/0x140
[   83.759715][ T5742]  dump_stack+0x15/0x1b
[   83.759728][ T5742]  should_fail_ex+0x265/0x280
[   83.759757][ T5742]  should_failslab+0x8c/0xb0
[   83.759776][ T5742]  kmem_cache_alloc_noprof+0x50/0x310
[   83.759798][ T5742]  ? mas_alloc_nodes+0x265/0x520
[   83.759818][ T5742]  mas_alloc_nodes+0x265/0x520
[   83.759843][ T5742]  mas_preallocate+0x33e/0x520
[   83.759884][ T5742]  mmap_region+0xb7e/0x1580
[   83.759924][ T5742]  do_mmap+0x9b3/0xbe0
[   83.759963][ T5742]  vm_mmap_pgoff+0x17a/0x2e0
[   83.759989][ T5742]  ksys_mmap_pgoff+0xc2/0x310
[   83.760019][ T5742]  ? __x64_sys_mmap+0x49/0x70
[   83.760039][ T5742]  x64_sys_call+0x1602/0x2fb0
[   83.760062][ T5742]  do_syscall_64+0xd2/0x200
[   83.760078][ T5742]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.760101][ T5742]  ? clear_bhb_loop+0x40/0x90
[   83.760120][ T5742]  ? clear_bhb_loop+0x40/0x90
[   83.760139][ T5742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.760158][ T5742] RIP: 0033:0x7f7c285ee9e3
[   83.760173][ T5742] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   83.760189][ T5742] RSP: 002b:00007f7c26c56d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   83.760206][ T5742] RAX: ffffffffffffffda RBX: 00000000000005c1 RCX: 00007f7c285ee9e3
[   83.760218][ T5742] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   83.760230][ T5742] RBP: 00002000000005c2 R08: 00000000ffffffff R09: 0000000000000000
[   83.760242][ T5742] R10: 0000000000000022 R11: 0000000000000246 R12: 000000000000000e
[   83.760253][ T5742] R13: 00007f7c26c56dec R14: 00007f7c26c56df0 R15: 00007ffc00f4c628
[   83.760270][ T5742]  </TASK>
[   83.973515][ T5740] macvlan1: entered promiscuous mode
[   84.075013][ T5760] 9p: Unknown access argument �kaller: -22
[   84.096911][ T5764] netlink: 8 bytes leftover after parsing attributes in process `syz.5.646'.
[   84.110148][ T5766] netlink: 24 bytes leftover after parsing attributes in process `syz.0.647'.
[   84.132416][ T5767] sd 0:0:1:0: device reset
[   84.186087][ T5771] loop5: detected capacity change from 0 to 1024
[   84.194918][ T5771] EXT4-fs: inline encryption not supported
[   84.200778][ T5771] EXT4-fs: Ignoring removed i_version option
[   84.211568][ T5771] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   84.223802][ T5771] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   84.303957][ T5771] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 2: comm syz.5.649: lblock 2 mapped to illegal pblock 2 (length 1)
[   84.329007][ T5771] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 48: comm syz.5.649: lblock 0 mapped to illegal pblock 48 (length 1)
[   84.346593][ T5771] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.649: Failed to acquire dquot type 0
[   84.371796][ T5771] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   84.384973][ T5771] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.649: mark_inode_dirty error
[   84.397763][ T5771] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   84.414553][ T5771] EXT4-fs (loop5): 1 orphan inode deleted
[   84.445490][ T5789] loop1: detected capacity change from 0 to 128
[   84.489671][ T5789] FAT-fs (loop1): bogus number of reserved sectors
[   84.496793][ T5789] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   84.506667][ T5789] FAT-fs (loop1): Can't find a valid FAT filesystem
[   84.540725][ T5771] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   84.685179][ T5791] loop2: detected capacity change from 0 to 512
[   84.764131][ T5791] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.852445][  T560] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[   84.873271][  T560] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[   84.885992][ T5797] netlink: 20 bytes leftover after parsing attributes in process `syz.1.657'.
[   84.909815][ T5771] EXT4-fs error (device loop5): __ext4_get_inode_loc:4792: comm syz.5.649: Invalid inode table block 1 in block_group 0
[   84.934725][ T5771] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   84.945881][ T5801] FAULT_INJECTION: forcing a failure.
[   84.945881][ T5801] name failslab, interval 1, probability 0, space 0, times 0
[   84.958997][ T5801] CPU: 1 UID: 0 PID: 5801 Comm: syz.1.659 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   84.959020][ T5801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   84.959030][ T5801] Call Trace:
[   84.959035][ T5801]  <TASK>
[   84.959042][ T5801]  __dump_stack+0x1d/0x30
[   84.959091][ T5801]  dump_stack_lvl+0xe8/0x140
[   84.959107][ T5801]  dump_stack+0x15/0x1b
[   84.959189][ T5801]  should_fail_ex+0x265/0x280
[   84.959212][ T5801]  ? audit_log_d_path+0x8d/0x150
[   84.959236][ T5801]  should_failslab+0x8c/0xb0
[   84.959330][ T5801]  __kmalloc_cache_noprof+0x4c/0x320
[   84.959354][ T5801]  audit_log_d_path+0x8d/0x150
[   84.959377][ T5801]  audit_log_d_path_exe+0x42/0x70
[   84.959459][ T5801]  audit_log_task+0x1e9/0x250
[   84.959484][ T5801]  audit_seccomp+0x61/0x100
[   84.959567][ T5801]  ? __seccomp_filter+0x68c/0x10d0
[   84.959636][ T5801]  __seccomp_filter+0x69d/0x10d0
[   84.959654][ T5801]  ? kernelmode_fixup_or_oops+0x59/0xb0
[   84.959725][ T5801]  ? lookup_ioctx+0x27/0x1e0
[   84.959810][ T5801]  __secure_computing+0x82/0x150
[   84.959830][ T5801]  syscall_trace_enter+0xcf/0x1e0
[   84.959856][ T5801]  do_syscall_64+0xac/0x200
[   84.959872][ T5801]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.959891][ T5801]  ? clear_bhb_loop+0x40/0x90
[   84.959984][ T5801]  ? clear_bhb_loop+0x40/0x90
[   84.960001][ T5801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.960054][ T5801] RIP: 0033:0x7fd6de60d3bc
[   84.960067][ T5801] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   84.960081][ T5801] RSP: 002b:00007fd6dcc6f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   84.960099][ T5801] RAX: ffffffffffffffda RBX: 00007fd6de835fa0 RCX: 00007fd6de60d3bc
[   84.960150][ T5801] RDX: 000000000000000f RSI: 00007fd6dcc6f0a0 RDI: 0000000000000005
[   84.960163][ T5801] RBP: 00007fd6dcc6f090 R08: 0000000000000000 R09: 0000000000000000
[   84.960175][ T5801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   84.960215][ T5801] R13: 0000000000000000 R14: 00007fd6de835fa0 R15: 00007ffd9f547a78
[   84.960230][ T5801]  </TASK>
[   84.971736][ T5771] EXT4-fs error (device loop5): ext4_quota_off:7217: inode #3: comm syz.5.649: mark_inode_dirty error
[   85.260341][ T5806] �����: renamed from vlan1 (while UP)
[   85.266787][ T5810] sctp: [Deprecated]: syz.5.663 (pid 5810) Use of int in max_burst socket option.
[   85.266787][ T5810] Use struct sctp_assoc_value instead
[   85.317860][ T5813] loop3: detected capacity change from 0 to 512
[   85.351256][ T5815] loop1: detected capacity change from 0 to 1024
[   85.360007][ T5813] ext4 filesystem being mounted at /99/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.360375][ T5817] loop2: detected capacity change from 0 to 512
[   85.379221][ T5815] EXT4-fs: Ignoring removed orlov option
[   85.385213][ T5813] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #4: comm syz.3.664: corrupted inode contents
[   85.409024][ T5813] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #4: comm syz.3.664: mark_inode_dirty error
[   85.409341][ T5817] ext4 filesystem being mounted at /133/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.443415][ T5813] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #4: comm syz.3.664: corrupted inode contents
[   85.501672][ T5813] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #4: comm syz.3.664: mark_inode_dirty error
[   85.516653][ T5813] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.664: Failed to acquire dquot type 1
[   85.532744][ T5827] netlink: 4 bytes leftover after parsing attributes in process `syz.1.668'.
[   85.590920][ T5829] loop2: detected capacity change from 0 to 256
[   85.607567][ T5829] FAT-fs (loop2): bogus number of FAT sectors
[   85.614330][ T5829] FAT-fs (loop2): Can't find a valid FAT filesystem
[   86.223672][ T5855] loop5: detected capacity change from 0 to 128
[   86.264688][ T5855] FAT-fs (loop5): Directory bread(block 162) failed
[   86.264715][   T29] kauditd_printk_skb: 209 callbacks suppressed
[   86.264725][   T29] audit: type=1400 audit(1753276489.887:1236): avc:  denied  { bind } for  pid=5856 comm="syz.3.676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   86.271301][ T5855] FAT-fs (loop5): Directory bread(block 163) failed
[   86.307833][ T5855] FAT-fs (loop5): Directory bread(block 164) failed
[   86.327605][ T5855] FAT-fs (loop5): Directory bread(block 165) failed
[   86.339190][   T29] audit: type=1400 audit(1753276489.957:1237): avc:  denied  { write } for  pid=5861 comm="syz.0.677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   86.342115][ T5864] loop3: detected capacity change from 0 to 512
[   86.363972][ T5855] FAT-fs (loop5): Directory bread(block 166) failed
[   86.376865][   T29] audit: type=1326 audit(1753276489.977:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.0.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   86.389934][ T5855] FAT-fs (loop5): Directory bread(block 167) failed
[   86.401501][   T29] audit: type=1326 audit(1753276489.977:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.0.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   86.426230][ T5855] FAT-fs (loop5): Directory bread(block 168) failed
[   86.431349][   T29] audit: type=1326 audit(1753276489.997:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.0.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   86.461935][   T29] audit: type=1326 audit(1753276489.997:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.0.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   86.468384][ T5855] FAT-fs (loop5): Directory bread(block 169) failed
[   86.485871][   T29] audit: type=1326 audit(1753276489.997:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.0.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   86.516479][   T29] audit: type=1326 audit(1753276489.997:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.0.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   86.536234][ T5855] FAT-fs (loop5): Directory bread(block 162) failed
[   86.539830][   T29] audit: type=1326 audit(1753276489.997:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.0.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   86.558146][ T5855] FAT-fs (loop5): Directory bread(block 163) failed
[   86.569883][   T29] audit: type=1326 audit(1753276489.997:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.0.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   86.597167][ T5855] syz.5.675: attempt to access beyond end of device
[   86.597167][ T5855] loop5: rw=3, sector=226, nr_sectors = 6 limit=128
[   86.663462][ T5864] ext4 filesystem being mounted at /103/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.677006][ T5870] loop1: detected capacity change from 0 to 128
[   86.688192][ T5855] syz.5.675: attempt to access beyond end of device
[   86.688192][ T5855] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128
[   86.724274][ T5870] syz.1.680: attempt to access beyond end of device
[   86.724274][ T5870] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[   86.759408][ T5881] loop5: detected capacity change from 0 to 128
[   86.808145][ T5889] netlink: 'syz.3.687': attribute type 11 has an invalid length.
[   86.885784][ T5880] syz.5.682: attempt to access beyond end of device
[   86.885784][ T5880] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[   86.918355][ T5894] syz.5.682: attempt to access beyond end of device
[   86.918355][ T5894] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[   86.949655][ T5880] syz.5.682: attempt to access beyond end of device
[   86.949655][ T5880] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[   86.972794][ T5880] syz.5.682: attempt to access beyond end of device
[   86.972794][ T5880] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[   87.753771][ T5880] syz.5.682: attempt to access beyond end of device
[   87.753771][ T5880] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[   87.768085][ T5880] syz.5.682: attempt to access beyond end of device
[   87.768085][ T5880] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[   87.785888][ T5894] syz.5.682: attempt to access beyond end of device
[   87.785888][ T5894] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[   87.823750][ T5921] loop5: detected capacity change from 0 to 128
[   87.841027][ T5921] FAT-fs (loop5): Directory bread(block 162) failed
[   87.856856][ T5921] FAT-fs (loop5): Directory bread(block 163) failed
[   87.871556][ T5921] FAT-fs (loop5): Directory bread(block 164) failed
[   87.886019][ T5921] FAT-fs (loop5): Directory bread(block 165) failed
[   87.897467][ T5918] loop2: detected capacity change from 0 to 512
[   87.912906][ T5921] FAT-fs (loop5): Directory bread(block 166) failed
[   87.931561][ T5921] FAT-fs (loop5): Directory bread(block 167) failed
[   87.940415][ T5918] ext4 filesystem being mounted at /138/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.951850][ T5921] FAT-fs (loop5): Directory bread(block 168) failed
[   87.962901][ T5921] FAT-fs (loop5): Directory bread(block 169) failed
[   88.010483][ T5921] FAT-fs (loop5): Directory bread(block 162) failed
[   88.021092][ T5926] loop2: detected capacity change from 0 to 128
[   88.033814][ T5921] FAT-fs (loop5): Directory bread(block 163) failed
[   88.054718][ T5926] FAT-fs (loop2): Directory bread(block 162) failed
[   88.061363][ T5926] FAT-fs (loop2): Directory bread(block 163) failed
[   88.101962][ T5926] FAT-fs (loop2): Directory bread(block 164) failed
[   88.119114][ T5926] FAT-fs (loop2): Directory bread(block 165) failed
[   88.138389][ T5926] FAT-fs (loop2): Directory bread(block 166) failed
[   88.145806][ T5938] loop5: detected capacity change from 0 to 512
[   88.152807][ T5926] FAT-fs (loop2): Directory bread(block 167) failed
[   88.168592][ T5926] FAT-fs (loop2): Directory bread(block 168) failed
[   88.178270][ T5938] EXT4-fs warning (device loop5): dx_probe:837: inode #2: comm syz.5.699: Unimplemented hash flags: 0x0001
[   88.182082][ T5926] FAT-fs (loop2): Directory bread(block 169) failed
[   88.189987][ T5938] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.699: Corrupt directory, running e2fsck is recommended
[   88.239710][ T5926] FAT-fs (loop2): Directory bread(block 162) failed
[   88.258065][ T5926] FAT-fs (loop2): Directory bread(block 163) failed
[   88.279925][ T5940] EXT4-fs warning (device loop5): dx_probe:837: inode #2: comm syz.5.699: Unimplemented hash flags: 0x0001
[   88.291738][ T5940] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.699: Corrupt directory, running e2fsck is recommended
[   88.339232][ T5942] 9p: Unknown access argument �kaller: -22
[   88.349413][ T5938] EXT4-fs warning (device loop5): dx_probe:837: inode #2: comm syz.5.699: Unimplemented hash flags: 0x0001
[   88.362410][ T5938] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.699: Corrupt directory, running e2fsck is recommended
[   88.403185][ T5942] sd 0:0:1:0: device reset
[   88.419164][ T5945] EXT4-fs warning (device loop5): dx_probe:837: inode #2: comm syz.5.699: Unimplemented hash flags: 0x0001
[   88.430935][ T5945] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.699: Corrupt directory, running e2fsck is recommended
[   88.509167][ T5938] EXT4-fs warning (device loop5): dx_probe:837: inode #2: comm syz.5.699: Unimplemented hash flags: 0x0001
[   88.520690][ T5938] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.699: Corrupt directory, running e2fsck is recommended
[   88.826770][ T3379] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.837571][ T3379] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   89.079558][ T5970] PID 5970 killed due to inadequate hugepage pool
[   89.144554][ T5973] __nla_validate_parse: 2 callbacks suppressed
[   89.144570][ T5973] netlink: 24 bytes leftover after parsing attributes in process `syz.5.707'.
[   89.395730][ T5975] xt_hashlimit: size too large, truncated to 1048576
[   89.402578][ T5975] xt_hashlimit: max too large, truncated to 1048576
[   89.469978][ T5977] netlink: 'syz.2.709': attribute type 21 has an invalid length.
[   89.478206][ T5977] netlink: 8 bytes leftover after parsing attributes in process `syz.2.709'.
[   89.524691][ T5982] loop2: detected capacity change from 0 to 128
[   89.581855][ T5990] loop2: detected capacity change from 0 to 1024
[   89.595345][ T5990] EXT4-fs: inline encryption not supported
[   89.601255][ T5990] EXT4-fs: Ignoring removed i_version option
[   89.623493][ T5990] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.642337][ T5990] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   89.668667][ T5990] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.714: lblock 2 mapped to illegal pblock 2 (length 1)
[   89.699605][ T5995] loop1: detected capacity change from 0 to 128
[   89.712570][ T5990] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.714: lblock 0 mapped to illegal pblock 48 (length 1)
[   89.741006][ T5995] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.751678][ T5990] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.714: Failed to acquire dquot type 0
[   89.775922][ T5990] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   89.798331][ T5990] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.714: mark_inode_dirty error
[   89.810829][ T5990] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   89.821504][ T5990] EXT4-fs (loop2): 1 orphan inode deleted
[   89.831937][   T41] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[   89.852249][ T5990] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   89.861970][   T41] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0
[   89.886602][ T5990] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.714: Invalid inode table block 1 in block_group 0
[   89.900076][ T5990] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   89.909693][ T5990] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz.2.714: mark_inode_dirty error
[   89.987572][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.5.717'.
[   90.023103][ T6007] loop5: detected capacity change from 0 to 512
[   90.494040][ T6008] capability: warning: `syz.5.720' uses 32-bit capabilities (legacy support in use)
[   90.512640][ T6014] netlink: 268 bytes leftover after parsing attributes in process `syz.0.719'.
[   90.521846][ T6014] unsupported nla_type 65024
[   90.554682][ T6007] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   90.570372][ T6007] EXT4-fs (loop5): 1 truncate cleaned up
[   90.850810][ T6031] loop5: detected capacity change from 0 to 1024
[   90.927880][ T6047] loop3: detected capacity change from 0 to 1024
[   90.934534][ T6044] loop2: detected capacity change from 0 to 1024
[   90.936318][ T6047] EXT4-fs: Ignoring removed orlov option
[   90.947681][ T6044] EXT4-fs: inline encryption not supported
[   90.953550][ T6044] EXT4-fs: Ignoring removed i_version option
[   90.960057][ T6044] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   90.977571][ T6050] loop5: detected capacity change from 0 to 512
[   90.984272][ T6044] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   90.999771][ T6044] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.729: lblock 2 mapped to illegal pblock 2 (length 1)
[   91.018362][ T6050] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.033130][ T6044] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.729: lblock 0 mapped to illegal pblock 48 (length 1)
[   91.074301][ T6044] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.729: Failed to acquire dquot type 0
[   91.088352][ T6044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   91.098568][ T6044] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.729: mark_inode_dirty error
[   91.110794][ T6044] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   91.121511][ T6044] EXT4-fs (loop2): 1 orphan inode deleted
[   91.135735][   T41] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[   91.153080][ T6044] netlink: 68 bytes leftover after parsing attributes in process `syz.2.729'.
[   91.203528][   T41] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0
[   91.220085][ T6044] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   91.232339][ T6044] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.729: Invalid inode table block 1 in block_group 0
[   91.250305][ T6044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   91.260430][ T6044] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz.2.729: mark_inode_dirty error
[   91.290604][ T6095] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   91.303613][ T6095] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.323081][ T6098] loop5: detected capacity change from 0 to 128
[   91.333294][ T6098] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.788997][ T6121] netlink: 'syz.5.745': attribute type 21 has an invalid length.
[   91.811666][ T6121] netlink: 'syz.5.745': attribute type 1 has an invalid length.
[   91.820083][ T6121] netlink: 144 bytes leftover after parsing attributes in process `syz.5.745'.
[   92.078071][ T6153] loop3: detected capacity change from 0 to 128
[   92.106933][ T6153] FAT-fs (loop3): Directory bread(block 162) failed
[   92.133688][ T6153] FAT-fs (loop3): Directory bread(block 163) failed
[   92.158890][ T6153] FAT-fs (loop3): Directory bread(block 164) failed
[   92.179335][ T6153] FAT-fs (loop3): Directory bread(block 165) failed
[   92.208526][ T6166] loop5: detected capacity change from 0 to 1024
[   92.217068][ T6153] FAT-fs (loop3): Directory bread(block 166) failed
[   92.237605][ T6166] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.243258][ T6153] FAT-fs (loop3): Directory bread(block 167) failed
[   92.278349][ T6153] FAT-fs (loop3): Directory bread(block 168) failed
[   92.288204][ T6166] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   92.295519][ T6153] FAT-fs (loop3): Directory bread(block 169) failed
[   92.300768][ T6166] EXT4-fs (loop5): This should not happen!! Data will be lost
[   92.300768][ T6166] 
[   92.318401][ T6166] EXT4-fs (loop5): Total free blocks count 0
[   92.324724][ T6166] EXT4-fs (loop5): Free/Dirty block details
[   92.330749][ T6166] EXT4-fs (loop5): free_blocks=0
[   92.335913][ T6166] EXT4-fs (loop5): dirty_blocks=0
[   92.341107][ T6166] EXT4-fs (loop5): Block reservation details
[   92.347612][ T6166] EXT4-fs (loop5): i_reserved_data_blocks=0
[   92.358294][ T6153] FAT-fs (loop3): Directory bread(block 162) failed
[   92.365275][ T6153] FAT-fs (loop3): Directory bread(block 163) failed
[   92.374494][ T6153] bio_check_eod: 25 callbacks suppressed
[   92.374508][ T6153] syz.3.747: attempt to access beyond end of device
[   92.374508][ T6153] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[   92.394383][ T6153] syz.3.747: attempt to access beyond end of device
[   92.394383][ T6153] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[   92.433842][ T6176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.751'.
[   92.441292][   T29] kauditd_printk_skb: 147 callbacks suppressed
[   92.441306][   T29] audit: type=1400 audit(1753276502.056:1387): avc:  denied  { name_connect } for  pid=6177 comm="syz.2.752" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   92.478158][   T29] audit: type=1400 audit(1753276502.096:1388): avc:  denied  { listen } for  pid=6177 comm="syz.2.752" lport=60724 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   92.503343][ T6176] netlink: 40 bytes leftover after parsing attributes in process `syz.0.751'.
[   92.531722][   T29] audit: type=1400 audit(1753276502.106:1389): avc:  denied  { mounton } for  pid=6181 comm="syz.3.753" path="/proc/332/task" dev="proc" ino=13783 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   92.554547][   T29] audit: type=1400 audit(1753276502.106:1390): avc:  denied  { mount } for  pid=6181 comm="syz.3.753" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   92.577114][   T29] audit: type=1326 audit(1753276502.136:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6175 comm="syz.0.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   92.590231][ T6193] loop2: detected capacity change from 0 to 512
[   92.601042][   T29] audit: type=1326 audit(1753276502.136:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6175 comm="syz.0.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   92.601073][   T29] audit: type=1400 audit(1753276502.146:1393): avc:  denied  { accept } for  pid=6177 comm="syz.2.752" lport=60724 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   92.616224][ T6184] loop3: detected capacity change from 0 to 8192
[   92.631421][   T29] audit: type=1400 audit(1753276502.146:1394): avc:  denied  { write } for  pid=6177 comm="syz.2.752" lport=60724 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   92.631448][   T29] audit: type=1400 audit(1753276502.146:1395): avc:  denied  { setopt } for  pid=6177 comm="syz.2.752" lport=60724 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   92.652312][   T29] audit: type=1400 audit(1753276502.196:1396): avc:  denied  { ioctl } for  pid=6186 comm="syz.5.754" path="socket:[13792]" dev="sockfs" ino=13792 ioctlcmd=0x89e7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   92.747201][ T6193] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.756: Unimplemented hash flags: 0x0001
[   92.759154][ T6193] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.756: Corrupt directory, running e2fsck is recommended
[   92.774213][ T6193] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.756: Unimplemented hash flags: 0x0001
[   92.785868][ T6193] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.756: Corrupt directory, running e2fsck is recommended
[   92.789001][ T6210] FAULT_INJECTION: forcing a failure.
[   92.789001][ T6210] name failslab, interval 1, probability 0, space 0, times 0
[   92.807737][ T6193] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.756: Unimplemented hash flags: 0x0001
[   92.812040][ T6210] CPU: 1 UID: 0 PID: 6210 Comm: syz.5.757 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   92.812070][ T6210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.812082][ T6210] Call Trace:
[   92.812144][ T6210]  <TASK>
[   92.812158][ T6210]  __dump_stack+0x1d/0x30
[   92.812182][ T6210]  dump_stack_lvl+0xe8/0x140
[   92.812201][ T6210]  dump_stack+0x15/0x1b
[   92.812215][ T6210]  should_fail_ex+0x265/0x280
[   92.812234][ T6210]  should_failslab+0x8c/0xb0
[   92.812295][ T6210]  kmem_cache_alloc_noprof+0x50/0x310
[   92.812321][ T6210]  ? audit_log_start+0x365/0x6c0
[   92.812419][ T6210]  audit_log_start+0x365/0x6c0
[   92.812444][ T6210]  ? ref_tracker_alloc+0x1f2/0x2f0
[   92.812479][ T6210]  audit_seccomp+0x48/0x100
[   92.812626][ T6210]  ? __seccomp_filter+0x68c/0x10d0
[   92.812703][ T6210]  __seccomp_filter+0x69d/0x10d0
[   92.812724][ T6210]  ? update_load_avg+0x1da/0x820
[   92.812749][ T6210]  ? __list_add_valid_or_report+0x38/0xe0
[   92.812792][ T6210]  ? _raw_spin_unlock+0x26/0x50
[   92.812817][ T6210]  __secure_computing+0x82/0x150
[   92.812903][ T6210]  syscall_trace_enter+0xcf/0x1e0
[   92.812927][ T6210]  do_syscall_64+0xac/0x200
[   92.812946][ T6210]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.812969][ T6210]  ? clear_bhb_loop+0x40/0x90
[   92.813062][ T6210]  ? clear_bhb_loop+0x40/0x90
[   92.813081][ T6210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.813102][ T6210] RIP: 0033:0x7f7c285ed3bc
[   92.813118][ T6210] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   92.813135][ T6210] RSP: 002b:00007f7c26c57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   92.813155][ T6210] RAX: ffffffffffffffda RBX: 00007f7c28815fa0 RCX: 00007f7c285ed3bc
[   92.813228][ T6210] RDX: 000000000000000f RSI: 00007f7c26c570a0 RDI: 0000000000000006
[   92.813240][ T6210] RBP: 00007f7c26c57090 R08: 0000000000000000 R09: 0000000000000000
[   92.813257][ T6210] R10: 0000000000000042 R11: 0000000000000246 R12: 0000000000000002
[   92.813320][ T6210] R13: 0000000000000000 R14: 00007f7c28815fa0 R15: 00007ffc00f4c628
[   92.813394][ T6210]  </TASK>
[   93.042412][ T6193] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.756: Corrupt directory, running e2fsck is recommended
[   93.065808][ T6220] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.756: Unimplemented hash flags: 0x0001
[   93.077853][ T6220] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.756: Corrupt directory, running e2fsck is recommended
[   93.093103][ T6214] EXT4-fs warning (device loop2): dx_probe:837: inode #2: comm syz.2.756: Unimplemented hash flags: 0x0001
[   93.104875][ T6214] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.756: Corrupt directory, running e2fsck is recommended
[   93.184368][ T6242] loop5: detected capacity change from 0 to 128
[   93.211997][ T6253] loop2: detected capacity change from 0 to 1024
[   93.218677][ T6253] EXT4-fs: Ignoring removed orlov option
[   93.225310][ T6242] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.318313][ T6263] loop5: detected capacity change from 0 to 128
[   93.333018][ T6263] FAT-fs (loop5): Directory bread(block 162) failed
[   93.707132][ T6263] FAT-fs (loop5): Directory bread(block 163) failed
[   93.713836][ T6263] FAT-fs (loop5): Directory bread(block 164) failed
[   93.720452][ T6263] FAT-fs (loop5): Directory bread(block 165) failed
[   93.727377][ T6263] FAT-fs (loop5): Directory bread(block 166) failed
[   93.734023][ T6263] FAT-fs (loop5): Directory bread(block 167) failed
[   93.741658][ T6263] FAT-fs (loop5): Directory bread(block 168) failed
[   93.748602][ T6263] FAT-fs (loop5): Directory bread(block 169) failed
[   93.769802][ T6263] FAT-fs (loop5): Directory bread(block 162) failed
[   93.798697][ T6263] FAT-fs (loop5): Directory bread(block 163) failed
[   93.822228][ T6263] syz.5.763: attempt to access beyond end of device
[   93.822228][ T6263] loop5: rw=3, sector=226, nr_sectors = 6 limit=128
[   93.837612][ T6263] syz.5.763: attempt to access beyond end of device
[   93.837612][ T6263] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128
[   93.868570][ T6287] loop2: detected capacity change from 0 to 512
[   93.899651][ T6289] loop5: detected capacity change from 0 to 128
[   93.907208][ T6287] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.912308][ T6289] FAT-fs (loop5): Directory bread(block 162) failed
[   93.937935][ T6289] FAT-fs (loop5): Directory bread(block 163) failed
[   93.945272][ T6287] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.766: corrupted xattr block 33: invalid ea_ino
[   93.958600][ T6289] FAT-fs (loop5): Directory bread(block 164) failed
[   93.971371][ T6287] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   93.983516][ T6289] FAT-fs (loop5): Directory bread(block 165) failed
[   93.995019][ T6287] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.766: corrupted xattr block 33: invalid ea_ino
[   94.041751][ T6289] FAT-fs (loop5): Directory bread(block 166) failed
[   94.052237][ T6289] FAT-fs (loop5): Directory bread(block 167) failed
[   94.059183][ T6287] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   94.068376][ T6289] FAT-fs (loop5): Directory bread(block 168) failed
[   94.075731][ T6287] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.766: corrupted xattr block 33: invalid ea_ino
[   94.088993][ T6289] FAT-fs (loop5): Directory bread(block 169) failed
[   94.099633][ T6296] netlink: 8 bytes leftover after parsing attributes in process `syz.2.766'.
[   94.131984][ T6287] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   94.143171][ T6300] 9p: Unknown access argument �kaller: -22
[   94.148713][ T6289] FAT-fs (loop5): Directory bread(block 162) failed
[   94.158911][ T6289] FAT-fs (loop5): Directory bread(block 163) failed
[   94.166414][ T6287] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.766: corrupted xattr block 33: invalid ea_ino
[   94.181958][ T6289] syz.5.767: attempt to access beyond end of device
[   94.181958][ T6289] loop5: rw=3, sector=226, nr_sectors = 6 limit=128
[   94.187502][ T6303] loop3: detected capacity change from 0 to 128
[   94.206374][ T6287] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.766: corrupted xattr block 33: invalid ea_ino
[   94.213090][ T6300] sd 0:0:1:0: device reset
[   94.221176][ T6287] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   94.231937][ T6289] syz.5.767: attempt to access beyond end of device
[   94.231937][ T6289] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128
[   94.234560][ T6303] vfat: Bad value for 'check'
[   94.303564][ T6306] loop1: detected capacity change from 0 to 128
[   94.305459][ T6310] loop2: detected capacity change from 0 to 7
[   94.319205][ T6306] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.322222][ T6308] netlink: 4 bytes leftover after parsing attributes in process `syz.2.773'.
[   94.378681][ T6316] loop5: detected capacity change from 0 to 128
[   94.385901][ T6316] FAT-fs (loop5): Directory bread(block 162) failed
[   94.393138][ T6316] FAT-fs (loop5): Directory bread(block 163) failed
[   94.394145][ T6313] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.399826][ T6316] FAT-fs (loop5): Directory bread(block 164) failed
[   94.412030][ T6317] loop2: detected capacity change from 0 to 1024
[   94.417940][ T6316] FAT-fs (loop5): Directory bread(block 165) failed
[   94.429693][ T6316] FAT-fs (loop5): Directory bread(block 166) failed
[   94.433797][ T6317] EXT4-fs: Ignoring removed orlov option
[   94.436538][ T6316] FAT-fs (loop5): Directory bread(block 167) failed
[   94.449193][ T6316] FAT-fs (loop5): Directory bread(block 168) failed
[   94.456194][ T6316] FAT-fs (loop5): Directory bread(block 169) failed
[   94.489740][ T6316] FAT-fs (loop5): Directory bread(block 162) failed
[   94.497073][ T6316] FAT-fs (loop5): Directory bread(block 163) failed
[   94.497961][ T6313] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.504386][ T6316] syz.5.778: attempt to access beyond end of device
[   94.504386][ T6316] loop5: rw=3, sector=226, nr_sectors = 6 limit=128
[   94.527699][ T6316] syz.5.778: attempt to access beyond end of device
[   94.527699][ T6316] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128
[   94.574639][ T6313] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.605919][ T6328] loop3: detected capacity change from 0 to 512
[   94.617687][ T6328] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.780: Unimplemented hash flags: 0x0001
[   94.629276][ T6328] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.780: Corrupt directory, running e2fsck is recommended
[   94.651970][ T6328] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.780: Unimplemented hash flags: 0x0001
[   94.663521][ T6328] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.780: Corrupt directory, running e2fsck is recommended
[   94.676767][ T6328] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.780: Unimplemented hash flags: 0x0001
[   94.677484][ T6313] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.688394][ T6328] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.780: Corrupt directory, running e2fsck is recommended
[   94.714677][ T6328] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.780: Unimplemented hash flags: 0x0001
[   94.727207][ T6328] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.780: Corrupt directory, running e2fsck is recommended
[   94.740552][ T6328] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.780: Unimplemented hash flags: 0x0001
[   94.751986][ T6328] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.780: Corrupt directory, running e2fsck is recommended
[   94.825145][ T6313] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.836225][ T6341] netlink: 4 bytes leftover after parsing attributes in process `syz.5.785'.
[   94.854416][ T6346] loop3: detected capacity change from 0 to 128
[   94.862374][ T6313] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.875247][ T6346] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.887400][ T6313] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.909305][ T6313] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.942328][ T6349] loop5: detected capacity change from 0 to 2048
[   94.957242][ T6351] loop3: detected capacity change from 0 to 128
[   94.965433][ T6351] FAT-fs (loop3): Directory bread(block 162) failed
[   94.972335][ T6351] FAT-fs (loop3): Directory bread(block 163) failed
[   94.979031][ T6351] FAT-fs (loop3): Directory bread(block 164) failed
[   94.985863][ T6351] FAT-fs (loop3): Directory bread(block 165) failed
[   94.992707][ T6351] FAT-fs (loop3): Directory bread(block 166) failed
[   94.999574][ T6351] FAT-fs (loop3): Directory bread(block 167) failed
[   95.006877][ T6351] FAT-fs (loop3): Directory bread(block 168) failed
[   95.014883][ T6351] FAT-fs (loop3): Directory bread(block 169) failed
[   95.024885][ T6351] FAT-fs (loop3): Directory bread(block 162) failed
[   95.031523][ T6351] FAT-fs (loop3): Directory bread(block 163) failed
[   95.047452][ T6353] loop2: detected capacity change from 0 to 128
[   95.062845][ T6351] syz.3.789: attempt to access beyond end of device
[   95.062845][ T6351] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[   95.078617][ T6353] FAT-fs (loop2): Directory bread(block 162) failed
[   95.091761][ T6353] FAT-fs (loop2): Directory bread(block 163) failed
[   95.100532][ T6351] syz.3.789: attempt to access beyond end of device
[   95.100532][ T6351] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[   95.114958][ T6353] FAT-fs (loop2): Directory bread(block 164) failed
[   95.122592][ T6353] FAT-fs (loop2): Directory bread(block 165) failed
[   95.126729][ T6344] FAULT_INJECTION: forcing a failure.
[   95.126729][ T6344] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   95.129646][ T6353] FAT-fs (loop2): Directory bread(block 166) failed
[   95.142541][ T6344] CPU: 1 UID: 0 PID: 6344 Comm: syz.0.787 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   95.142568][ T6344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.142579][ T6344] Call Trace:
[   95.142586][ T6344]  <TASK>
[   95.142593][ T6344]  __dump_stack+0x1d/0x30
[   95.142613][ T6344]  dump_stack_lvl+0xe8/0x140
[   95.142632][ T6344]  dump_stack+0x15/0x1b
[   95.142645][ T6344]  should_fail_ex+0x265/0x280
[   95.142673][ T6344]  should_fail_alloc_page+0xf2/0x100
[   95.142699][ T6344]  __alloc_frozen_pages_noprof+0xff/0x360
[   95.142742][ T6344]  alloc_pages_mpol+0xb3/0x250
[   95.142849][ T6344]  alloc_pages_noprof+0x90/0x130
[   95.142913][ T6344]  get_free_pages_noprof+0xc/0x40
[   95.142940][ T6344]  __pollwait+0xc2/0x270
[   95.143009][ T6344]  ? __pfx___pollwait+0x10/0x10
[   95.143036][ T6344]  pipe_poll+0x101/0x250
[   95.143117][ T6344]  ? __pfx_pipe_poll+0x10/0x10
[   95.143135][ T6344]  do_sys_poll+0x65e/0xbd0
[   95.143164][ T6344]  ? __pfx___pollwait+0x10/0x10
[   95.143192][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143228][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143256][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143329][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143358][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143466][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143494][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143676][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143705][ T6344]  ? __pfx_pollwake+0x10/0x10
[   95.143736][ T6344]  __se_sys_poll+0xdd/0x200
[   95.143806][ T6344]  __x64_sys_poll+0x43/0x50
[   95.143892][ T6344]  x64_sys_call+0x2dc4/0x2fb0
[   95.143930][ T6344]  do_syscall_64+0xd2/0x200
[   95.143949][ T6344]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.143974][ T6344]  ? clear_bhb_loop+0x40/0x90
[   95.143996][ T6344]  ? clear_bhb_loop+0x40/0x90
[   95.144017][ T6344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.144061][ T6344] RIP: 0033:0x7fd3d531e9a9
[   95.144076][ T6344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.144093][ T6344] RSP: 002b:00007fd3d3987038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[   95.144112][ T6344] RAX: ffffffffffffffda RBX: 00007fd3d5545fa0 RCX: 00007fd3d531e9a9
[   95.144124][ T6344] RDX: 0000000000000009 RSI: 20000000000000b5 RDI: 0000200000000000
[   95.144137][ T6344] RBP: 00007fd3d3987090 R08: 0000000000000000 R09: 0000000000000000
[   95.144154][ T6344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.144166][ T6344] R13: 0000000000000000 R14: 00007fd3d5545fa0 R15: 00007ffd9eb15378
[   95.144200][ T6344]  </TASK>
[   95.409769][ T6353] FAT-fs (loop2): Directory bread(block 167) failed
[   95.424721][ T6353] FAT-fs (loop2): Directory bread(block 168) failed
[   95.431558][ T6353] FAT-fs (loop2): Directory bread(block 169) failed
[   95.537757][ T6370] loop3: detected capacity change from 0 to 512
[   95.545217][ T6371] loop2: detected capacity change from 0 to 7
[   95.555742][ T6370] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.796: Unimplemented hash flags: 0x0001
[   95.567202][ T6370] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.796: Corrupt directory, running e2fsck is recommended
[   95.590437][ T6370] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.796: Unimplemented hash flags: 0x0001
[   95.601953][ T6370] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.796: Corrupt directory, running e2fsck is recommended
[   95.732834][   T31] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xff
[   95.765764][ T6387] loop2: detected capacity change from 0 to 7
[   95.783050][ T6380] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.796: Unimplemented hash flags: 0x0001
[   95.794523][ T6380] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.796: Corrupt directory, running e2fsck is recommended
[   95.843240][ T6385] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.796: Unimplemented hash flags: 0x0001
[   95.854793][ T6385] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.796: Corrupt directory, running e2fsck is recommended
[   95.902634][ T6370] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.796: Unimplemented hash flags: 0x0001
[   95.914222][ T6370] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.796: Corrupt directory, running e2fsck is recommended
[   96.004761][ T3306] EXT4-fs unmount: 61 callbacks suppressed
[   96.004827][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.286476][ T6400] loop1: detected capacity change from 0 to 1024
[   96.301294][ T6400] EXT4-fs: Ignoring removed orlov option
[   96.318838][ T6400] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   96.342707][ T6402] loop2: detected capacity change from 0 to 1024
[   96.357725][ T6402] EXT4-fs: inline encryption not supported
[   96.363672][ T6402] EXT4-fs: Ignoring removed i_version option
[   96.370575][ T6402] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   96.379280][ T6402] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   96.392056][ T6400] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.409003][ T6402] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.805: lblock 2 mapped to illegal pblock 2 (length 1)
[   96.427481][ T6400] siw: device registration error -23
[   96.433277][ T6402] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.805: lblock 0 mapped to illegal pblock 48 (length 1)
[   96.449666][ T6400] EXT4-fs error (device loop1): ext4_check_all_de:659: inode #12: block 7: comm syz.1.804: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[   96.469519][ T6402] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.805: Failed to acquire dquot type 0
[   96.486999][ T6402] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   96.496625][ T6402] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.805: mark_inode_dirty error
[   96.508029][ T6402] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   96.509262][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.518265][ T6402] EXT4-fs (loop2): 1 orphan inode deleted
[   96.518687][ T6402] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.545731][   T31] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[   96.545790][   T51] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xff
[   96.569448][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 0
[   96.581358][ T6402] netlink: 68 bytes leftover after parsing attributes in process `syz.2.805'.
[   96.596211][ T6402] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[   96.611211][ T6413] loop1: detected capacity change from 0 to 128
[   96.618809][ T6413] FAT-fs (loop1): Directory bread(block 162) failed
[   96.618853][ T6402] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.625562][ T6413] FAT-fs (loop1): Directory bread(block 163) failed
[   96.641856][ T6413] FAT-fs (loop1): Directory bread(block 164) failed
[   96.642040][ T6402] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.805: Invalid inode table block 1 in block_group 0
[   96.648723][ T6413] FAT-fs (loop1): Directory bread(block 165) failed
[   96.648744][ T6413] FAT-fs (loop1): Directory bread(block 166) failed
[   96.674823][ T6413] FAT-fs (loop1): Directory bread(block 167) failed
[   96.677005][ T6402] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   96.681768][ T6413] FAT-fs (loop1): Directory bread(block 168) failed
[   96.691102][ T6402] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz.2.805: mark_inode_dirty error
[   96.708920][ T6413] FAT-fs (loop1): Directory bread(block 169) failed
[   96.765030][ T6423] loop1: detected capacity change from 0 to 128
[   96.773195][ T6423] vfat: Unknown parameter 'lo'
[   96.793859][ T6424] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   96.803755][ T6424] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.838447][ T6428] netlink: 4 bytes leftover after parsing attributes in process `syz.0.810'.
[   96.859846][ T6424] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   96.869709][ T6424] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.913374][ T6424] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   96.923518][ T6424] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.005149][ T6424] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   97.015128][ T6424] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.068267][ T6447] loop3: detected capacity change from 0 to 512
[   97.077860][ T6447] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   97.112982][ T6447] EXT4-fs (loop3): 1 truncate cleaned up
[   97.123970][ T6424] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   97.129970][ T6452] loop5: detected capacity change from 0 to 512
[   97.132295][ T6424] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.147707][ T6447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.163618][ T6424] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   97.165604][ T6452] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.171939][ T6424] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.175185][ T6424] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   97.200811][ T6424] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.212800][ T6424] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   97.221066][ T6424] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.223884][ T6452] ext4 filesystem being mounted at /141/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.233664][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.274441][ T6456] loop3: detected capacity change from 0 to 128
[   97.282685][ T6456] FAT-fs (loop3): Directory bread(block 162) failed
[   97.289900][ T6456] FAT-fs (loop3): Directory bread(block 163) failed
[   97.297611][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.306751][ T6456] FAT-fs (loop3): Directory bread(block 164) failed
[   97.313799][ T6456] FAT-fs (loop3): Directory bread(block 165) failed
[   97.326389][ T6456] FAT-fs (loop3): Directory bread(block 166) failed
[   97.333421][ T6456] FAT-fs (loop3): Directory bread(block 167) failed
[   97.343059][ T6456] FAT-fs (loop3): Directory bread(block 168) failed
[   97.349945][ T6456] FAT-fs (loop3): Directory bread(block 169) failed
[   98.187715][   T51] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xff
[   98.291635][   T29] kauditd_printk_skb: 208 callbacks suppressed
[   98.291653][   T29] audit: type=1326 audit(1753276507.806:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.321367][   T29] audit: type=1326 audit(1753276507.806:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.344859][   T29] audit: type=1326 audit(1753276507.806:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.368384][   T29] audit: type=1326 audit(1753276507.806:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.392030][   T29] audit: type=1326 audit(1753276507.806:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.415863][   T29] audit: type=1400 audit(1753276507.806:1605): avc:  denied  { create } for  pid=6468 comm="syz.0.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   98.435635][   T29] audit: type=1326 audit(1753276507.816:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.459479][   T29] audit: type=1326 audit(1753276507.816:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.466460][ T6479] loop1: detected capacity change from 0 to 128
[   98.483351][   T29] audit: type=1326 audit(1753276507.826:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.490655][ T6479] FAT-fs (loop1): Directory bread(block 162) failed
[   98.513005][   T29] audit: type=1326 audit(1753276507.826:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6468 comm="syz.0.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d531e9a9 code=0x7ffc0000
[   98.546292][ T6473] netlink: 12 bytes leftover after parsing attributes in process `syz.0.822'.
[   98.566278][ T6479] FAT-fs (loop1): Directory bread(block 163) failed
[   98.573335][ T6479] FAT-fs (loop1): Directory bread(block 164) failed
[   98.580397][ T6479] FAT-fs (loop1): Directory bread(block 165) failed
[   98.587239][ T6479] FAT-fs (loop1): Directory bread(block 166) failed
[   98.594825][ T6479] FAT-fs (loop1): Directory bread(block 167) failed
[   98.604555][ T6483] FAULT_INJECTION: forcing a failure.
[   98.604555][ T6483] name failslab, interval 1, probability 0, space 0, times 0
[   98.617230][ T6483] CPU: 1 UID: 0 PID: 6483 Comm: syz.2.826 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   98.617256][ T6483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.617266][ T6483] Call Trace:
[   98.617272][ T6483]  <TASK>
[   98.617280][ T6483]  __dump_stack+0x1d/0x30
[   98.617354][ T6483]  dump_stack_lvl+0xe8/0x140
[   98.617370][ T6483]  dump_stack+0x15/0x1b
[   98.617385][ T6483]  should_fail_ex+0x265/0x280
[   98.617415][ T6483]  should_failslab+0x8c/0xb0
[   98.617436][ T6483]  kmem_cache_alloc_noprof+0x50/0x310
[   98.617485][ T6483]  ? copy_signal+0x53/0x340
[   98.617509][ T6483]  copy_signal+0x53/0x340
[   98.617530][ T6483]  copy_process+0xcc7/0x1f90
[   98.617554][ T6483]  kernel_clone+0x16c/0x5b0
[   98.617619][ T6483]  ? vfs_write+0x75e/0x8e0
[   98.617644][ T6483]  __x64_sys_clone+0xe6/0x120
[   98.617727][ T6483]  x64_sys_call+0x2c59/0x2fb0
[   98.617746][ T6483]  do_syscall_64+0xd2/0x200
[   98.617763][ T6483]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.617852][ T6483]  ? clear_bhb_loop+0x40/0x90
[   98.617869][ T6483]  ? clear_bhb_loop+0x40/0x90
[   98.617886][ T6483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.617917][ T6483] RIP: 0033:0x7f3678dae9a9
[   98.617931][ T6483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.617946][ T6483] RSP: 002b:00007f3677416fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   98.617962][ T6483] RAX: ffffffffffffffda RBX: 00007f3678fd5fa0 RCX: 00007f3678dae9a9
[   98.617973][ T6483] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000004240000
[   98.618029][ T6483] RBP: 00007f3677417090 R08: 0000000000000000 R09: 0000000000000000
[   98.618043][ T6483] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[   98.618056][ T6483] R13: 0000000000000000 R14: 00007f3678fd5fa0 R15: 00007ffc57822808
[   98.618072][ T6483]  </TASK>
[   98.620500][ T6479] FAT-fs (loop1): Directory bread(block 168) failed
[   98.646865][ T6481] loop2: detected capacity change from 0 to 7
[   98.660193][ T6479] FAT-fs (loop1): Directory bread(block 169) failed
[   98.691823][ T6487] loop2: detected capacity change from 0 to 7
[   98.740897][ T6479] FAT-fs (loop1): Directory bread(block 162) failed
[   98.923022][ T6479] FAT-fs (loop1): Directory bread(block 163) failed
[   98.930402][ T6479] syz.1.824: attempt to access beyond end of device
[   98.930402][ T6479] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[   98.944732][ T6479] syz.1.824: attempt to access beyond end of device
[   98.944732][ T6479] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[   99.024332][ T6506] loop1: detected capacity change from 0 to 128
[   99.034053][ T6506] FAT-fs (loop1): Directory bread(block 162) failed
[   99.041748][ T6505] 9p: Unknown access argument �kaller: -22
[   99.047658][ T6506] FAT-fs (loop1): Directory bread(block 163) failed
[   99.054877][ T6506] FAT-fs (loop1): Directory bread(block 164) failed
[   99.061694][ T6506] FAT-fs (loop1): Directory bread(block 165) failed
[   99.068514][ T6506] FAT-fs (loop1): Directory bread(block 166) failed
[   99.075329][ T6506] FAT-fs (loop1): Directory bread(block 167) failed
[   99.082626][ T6506] FAT-fs (loop1): Directory bread(block 168) failed
[   99.089350][ T6506] FAT-fs (loop1): Directory bread(block 169) failed
[   99.098402][ T6506] FAT-fs (loop1): Directory bread(block 162) failed
[   99.110630][ T6506] FAT-fs (loop1): Directory bread(block 163) failed
[   99.123136][ T6506] syz.1.831: attempt to access beyond end of device
[   99.123136][ T6506] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[   99.137415][ T6506] syz.1.831: attempt to access beyond end of device
[   99.137415][ T6506] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[   99.179720][ T6520] bpf: Bad value for 'gid'
[   99.183239][ T6523] loop2: detected capacity change from 0 to 7
[   99.210757][ T6527] loop1: detected capacity change from 0 to 128
[   99.218850][ T6527] FAT-fs (loop1): Directory bread(block 162) failed
[   99.225633][ T6527] FAT-fs (loop1): Directory bread(block 163) failed
[   99.232746][ T6527] FAT-fs (loop1): Directory bread(block 164) failed
[   99.239512][ T6527] FAT-fs (loop1): Directory bread(block 165) failed
[   99.246960][ T6527] FAT-fs (loop1): Directory bread(block 166) failed
[   99.253936][ T6527] FAT-fs (loop1): Directory bread(block 167) failed
[   99.260853][ T6527] FAT-fs (loop1): Directory bread(block 168) failed
[   99.267637][ T6527] FAT-fs (loop1): Directory bread(block 169) failed
[   99.269354][ T6531] netlink: 4 bytes leftover after parsing attributes in process `syz.0.844'.
[   99.275718][ T6527] FAT-fs (loop1): Directory bread(block 162) failed
[   99.290315][ T6527] FAT-fs (loop1): Directory bread(block 163) failed
[   99.297621][ T6527] syz.1.842: attempt to access beyond end of device
[   99.297621][ T6527] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[   99.310860][ T6527] syz.1.842: attempt to access beyond end of device
[   99.310860][ T6527] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[   99.354369][ T6540] 9p: Unknown access argument �kaller: -22
[   99.426406][ T6551] loop1: detected capacity change from 0 to 128
[   99.434200][ T6551] FAT-fs (loop1): Directory bread(block 162) failed
[   99.440876][ T6551] FAT-fs (loop1): Directory bread(block 163) failed
[   99.448272][ T6551] FAT-fs (loop1): Directory bread(block 164) failed
[   99.455131][ T6551] FAT-fs (loop1): Directory bread(block 165) failed
[   99.461900][ T6551] FAT-fs (loop1): Directory bread(block 166) failed
[   99.468563][ T6551] FAT-fs (loop1): Directory bread(block 167) failed
[   99.475748][ T6551] FAT-fs (loop1): Directory bread(block 168) failed
[   99.482469][ T6551] FAT-fs (loop1): Directory bread(block 169) failed
[   99.490042][ T6551] FAT-fs (loop1): Directory bread(block 162) failed
[   99.496874][ T6551] FAT-fs (loop1): Directory bread(block 163) failed
[   99.503734][ T6551] syz.1.850: attempt to access beyond end of device
[   99.503734][ T6551] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[   99.517455][ T6551] syz.1.850: attempt to access beyond end of device
[   99.517455][ T6551] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[   99.547821][ T6554] netlink: 24 bytes leftover after parsing attributes in process `syz.1.851'.
[   99.570764][ T6556] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   99.710534][ T6565] loop5: detected capacity change from 0 to 1024
[   99.723007][ T6565] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.739895][ T6565] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 15 with error 28
[   99.752727][ T6565] EXT4-fs (loop5): This should not happen!! Data will be lost
[   99.752727][ T6565] 
[   99.762425][ T6565] EXT4-fs (loop5): Total free blocks count 0
[   99.768391][ T6565] EXT4-fs (loop5): Free/Dirty block details
[   99.774324][ T6565] EXT4-fs (loop5): free_blocks=0
[   99.779364][ T6565] EXT4-fs (loop5): dirty_blocks=0
[   99.784424][ T6565] EXT4-fs (loop5): Block reservation details
[   99.790401][ T6565] EXT4-fs (loop5): i_reserved_data_blocks=0
[   99.806134][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.825448][ T6570] netlink: 368 bytes leftover after parsing attributes in process `syz.5.855'.
[   99.838370][ T6573] loop3: detected capacity change from 0 to 128
[   99.848427][ T6573] syz.3.856: attempt to access beyond end of device
[   99.848427][ T6573] loop3: rw=0, sector=2071, nr_sectors = 1 limit=128
[   99.947945][ T6586] FAULT_INJECTION: forcing a failure.
[   99.947945][ T6586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.961595][ T6586] CPU: 0 UID: 0 PID: 6586 Comm: syz.3.859 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   99.961630][ T6586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.961640][ T6586] Call Trace:
[   99.961646][ T6586]  <TASK>
[   99.961653][ T6586]  __dump_stack+0x1d/0x30
[   99.961672][ T6586]  dump_stack_lvl+0xe8/0x140
[   99.961689][ T6586]  dump_stack+0x15/0x1b
[   99.961734][ T6586]  should_fail_ex+0x265/0x280
[   99.961768][ T6586]  should_fail+0xb/0x20
[   99.961793][ T6586]  should_fail_usercopy+0x1a/0x20
[   99.961823][ T6586]  _copy_to_user+0x20/0xa0
[   99.961903][ T6586]  simple_read_from_buffer+0xb5/0x130
[   99.961933][ T6586]  proc_fail_nth_read+0x100/0x140
[   99.962013][ T6586]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.962046][ T6586]  vfs_read+0x19d/0x6f0
[   99.962094][ T6586]  ? __rcu_read_unlock+0x4f/0x70
[   99.962115][ T6586]  ? __fget_files+0x184/0x1c0
[   99.962146][ T6586]  ? __sys_setsockopt+0x18e/0x200
[   99.962173][ T6586]  ksys_read+0xda/0x1a0
[   99.962200][ T6586]  __x64_sys_read+0x40/0x50
[   99.962292][ T6586]  x64_sys_call+0x2d77/0x2fb0
[   99.962355][ T6586]  do_syscall_64+0xd2/0x200
[   99.962374][ T6586]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.962399][ T6586]  ? clear_bhb_loop+0x40/0x90
[   99.962420][ T6586]  ? clear_bhb_loop+0x40/0x90
[   99.962470][ T6586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.962487][ T6586] RIP: 0033:0x7fb0a5abd3bc
[   99.962500][ T6586] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   99.962520][ T6586] RSP: 002b:00007fb0a40fe030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   99.962540][ T6586] RAX: ffffffffffffffda RBX: 00007fb0a5ce6080 RCX: 00007fb0a5abd3bc
[   99.962565][ T6586] RDX: 000000000000000f RSI: 00007fb0a40fe0a0 RDI: 0000000000000004
[   99.962578][ T6586] RBP: 00007fb0a40fe090 R08: 0000000000000000 R09: 0000000000000000
[   99.962591][ T6586] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[   99.962603][ T6586] R13: 0000000000000001 R14: 00007fb0a5ce6080 R15: 00007ffdc3a9cfa8
[   99.962702][ T6586]  </TASK>
[  100.323835][ T6593] netlink: 4 bytes leftover after parsing attributes in process `syz.5.860'.
[  100.336055][ T6598] loop2: detected capacity change from 0 to 1024
[  100.352019][ T6598] EXT4-fs: Ignoring removed orlov option
[  100.368359][ T6598] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.399674][ T6606] loop1: detected capacity change from 0 to 1024
[  100.436835][ T6606] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.464109][ T6606] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.510750][ T6606] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  100.523015][ T6606] EXT4-fs (loop1): This should not happen!! Data will be lost
[  100.523015][ T6606] 
[  100.532772][ T6606] EXT4-fs (loop1): Total free blocks count 0
[  100.539073][ T6606] EXT4-fs (loop1): Free/Dirty block details
[  100.545248][ T6606] EXT4-fs (loop1): free_blocks=0
[  100.550271][ T6606] EXT4-fs (loop1): dirty_blocks=0
[  100.555350][ T6606] EXT4-fs (loop1): Block reservation details
[  100.561359][ T6606] EXT4-fs (loop1): i_reserved_data_blocks=0
[  100.702948][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.774496][ T6614] loop1: detected capacity change from 0 to 128
[  100.793607][ T6614] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  100.808383][ T6614] System zones: 1-3, 19-19, 35-36
[  100.843263][ T6614] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  100.871538][ T6614] ext4 filesystem being mounted at /176/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  100.897509][ T6614] EXT4-fs warning (device loop1): ext4_group_extend:1886: will only finish group (8193 blocks, 8129 new)
[  100.940361][ T6614] EXT4-fs warning (device loop1): ext4_group_extend:1891: can't read last block, resize aborted
[  101.005604][ T3309] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  101.031674][ T6620] loop1: detected capacity change from 0 to 128
[  101.058504][ T6620] syz.1.869: attempt to access beyond end of device
[  101.058504][ T6620] loop1: rw=0, sector=2071, nr_sectors = 1 limit=128
[  101.103109][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.157444][ T6624] loop2: detected capacity change from 0 to 1024
[  101.173754][ T6624] EXT4-fs: Ignoring removed orlov option
[  101.203285][ T6624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.215873][ T6627] netlink: 'syz.5.873': attribute type 10 has an invalid length.
[  101.224002][ T6627] netlink: 40 bytes leftover after parsing attributes in process `syz.5.873'.
[  101.266413][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.389655][ T6643] FAULT_INJECTION: forcing a failure.
[  101.389655][ T6643] name failslab, interval 1, probability 0, space 0, times 0
[  101.402306][ T6643] CPU: 0 UID: 0 PID: 6643 Comm: syz.2.875 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  101.402404][ T6643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.402416][ T6643] Call Trace:
[  101.402423][ T6643]  <TASK>
[  101.402432][ T6643]  __dump_stack+0x1d/0x30
[  101.402452][ T6643]  dump_stack_lvl+0xe8/0x140
[  101.402471][ T6643]  dump_stack+0x15/0x1b
[  101.402487][ T6643]  should_fail_ex+0x265/0x280
[  101.402514][ T6643]  should_failslab+0x8c/0xb0
[  101.402536][ T6643]  kmem_cache_alloc_noprof+0x50/0x310
[  101.402597][ T6643]  ? __anon_vma_prepare+0xcd/0x2f0
[  101.402636][ T6643]  __anon_vma_prepare+0xcd/0x2f0
[  101.402666][ T6643]  do_wp_page+0x1838/0x2400
[  101.402688][ T6643]  ? __rcu_read_lock+0x37/0x50
[  101.402766][ T6643]  handle_mm_fault+0x77d/0x2be0
[  101.402784][ T6643]  ? mas_walk+0xf2/0x120
[  101.402815][ T6643]  do_user_addr_fault+0x636/0x1090
[  101.402840][ T6643]  ? fpregs_restore_userregs+0xad/0x1d0
[  101.402937][ T6643]  ? switch_fpu_return+0xe/0x20
[  101.402961][ T6643]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  101.403058][ T6643]  exc_page_fault+0x62/0xa0
[  101.403085][ T6643]  asm_exc_page_fault+0x26/0x30
[  101.403102][ T6643] RIP: 0033:0x7f3678c70ca3
[  101.403115][ T6643] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  101.403141][ T6643] RSP: 002b:00007f36774164a0 EFLAGS: 00010202
[  101.403155][ T6643] RAX: 0000000000000400 RBX: 00007f3677416540 RCX: 00007f366eff7000
[  101.403166][ T6643] RDX: 00007f36774166e0 RSI: 0000000000000045 RDI: 00007f36774165e0
[  101.403176][ T6643] RBP: 00000000000000f9 R08: 0000000000000009 R09: 00000000000001aa
[  101.403252][ T6643] R10: 00000000000001c6 R11: 00007f3677416540 R12: 0000000000000001
[  101.403263][ T6643] R13: 00007f3678e4c860 R14: 0000000000000020 R15: 00007f36774165e0
[  101.403279][ T6643]  </TASK>
[  101.403288][ T6643] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  101.652998][ T6643] loop2: detected capacity change from 0 to 2048
[  101.661983][ T6653] FAULT_INJECTION: forcing a failure.
[  101.661983][ T6653] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.675427][ T6653] CPU: 1 UID: 0 PID: 6653 Comm: syz.1.879 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  101.675455][ T6653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.675513][ T6653] Call Trace:
[  101.675522][ T6653]  <TASK>
[  101.675531][ T6653]  __dump_stack+0x1d/0x30
[  101.675556][ T6653]  dump_stack_lvl+0xe8/0x140
[  101.675572][ T6653]  dump_stack+0x15/0x1b
[  101.675586][ T6653]  should_fail_ex+0x265/0x280
[  101.675658][ T6653]  should_fail+0xb/0x20
[  101.675723][ T6653]  should_fail_usercopy+0x1a/0x20
[  101.675754][ T6653]  _copy_to_user+0x20/0xa0
[  101.675784][ T6653]  __snd_timer_user_ioctl+0x22c7/0x2470
[  101.675833][ T6653]  ? do_vfs_ioctl+0x9df/0x11d0
[  101.676072][ T6653]  ? __pfx_snd_timer_user_ioctl+0x10/0x10
[  101.676095][ T6653]  snd_timer_user_ioctl+0x41/0x60
[  101.676111][ T6653]  __se_sys_ioctl+0xcb/0x140
[  101.676196][ T6653]  __x64_sys_ioctl+0x43/0x50
[  101.676211][ T6653]  x64_sys_call+0x19a8/0x2fb0
[  101.676271][ T6653]  do_syscall_64+0xd2/0x200
[  101.676282][ T6653]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.676326][ T6653]  ? clear_bhb_loop+0x40/0x90
[  101.676338][ T6653]  ? clear_bhb_loop+0x40/0x90
[  101.676409][ T6653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.676421][ T6653] RIP: 0033:0x7fd6de60e9a9
[  101.676432][ T6653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.676516][ T6653] RSP: 002b:00007fd6dcc6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  101.676528][ T6653] RAX: ffffffffffffffda RBX: 00007fd6de835fa0 RCX: 00007fd6de60e9a9
[  101.676535][ T6653] RDX: 0000200000000500 RSI: 0000000040505412 RDI: 0000000000000006
[  101.676542][ T6653] RBP: 00007fd6dcc6f090 R08: 0000000000000000 R09: 0000000000000000
[  101.676548][ T6653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.676555][ T6653] R13: 0000000000000000 R14: 00007fd6de835fa0 R15: 00007ffd9f547a78
[  101.676566][ T6653]  </TASK>
[  101.683840][ T6643] EXT4-fs (loop2): failed to initialize system zone (-117)
[  101.896800][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[  101.915274][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[  101.923329][ T6643] EXT4-fs (loop2): mount failed
[  101.976555][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  101.985121][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  101.987950][ T6663] loop2: detected capacity change from 0 to 128
[  101.993246][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.007370][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.015098][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.022981][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.030855][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.038630][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.046387][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.054113][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.062114][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.069902][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.077873][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.085755][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  102.094269][   T36] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  102.205272][ T6672] siw: device registration error -23
[  102.255333][ T6678] sd 0:0:1:0: device reset
[  102.313083][ T6680] loop1: detected capacity change from 0 to 1024
[  102.320235][ T6680] EXT4-fs: inline encryption not supported
[  102.326231][ T6680] EXT4-fs: Ignoring removed i_version option
[  102.333729][ T6680] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  102.342687][ T6680] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  102.363356][ T6680] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.888: lblock 2 mapped to illegal pblock 2 (length 1)
[  102.392728][ T6680] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 48: comm syz.1.888: lblock 0 mapped to illegal pblock 48 (length 1)
[  102.430319][ T6680] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.888: Failed to acquire dquot type 0
[  102.471835][ T6680] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  102.502147][ T6680] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.888: mark_inode_dirty error
[  102.541329][ T6680] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  102.559110][ T6680] EXT4-fs (loop1): 1 orphan inode deleted
[  102.559455][ T6685] netlink: 72 bytes leftover after parsing attributes in process `syz.5.890'.
[  102.616156][   T51] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  102.616478][ T6680] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.657887][   T51] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  102.658641][ T6651] Set syz1 is full, maxelem 65536 reached
[  102.716218][ T6688] lo speed is unknown, defaulting to 1000
[  102.743295][ T6692] loop5: detected capacity change from 0 to 1024
[  102.755076][ T6680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.888'.
[  102.761814][ T6692] EXT4-fs: Ignoring removed orlov option
[  102.769550][ T6692] EXT4-fs: Ignoring removed mblk_io_submit option
[  102.780655][ T6680] ext4: Unknown parameter '�����]�|~&bo��!���F>��S���6�V䟋���Ye���8}�:St�'
[  102.794702][ T6692] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  102.826642][ T6692] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.843061][ T6680] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.861468][ T6692] lo speed is unknown, defaulting to 1000
[  102.868295][ T6680] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.888: Invalid inode table block 1 in block_group 0
[  102.885154][ T6680] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  102.894911][ T6680] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz.1.888: mark_inode_dirty error
[  103.007385][ T6701] netlink: 'syz.3.895': attribute type 10 has an invalid length.
[  103.015230][ T6701] netlink: 40 bytes leftover after parsing attributes in process `syz.3.895'.
[  103.165127][ T3597] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.239848][ T6715] sd 0:0:1:0: device reset
[  103.254560][ T6712] loop2: detected capacity change from 0 to 128
[  103.284108][ T6712] FAT-fs (loop2): Directory bread(block 162) failed
[  103.290842][ T6712] FAT-fs (loop2): Directory bread(block 163) failed
[  103.311037][ T6712] FAT-fs (loop2): Directory bread(block 164) failed
[  103.318399][ T6712] FAT-fs (loop2): Directory bread(block 165) failed
[  103.333898][ T6719] syzkaller0: entered promiscuous mode
[  103.339528][ T6719] syzkaller0: entered allmulticast mode
[  103.359186][ T6712] FAT-fs (loop2): Directory bread(block 166) failed
[  103.379258][ T6712] FAT-fs (loop2): Directory bread(block 167) failed
[  103.379726][   T29] kauditd_printk_skb: 245 callbacks suppressed
[  103.379738][   T29] audit: type=1400 audit(1753276512.996:1852): avc:  denied  { unmount } for  pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  103.385955][ T6712] FAT-fs (loop2): Directory bread(block 168) failed
[  103.421225][ T6712] FAT-fs (loop2): Directory bread(block 169) failed
[  103.423592][ T6731] netlink: 'syz.5.904': attribute type 10 has an invalid length.
[  103.432090][ T6712] FAT-fs (loop2): Directory bread(block 162) failed
[  103.435617][ T6731] netlink: 40 bytes leftover after parsing attributes in process `syz.5.904'.
[  103.442837][ T6712] FAT-fs (loop2): Directory bread(block 163) failed
[  103.530640][ T6740] loop1: detected capacity change from 0 to 1024
[  103.538296][ T6740] EXT4-fs: Ignoring removed orlov option
[  103.545820][ T6740] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.619171][ T6740] ==================================================================
[  103.627283][ T6740] BUG: KCSAN: data-race in filemap_read / filemap_read
[  103.634345][ T6740] 
[  103.636707][ T6740] read to 0xffff888118404e28 of 8 bytes by task 6745 on cpu 1:
[  103.644265][ T6740]  filemap_read+0x6f/0xa00
[  103.648710][ T6740]  generic_file_read_iter+0x79/0x330
[  103.654135][ T6740]  ext4_file_read_iter+0x1cc/0x290
[  103.659267][ T6740]  copy_splice_read+0x3c1/0x5f0
[  103.664311][ T6740]  splice_direct_to_actor+0x290/0x680
[  103.669710][ T6740]  do_splice_direct+0xda/0x150
[  103.675111][ T6740]  do_sendfile+0x380/0x650
[  103.679631][ T6740]  __x64_sys_sendfile64+0x105/0x150
[  103.684927][ T6740]  x64_sys_call+0xb39/0x2fb0
[  103.689538][ T6740]  do_syscall_64+0xd2/0x200
[  103.694662][ T6740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.700835][ T6740] 
[  103.703150][ T6740] write to 0xffff888118404e28 of 8 bytes by task 6740 on cpu 0:
[  103.710782][ T6740]  filemap_read+0x974/0xa00
[  103.715302][ T6740]  generic_file_read_iter+0x79/0x330
[  103.720610][ T6740]  ext4_file_read_iter+0x1cc/0x290
[  103.725740][ T6740]  copy_splice_read+0x3c1/0x5f0
[  103.730680][ T6740]  splice_direct_to_actor+0x290/0x680
[  103.736049][ T6740]  do_splice_direct+0xda/0x150
[  103.740808][ T6740]  do_sendfile+0x380/0x650
[  103.745237][ T6740]  __x64_sys_sendfile64+0x105/0x150
[  103.750440][ T6740]  x64_sys_call+0xb39/0x2fb0
[  103.755121][ T6740]  do_syscall_64+0xd2/0x200
[  103.759633][ T6740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.765526][ T6740] 
[  103.767841][ T6740] value changed: 0x0000000000000102 -> 0x0000000000000103
[  103.774934][ T6740] 
[  103.777290][ T6740] Reported by Kernel Concurrency Sanitizer on:
[  103.783556][ T6740] CPU: 0 UID: 0 PID: 6740 Comm: syz.1.908 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  103.794145][ T6740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.804374][ T6740] ==================================================================
[  104.044156][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.