last executing test programs:

2m59.315297307s ago: executing program 32 (id=1903):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x7, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffff4ba61f2be82db1af0000000000", 0x18)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x4, @remote, 0x5}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)

2m56.671914726s ago: executing program 4 (id=1933):
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r5, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})

2m55.627973541s ago: executing program 4 (id=1944):
r0 = socket(0x200000100000011, 0x803, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000100)="4dcdc7d96a76000000", 0x9, 0x0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)

2m55.627521301s ago: executing program 4 (id=1946):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_ext_remove_space_done\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x18000, &(0x7f0000000000), 0x80, 0x62d, &(0x7f0000000c40)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS")

2m55.135735895s ago: executing program 4 (id=1950):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000"})
creat(&(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x162)

2m54.474415265s ago: executing program 4 (id=1956):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)

2m53.813892655s ago: executing program 4 (id=1961):
timer_create(0x3, 0x0, &(0x7f0000000200)=<r0=>0x0)
clock_gettime(0x0, &(0x7f0000000040)={<r1=>0x0, <r2=>0x0})
timer_settime(r0, 0x0, &(0x7f0000000240)={{0x77359400}, {r1, r2+60000000}}, 0x0)
timer_gettime(r0, &(0x7f00000017c0))

2m53.813842855s ago: executing program 33 (id=1961):
timer_create(0x3, 0x0, &(0x7f0000000200)=<r0=>0x0)
clock_gettime(0x0, &(0x7f0000000040)={<r1=>0x0, <r2=>0x0})
timer_settime(r0, 0x0, &(0x7f0000000240)={{0x77359400}, {r1, r2+60000000}}, 0x0)
timer_gettime(r0, &(0x7f00000017c0))

2m15.941103308s ago: executing program 0 (id=2462):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, &(0x7f0000000080)="ff2642fd9e170a43498a9b71d42d2c00a3259ba94a291510b2ef5f817a94b5c67e70f5859ac7ca834d68ea", 0x2b, 0x1, &(0x7f0000000280)={0xa, 0x4e21, 0x9, @loopback, 0x12997c46}, 0x1c)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$inet6(0xa, 0x2, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioperm(0x0, 0x8, 0x4)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000002c0)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x2, [{{0xa, 0x0, 0x0, @remote}}, {{0xa, 0x0, 0x0, @remote}}]}, 0x190)
syz_emit_ethernet(0x4e, &(0x7f0000000480)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0x0, @remote, @mcast2, {[], @mld={0x84, 0x0, 0x0, 0x0, 0x0, @private0}}}}}}, 0x0)
timer_create(0x0, &(0x7f0000000440)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
uname(&(0x7f0000000180)=""/224)

2m14.671905872s ago: executing program 0 (id=2476):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x4e00, 0x0, 0x0, 0xbdff, 0x7, "ec28a1ba80a20507"})
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17)

2m14.651643344s ago: executing program 0 (id=2477):
syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[], 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[], 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdaf, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket(0x40000000015, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[], 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="7dbf230d000000002800128009000100766c616e00000000180002800c000200200000001f000000060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n', @ANYRES8], 0x64}}, 0x0)

2m13.81614367s ago: executing program 0 (id=2489):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000180)='./bus\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2bd, &(0x7f0000000640)="$eJzs3U9oE3kUwPGXtNtmu7QJy+7CLuzu2+1ld1mGJueFNiytiIGKNlItCFM70ZAxCZkQTZEmgtCLBy/+O6sgUiiIB0Eo9eBJWqQ3D95668F6UqQ4EpM2TU1brW1T7PdzyDzy3pv85k+G5BfILPx35Wwi5hgxMyten0e8PVL0LHkkIF5ZVpS/z00++/Xo8ROHwpFI7xHVvvBAMKSqHb9PDV2Y+HM6+92xBx2PWmUmcHJhMTQ/89PMzwvvBs7EHY07mkxl1dThVCprDtuWjlxzEobqYdsyHUvjScfK1ORjdiqdzquZHGlvS2csx1EzmdeElddsSrOZvJqnzXhSDcPQ9jbBxiZyN8PrZ6P33riuLGafum5rUVzXLT3p28XhocG0sqwe/8sNHhF206qLuk/EHs9Fc9HyspwPxyQutlheEb8sSekccW9Nuh9OldLj+dBkZO6fJ49VNSBjdqHSX8hFm2r6JSh+CZR7yspx38FIb1DLavu/kbbV/SHxyw/1+0N1+1vkr85V/Yb4Ze6UpMSW2ak/Xs/3j19f7h8Lqv7fH1nT/62MVHfT3VcNOj4AAAAAAAAAAGyFoSvqzt8bpYJLo6raviZf7l+ZX++q/j6wdn6+q+78fLP80tzYbQcAAAAAYL9w8qMJ07atzBcGpa/ym9X82LF5zdcX3L746cW/9W1c09ndNNvzvJjeC9v1GcHbwT0xjNpAKrNPG9X4RKRpm98p1eDltqzHUxnf+jUHhl7c33Q9LR/tn/VM7/xVCQAAAMBOqH7o75ZC7GGuMPjv1UaPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WYLfzk2e6NeSkvB93fqpeq+sGdx+TYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfU+AAD//2kmzK0=")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd0, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r4, 0x0, r3, 0x0, 0x6, 0x0)
dup3(r2, r3, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r3, 0x4, 0x7c00)
dup3(r4, r3, 0x0)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x14, 0x2, 0x6, 0x301}, 0x14}}, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000200)={0x0, 0x0, 0x1, 0x0, '\x00', [{0xffffffe1, 0x5a80000, 0x7ff, 0x2, 0x1, 0x5}, {0x8, 0x7, 0x9, 0x8, 0x50bd2486, 0x9}], ['\x00']})

2m13.614174638s ago: executing program 0 (id=2490):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2003c000303000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x88)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYBLOB='\x00'/19, @ANYRESOCT=r0, @ANYRES32, @ANYBLOB="0000000000000000000000000c000000000000000000000000000000accf4da359047fb7a749d826d9c91002384e87445117b9b1254edf94e9c7fa7dc345ab2fc3b097e4884083833e47014dca7b35d1c9e4bd67acbf41070f0a3b51d0a704401eaf872698170489faca67d400477ee61d9e3c26b67e0797f2ecefdc753959731217d6742ec2cb5a128bad2daedce817dc5fef6c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x29)
fcntl$setsig(r3, 0xa, 0x21)
syz_open_procfs(0x0, &(0x7f0000000000)='task\x00')
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="03002000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000f3ffffffffffffff00"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r4, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000500), 0x12)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204092, &(0x7f0000000480), 0x6, 0x522, &(0x7f0000001a00)="$eJzs3U1vI2cdAPD/OHY324Y6bTmUSmxDX5RFsE7S9CXiUBqJl1MlRLlnQ+JEUZx4lTjtJlpB+glAqAIkLnDigsQHQKoqPgFCqgQ3DpxAFWTpgQsyGnvcJI6dOlrH3o1/P2kyzzyPZ/7/x7HH82ZPACNrKiLeioixiHg5IopZfS4b4rA5pI+7f3RvJR2SqNff+VcSSVbXvswnstlS3/9uxA+Ts3F39w82lyuV8s7p6oNbG1vL6+X18vb8/NzrC28svLYw22NPkvx5rU9FxJvf+vTnP/ntd9788Ovv/X3pnzd/lKZ1O2vv1I9+aHa9EOOnpq+O9HWTb/QQAIBHwTMR8XREvBARX41ijMW5m9EAAADAI6j+zYlrrSIAAABwNeUiYiKSXCm73ncicrlSqXkN7xfj8Sejulv72lp1b3s1bYuYjEJubaNSns2uFZ6MQpJOzzXKx9OvtE3PZ9fgflC8nk432gAAAIDBWGzb//+02Nz/jyv4XVUAAAAYaZ1Pxo8NPA8AAADg8rgYHwAAAK4++/8AAABwpX3v7bfToX7/6F7jPgCr7+7vbVbfvbVa3t0sbe2tlFaqO3dK69XqeqVc6uEbAZVq9c6rsb13d6aW363N7O4fLG1V97ZrS437ei+Vnx5AnwAAAIDTnnr+o78mEXH4jeuNIfVY1lYYambAQyTJt1Xc/sqQMgH64sI/8jO1dzmJAAPX/pkOjA77+MCZe320bRiMd9tU+FN7xY3PjWWbAwAAhmP6S87/w6jKDTsBYGh+OuwEgKHp+Vj81OXmAQxewW3+YOSdOf/fZrxbw5nz/93U6xdKCAAA6LuJ5ugwsnOBE5HLlUqfnRZM1jYq5dmIeDIi/lIsXEun54aYLwAAAAAAAAAAAAAAAAAAAAAAAAA8iur1JOoAAADAlRaR+0eS3f9ruvjSRPvxgceS/xYb44h471fv/OLucq22M5fW//uz+tovs/pXhnEEAwAAAEZR4dzW1n56az8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrp/tG9ldYwyLifLMb1mOwUPx/jjfF4FCLi8f8kkT8xXxIRY32If/h+RDzbKX6SphWTWRZp/D9+eDxfLiKuDzj+yf6n8Z/oQ3wYZR8tRsRbnd5/uZhqjDu///LZ8KA+WWy8yTvGb63/xrqs/77QY4znPv79TNf470c8l++8/mnFT7rEf7HH+Ld/cHDQra3+m4jpjp8/SXOUyx5Y27ozs7t/cGtja3m9vF7enp+fe33hjYXXFmZn1jYq5exvxxg/+/IfDj/o2v9mgJPxW/2cbGb44279f6nH/v/v47tHzzSLhbPxI26+2Pn//2xj3Pn5T18TL2dPT9o+3SofNssn3fjdn290yy2Nv9rl+W/+/4v14/j5U/2/2Vv3T/b5173NAgBcpt39g83lSqW8M4DCC6/2b4FJo5BuBQ0o+WEXWgc7HpZ8xocT/Vp0f0y9Xq9fdhrffuDltDaHH2Q5f+tbv9J9hs5NQ1wpAQAAl+J4o3/YmQAAAAAAAAAAAAAAAAAAAMDoanz/f+yCPwT4/MV+aaw95uFwugoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcK7/BwAA//9BPMSs")
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB='trans=fd'])
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x10, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x400})
pivot_root(0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f2, &(0x7f0000000080))
personality(0x5000007)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
syz_open_dev$tty1(0xc, 0x4, 0x1)

2m13.419981615s ago: executing program 0 (id=2491):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
rseq(0x0, 0x0, 0x1, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_proto_private(0xffffffffffffffff, 0x89e1, &(0x7f0000001080))

2m13.419766345s ago: executing program 34 (id=2491):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
rseq(0x0, 0x0, 0x1, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_proto_private(0xffffffffffffffff, 0x89e1, &(0x7f0000001080))

1m57.660241926s ago: executing program 5 (id=2646):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000000800000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r2, 0x0, 0x0, 0x20000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000380), 0x101bf)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, r3})
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2405, 0x0, 0x1000000, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0xd)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="24000000000b05000000000000000000030000070500010000000000080002400000000037bcc05ce97dd26f7888532b6ce00c616042518e02273c31e815a88e58a28bed060f091327d7773c5529f36ec43700"], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4000800)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4)

1m56.569264044s ago: executing program 5 (id=2650):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x28, r2, 0xc4fc9e906872338b, 0x0, 0x0, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}}, 0x28}}, 0x0)

1m56.432685536s ago: executing program 5 (id=2652):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000004000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000080), &(0x7f0000000340)='%pS    \x00'}, 0x20)
unlink(0x0)

1m56.295929159s ago: executing program 5 (id=2653):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000180)='./bus\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2bd, &(0x7f0000000640)="$eJzs3U9oE3kUwPGXtNtmu7QJy+7CLuzu2+1ld1mGJueFNiytiIGKNlItCFM70ZAxCZkQTZEmgtCLBy/+O6sgUiiIB0Eo9eBJWqQ3D95668F6UqQ4EpM2TU1brW1T7PdzyDzy3pv85k+G5BfILPx35Wwi5hgxMyten0e8PVL0LHkkIF5ZVpS/z00++/Xo8ROHwpFI7xHVvvBAMKSqHb9PDV2Y+HM6+92xBx2PWmUmcHJhMTQ/89PMzwvvBs7EHY07mkxl1dThVCprDtuWjlxzEobqYdsyHUvjScfK1ORjdiqdzquZHGlvS2csx1EzmdeElddsSrOZvJqnzXhSDcPQ9jbBxiZyN8PrZ6P33riuLGafum5rUVzXLT3p28XhocG0sqwe/8sNHhF206qLuk/EHs9Fc9HyspwPxyQutlheEb8sSekccW9Nuh9OldLj+dBkZO6fJ49VNSBjdqHSX8hFm2r6JSh+CZR7yspx38FIb1DLavu/kbbV/SHxyw/1+0N1+1vkr85V/Yb4Ze6UpMSW2ak/Xs/3j19f7h8Lqv7fH1nT/62MVHfT3VcNOj4AAAAAAAAAAGyFoSvqzt8bpYJLo6raviZf7l+ZX++q/j6wdn6+q+78fLP80tzYbQcAAAAAYL9w8qMJ07atzBcGpa/ym9X82LF5zdcX3L746cW/9W1c09ndNNvzvJjeC9v1GcHbwT0xjNpAKrNPG9X4RKRpm98p1eDltqzHUxnf+jUHhl7c33Q9LR/tn/VM7/xVCQAAAMBOqH7o75ZC7GGuMPjv1UaPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WYLfzk2e6NeSkvB93fqpeq+sGdx+TYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfU+AAD//2kmzK0=")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd0, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r4, 0x0, r3, 0x0, 0x6, 0x0)
dup3(r2, r3, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r3, 0x4, 0x7c00)

1m56.286123999s ago: executing program 3 (id=2655):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

1m55.401955389s ago: executing program 5 (id=2661):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

1m55.316151777s ago: executing program 3 (id=2662):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000000800000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r2, 0x0, 0x0, 0x20000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000380), 0x101bf)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, r3})
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2405, 0x0, 0x1000000, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0xd)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="24000000000b05000000000000000000030000070500010000000000080002400000000037bcc05ce97dd26f7888532b6ce00c616042518e02273c31e815a88e58a28bed060f091327d7773c5529f36ec43700"], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4000800)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4)

1m55.06101147s ago: executing program 5 (id=2665):
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)

1m55.050298831s ago: executing program 35 (id=2665):
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)

1m54.326663896s ago: executing program 3 (id=2670):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
timerfd_settime(r0, 0x3, &(0x7f00000002c0)={{0x77359400}}, &(0x7f0000000080))
r2 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000400)='./file0\x00', 0x0, &(0x7f0000000100)={[{@shortname_winnt}, {@shortname_winnt}, {@utf8}]}, 0xfe, 0x2aa, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGflE7hw4Xu4cy+48Q0EH8Cdgwwcubm3SWzTtGlNK53fb9PDOd93z3dyTtvVPfn8teHB/cejh0+//j1arSxqvejFsyw6UYsj3wYAcJM8Syn+TKX1Muu1TdUEAGzWwv//xikh2ye73t50WQDABn340cfv393f3/sgz1sRw+/G/SzKn+X43YfxKAbxIG5HO55HpJmy/e57+3tRzwuduDWcjPtF5vCzX+ehMc3vRjs6y/O7eWkhfzLuN+LliCyLeNQrCrkT7XjlRH4xvndnSX70m/FGq1pkMf9utOO3L+JxDOJ+FLnz+b/p5vk76fu/vvqkCC7ys8m4vz2Nm0tbV703AAAAAAAAAAAAAAAAAAAAAADcXLv5TCduDYuu6v6drefT8d1/jU/v16lNx8v8LKI5bRy7H2iS4sej+3Vu53mesjJ+fr9PPV6tR/3aFg4AAAAAAAAAAAAAAAAAAAD/I6MnXx7cGwweHP4njeol/9lr/Rd9Tm+h5/VYHby91lyxVYUXtR6P6f7y6XDWUyziIsWPG3nEqpobJ3peKuo5+8l/p5RSlkVcbpsa55nrjMbO6pjiA/75h503D+5lZ32GraON+2lxqBmHoyfH9jSydSpMax2/5oqYZnVizvWcnUv+Er31RzlZ1ZOtsYpG1YjTjl9rrfN8dX+DAAAAAAAAAAAAAAAAAACA0vyl3yWDT1em1jZWFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcsfn3/6/RmFTJy2NSSpNZTzMOR9e8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF4A/wQAAP//+YxnlA==")
truncate(&(0x7f0000000080)='./file1\x00', 0x8)
setns(0xffffffffffffffff, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1m54.249850763s ago: executing program 3 (id=2671):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000180)='./bus\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2bd, &(0x7f0000000640)="$eJzs3U9oE3kUwPGXtNtmu7QJy+7CLuzu2+1ld1mGJueFNiytiIGKNlItCFM70ZAxCZkQTZEmgtCLBy/+O6sgUiiIB0Eo9eBJWqQ3D95668F6UqQ4EpM2TU1brW1T7PdzyDzy3pv85k+G5BfILPx35Wwi5hgxMyten0e8PVL0LHkkIF5ZVpS/z00++/Xo8ROHwpFI7xHVvvBAMKSqHb9PDV2Y+HM6+92xBx2PWmUmcHJhMTQ/89PMzwvvBs7EHY07mkxl1dThVCprDtuWjlxzEobqYdsyHUvjScfK1ORjdiqdzquZHGlvS2csx1EzmdeElddsSrOZvJqnzXhSDcPQ9jbBxiZyN8PrZ6P33riuLGafum5rUVzXLT3p28XhocG0sqwe/8sNHhF206qLuk/EHs9Fc9HyspwPxyQutlheEb8sSekccW9Nuh9OldLj+dBkZO6fJ49VNSBjdqHSX8hFm2r6JSh+CZR7yspx38FIb1DLavu/kbbV/SHxyw/1+0N1+1vkr85V/Yb4Ze6UpMSW2ak/Xs/3j19f7h8Lqv7fH1nT/62MVHfT3VcNOj4AAAAAAAAAAGyFoSvqzt8bpYJLo6raviZf7l+ZX++q/j6wdn6+q+78fLP80tzYbQcAAAAAYL9w8qMJ07atzBcGpa/ym9X82LF5zdcX3L746cW/9W1c09ndNNvzvJjeC9v1GcHbwT0xjNpAKrNPG9X4RKRpm98p1eDltqzHUxnf+jUHhl7c33Q9LR/tn/VM7/xVCQAAAMBOqH7o75ZC7GGuMPjv1UaPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WYLfzk2e6NeSkvB93fqpeq+sGdx+TYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfU+AAD//2kmzK0=")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd0, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r4, 0x0, r3, 0x0, 0x6, 0x0)
dup3(r2, r3, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r3, 0x4, 0x7c00)

1m53.326679506s ago: executing program 3 (id=2677):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = getpid()
getpriority(0x0, r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./bus\x00', &(0x7f0000000200), &(0x7f0000000340)={0x0, 0xfb, 0x35, 0x2, 0x9, "05e06b5557f64a395a1eecb183227379", "b10b4a3ae7959c9a061ba6eb76423730da132f8f5445be81a1ed2c96c8a92b33"}, 0x35, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x14)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r0, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%pi6   \x00'}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r8=>0x0})
bind$can_j1939(r6, &(0x7f0000000300)={0x1d, r8, 0x0, {0x0, 0xff, 0x2}, 0x2}, 0x18)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f00000000c0), 0xfea7)
copy_file_range(r10, &(0x7f00000001c0), r9, 0x0, 0xfffffff7a003e45c, 0x10000000000000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00d11100"/20, @ANYRES32=r4, @ANYBLOB="01000100"/20, @ANYRES32=r8, @ANYRES32=r10, @ANYBLOB="ffff00000100"/28], 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}}, 0x0)

1m53.018064314s ago: executing program 3 (id=2680):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
timerfd_settime(r0, 0x3, &(0x7f00000002c0)={{0x77359400}}, &(0x7f0000000080))
r2 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000400)='./file0\x00', 0x0, &(0x7f0000000100)={[{@shortname_winnt}, {@shortname_winnt}, {@utf8}]}, 0xfe, 0x2aa, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGflE7hw4Xu4cy+48Q0EH8Cdgwwcubm3SWzTtGlNK53fb9PDOd93z3dyTtvVPfn8teHB/cejh0+//j1arSxqvejFsyw6UYsj3wYAcJM8Syn+TKX1Muu1TdUEAGzWwv//xikh2ye73t50WQDABn340cfv393f3/sgz1sRw+/G/SzKn+X43YfxKAbxIG5HO55HpJmy/e57+3tRzwuduDWcjPtF5vCzX+ehMc3vRjs6y/O7eWkhfzLuN+LliCyLeNQrCrkT7XjlRH4xvndnSX70m/FGq1pkMf9utOO3L+JxDOJ+FLnz+b/p5vk76fu/vvqkCC7ys8m4vz2Nm0tbV703AAAAAAAAAAAAAAAAAAAAAADcXLv5TCduDYuu6v6drefT8d1/jU/v16lNx8v8LKI5bRy7H2iS4sej+3Vu53mesjJ+fr9PPV6tR/3aFg4AAAAAAAAAAAAAAAAAAAD/I6MnXx7cGwweHP4njeol/9lr/Rd9Tm+h5/VYHby91lyxVYUXtR6P6f7y6XDWUyziIsWPG3nEqpobJ3peKuo5+8l/p5RSlkVcbpsa55nrjMbO6pjiA/75h503D+5lZ32GraON+2lxqBmHoyfH9jSydSpMax2/5oqYZnVizvWcnUv+Er31RzlZ1ZOtsYpG1YjTjl9rrfN8dX+DAAAAAAAAAAAAAAAAAACA0vyl3yWDT1em1jZWFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcsfn3/6/RmFTJy2NSSpNZTzMOR9e8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF4A/wQAAP//+YxnlA==")
truncate(&(0x7f0000000080)='./file1\x00', 0x8)
setns(0xffffffffffffffff, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1m53.017818824s ago: executing program 36 (id=2680):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
timerfd_settime(r0, 0x3, &(0x7f00000002c0)={{0x77359400}}, &(0x7f0000000080))
r2 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000400)='./file0\x00', 0x0, &(0x7f0000000100)={[{@shortname_winnt}, {@shortname_winnt}, {@utf8}]}, 0xfe, 0x2aa, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGflE7hw4Xu4cy+48Q0EH8Cdgwwcubm3SWzTtGlNK53fb9PDOd93z3dyTtvVPfn8teHB/cejh0+//j1arSxqvejFsyw6UYsj3wYAcJM8Syn+TKX1Muu1TdUEAGzWwv//xikh2ye73t50WQDABn340cfv393f3/sgz1sRw+/G/SzKn+X43YfxKAbxIG5HO55HpJmy/e57+3tRzwuduDWcjPtF5vCzX+ehMc3vRjs6y/O7eWkhfzLuN+LliCyLeNQrCrkT7XjlRH4xvndnSX70m/FGq1pkMf9utOO3L+JxDOJ+FLnz+b/p5vk76fu/vvqkCC7ys8m4vz2Nm0tbV703AAAAAAAAAAAAAAAAAAAAAADcXLv5TCduDYuu6v6drefT8d1/jU/v16lNx8v8LKI5bRy7H2iS4sej+3Vu53mesjJ+fr9PPV6tR/3aFg4AAAAAAAAAAAAAAAAAAAD/I6MnXx7cGwweHP4njeol/9lr/Rd9Tm+h5/VYHby91lyxVYUXtR6P6f7y6XDWUyziIsWPG3nEqpobJ3peKuo5+8l/p5RSlkVcbpsa55nrjMbO6pjiA/75h503D+5lZ32GraON+2lxqBmHoyfH9jSydSpMax2/5oqYZnVizvWcnUv+Er31RzlZ1ZOtsYpG1YjTjl9rrfN8dX+DAAAAAAAAAAAAAAAAAACA0vyl3yWDT1em1jZWFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcsfn3/6/RmFTJy2NSSpNZTzMOR9e8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF4A/wQAAP//+YxnlA==")
truncate(&(0x7f0000000080)='./file1\x00', 0x8)
setns(0xffffffffffffffff, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1m53.017535094s ago: executing program 6 (id=2682):
r0 = socket(0x1e, 0x5, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r1 = socket(0x1e, 0x805, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000}, 0x1c)
sendmsg$tipc(r1, &(0x7f0000000640)={&(0x7f0000000300), 0x10, 0x0}, 0x0)

1m52.906961144s ago: executing program 6 (id=2683):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
writev(r2, &(0x7f0000000000)=[{&(0x7f00000002c0)="0a07c33ff1", 0x5}, {&(0x7f0000000140)="9f56f79999a4158408d19d6e82e6c00e96eeb5901f8726f0b9d1fd1e8243cde3e09c66a893650d28655e97f91bcbc805a4383b4b45e0fdc8d9584f1abf1431ff4b6fcdecdca02dbaf383d969278897e3665b4a95fa9ae220b6e9db074ed36c47e21bceb481d6bc5987e606faa24c3911f5864586a67993ec63fcdd5d572427b57526e588f040353141994a74b7ae2bd5d851b5dd0bbc5907208fe826a11f0154ab7d47a23bc5b3f12dd433d18412d79522b4479a53e6a8ec01e0b20fe75ec8c5109b61c5f17130e867027d37d76612bacba8c60e388017c0d8f7179d11e33deb7b9932563f392e3f61254acb2dfcc53a", 0xf0}], 0x2)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01030000000000000000320000000c009900000000001200000005001c01"], 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

1m52.740258899s ago: executing program 6 (id=2685):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000500), &(0x7f0000000540)='%+9llu \x00'}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

1m52.525940469s ago: executing program 6 (id=2686):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000180)='./bus\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2bd, &(0x7f0000000640)="$eJzs3U9oE3kUwPGXtNtmu7QJy+7CLuzu2+1ld1mGJueFNiytiIGKNlItCFM70ZAxCZkQTZEmgtCLBy/+O6sgUiiIB0Eo9eBJWqQ3D95668F6UqQ4EpM2TU1brW1T7PdzyDzy3pv85k+G5BfILPx35Wwi5hgxMyten0e8PVL0LHkkIF5ZVpS/z00++/Xo8ROHwpFI7xHVvvBAMKSqHb9PDV2Y+HM6+92xBx2PWmUmcHJhMTQ/89PMzwvvBs7EHY07mkxl1dThVCprDtuWjlxzEobqYdsyHUvjScfK1ORjdiqdzquZHGlvS2csx1EzmdeElddsSrOZvJqnzXhSDcPQ9jbBxiZyN8PrZ6P33riuLGafum5rUVzXLT3p28XhocG0sqwe/8sNHhF206qLuk/EHs9Fc9HyspwPxyQutlheEb8sSekccW9Nuh9OldLj+dBkZO6fJ49VNSBjdqHSX8hFm2r6JSh+CZR7yspx38FIb1DLavu/kbbV/SHxyw/1+0N1+1vkr85V/Yb4Ze6UpMSW2ak/Xs/3j19f7h8Lqv7fH1nT/62MVHfT3VcNOj4AAAAAAAAAAGyFoSvqzt8bpYJLo6raviZf7l+ZX++q/j6wdn6+q+78fLP80tzYbQcAAAAAYL9w8qMJ07atzBcGpa/ym9X82LF5zdcX3L746cW/9W1c09ndNNvzvJjeC9v1GcHbwT0xjNpAKrNPG9X4RKRpm98p1eDltqzHUxnf+jUHhl7c33Q9LR/tn/VM7/xVCQAAAMBOqH7o75ZC7GGuMPjv1UaPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WYLfzk2e6NeSkvB93fqpeq+sGdx+TYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfU+AAD//2kmzK0=")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd0, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r4, 0x0, r3, 0x0, 0x6, 0x0)
dup3(r2, r3, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r3, 0x4, 0x7c00)

1m51.556151416s ago: executing program 6 (id=2690):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = getpid()
getpriority(0x0, r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./bus\x00', &(0x7f0000000200), &(0x7f0000000340)={0x0, 0xfb, 0x45, 0x2, 0x9, "05e06b5557f64a395a1eecb183227379", "b10b4a3ae7959c9a061ba6eb76423730da132f8f5445be81a1ed2c96c8a92b3306783898b76f1bfcc18259f217d42296"}, 0x45, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x14)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r0, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%pi6   \x00'}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r8=>0x0})
bind$can_j1939(r6, &(0x7f0000000300)={0x1d, r8, 0x0, {0x0, 0xff, 0x2}, 0x2}, 0x18)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f00000000c0), 0xfea7)
copy_file_range(r10, &(0x7f00000001c0), r9, 0x0, 0xfffffff7a003e45c, 0x10000000000000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00d11100"/20, @ANYRES32=r4, @ANYBLOB="01000100"/20, @ANYRES32=r8, @ANYRES32=r10, @ANYBLOB="ffff00000100"/28], 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}}, 0x0)

1m51.17698521s ago: executing program 6 (id=2693):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2003c000303000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x88)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYBLOB='\x00'/19, @ANYRESOCT=r0, @ANYRES32, @ANYBLOB="0000000000000000000000000c000000000000000000000000000000accf4da359047fb7a749d826d9c91002384e87445117b9b1254edf94e9c7fa7dc345ab2fc3b097e4884083833e47014dca7b35d1c9e4bd67acbf41070f0a3b51d0a704401eaf872698170489faca67d400477ee61d9e3c26b67e0797f2ecefdc753959731217d6742ec2cb5a128bad2daedce817dc5fef6c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x29)
fcntl$setsig(r3, 0xa, 0x21)
syz_open_procfs(0x0, &(0x7f0000000000)='task\x00')
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="03002000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000f3ffffffffffffff00"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r4, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000500), 0x12)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204092, &(0x7f0000000480), 0x6, 0x522, &(0x7f0000001a00)="$eJzs3U1vI2cdAPD/OHY324Y6bTmUSmxDX5RFsE7S9CXiUBqJl1MlRLlnQ+JEUZx4lTjtJlpB+glAqAIkLnDigsQHQKoqPgFCqgQ3DpxAFWTpgQsyGnvcJI6dOlrH3o1/P2kyzzyPZ/7/x7HH82ZPACNrKiLeioixiHg5IopZfS4b4rA5pI+7f3RvJR2SqNff+VcSSVbXvswnstlS3/9uxA+Ts3F39w82lyuV8s7p6oNbG1vL6+X18vb8/NzrC28svLYw22NPkvx5rU9FxJvf+vTnP/ntd9788Ovv/X3pnzd/lKZ1O2vv1I9+aHa9EOOnpq+O9HWTb/QQAIBHwTMR8XREvBARX41ijMW5m9EAAADAI6j+zYlrrSIAAABwNeUiYiKSXCm73ncicrlSqXkN7xfj8Sejulv72lp1b3s1bYuYjEJubaNSns2uFZ6MQpJOzzXKx9OvtE3PZ9fgflC8nk432gAAAIDBWGzb//+02Nz/jyv4XVUAAAAYaZ1Pxo8NPA8AAADg8rgYHwAAAK4++/8AAABwpX3v7bfToX7/6F7jPgCr7+7vbVbfvbVa3t0sbe2tlFaqO3dK69XqeqVc6uEbAZVq9c6rsb13d6aW363N7O4fLG1V97ZrS437ei+Vnx5AnwAAAIDTnnr+o78mEXH4jeuNIfVY1lYYambAQyTJt1Xc/sqQMgH64sI/8jO1dzmJAAPX/pkOjA77+MCZe320bRiMd9tU+FN7xY3PjWWbAwAAhmP6S87/w6jKDTsBYGh+OuwEgKHp+Vj81OXmAQxewW3+YOSdOf/fZrxbw5nz/93U6xdKCAAA6LuJ5ugwsnOBE5HLlUqfnRZM1jYq5dmIeDIi/lIsXEun54aYLwAAAAAAAAAAAAAAAAAAAAAAAAA8iur1JOoAAADAlRaR+0eS3f9ruvjSRPvxgceS/xYb44h471fv/OLucq22M5fW//uz+tovs/pXhnEEAwAAAEZR4dzW1n56az8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrp/tG9ldYwyLifLMb1mOwUPx/jjfF4FCLi8f8kkT8xXxIRY32If/h+RDzbKX6SphWTWRZp/D9+eDxfLiKuDzj+yf6n8Z/oQ3wYZR8tRsRbnd5/uZhqjDu///LZ8KA+WWy8yTvGb63/xrqs/77QY4znPv79TNf470c8l++8/mnFT7rEf7HH+Ld/cHDQra3+m4jpjp8/SXOUyx5Y27ozs7t/cGtja3m9vF7enp+fe33hjYXXFmZn1jYq5exvxxg/+/IfDj/o2v9mgJPxW/2cbGb44279f6nH/v/v47tHzzSLhbPxI26+2Pn//2xj3Pn5T18TL2dPT9o+3SofNssn3fjdn290yy2Nv9rl+W/+/4v14/j5U/2/2Vv3T/b5173NAgBcpt39g83lSqW8M4DCC6/2b4FJo5BuBQ0o+WEXWgc7HpZ8xocT/Vp0f0y9Xq9fdhrffuDltDaHH2Q5f+tbv9J9hs5NQ1wpAQAAl+J4o3/YmQAAAAAAAAAAAAAAAAAAAMDoanz/f+yCPwT4/MV+aaw95uFwugoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcK7/BwAA//9BPMSs")
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB='trans=fd'])
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x10, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x400})
pivot_root(0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f2, &(0x7f0000000080))
personality(0x5000007)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
syz_open_dev$tty1(0xc, 0x4, 0x1)

1m51.17676912s ago: executing program 37 (id=2693):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2003c000303000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x88)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYBLOB='\x00'/19, @ANYRESOCT=r0, @ANYRES32, @ANYBLOB="0000000000000000000000000c000000000000000000000000000000accf4da359047fb7a749d826d9c91002384e87445117b9b1254edf94e9c7fa7dc345ab2fc3b097e4884083833e47014dca7b35d1c9e4bd67acbf41070f0a3b51d0a704401eaf872698170489faca67d400477ee61d9e3c26b67e0797f2ecefdc753959731217d6742ec2cb5a128bad2daedce817dc5fef6c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x29)
fcntl$setsig(r3, 0xa, 0x21)
syz_open_procfs(0x0, &(0x7f0000000000)='task\x00')
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="03002000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000f3ffffffffffffff00"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r4, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000500), 0x12)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204092, &(0x7f0000000480), 0x6, 0x522, &(0x7f0000001a00)="$eJzs3U1vI2cdAPD/OHY324Y6bTmUSmxDX5RFsE7S9CXiUBqJl1MlRLlnQ+JEUZx4lTjtJlpB+glAqAIkLnDigsQHQKoqPgFCqgQ3DpxAFWTpgQsyGnvcJI6dOlrH3o1/P2kyzzyPZ/7/x7HH82ZPACNrKiLeioixiHg5IopZfS4b4rA5pI+7f3RvJR2SqNff+VcSSVbXvswnstlS3/9uxA+Ts3F39w82lyuV8s7p6oNbG1vL6+X18vb8/NzrC28svLYw22NPkvx5rU9FxJvf+vTnP/ntd9788Ovv/X3pnzd/lKZ1O2vv1I9+aHa9EOOnpq+O9HWTb/QQAIBHwTMR8XREvBARX41ijMW5m9EAAADAI6j+zYlrrSIAAABwNeUiYiKSXCm73ncicrlSqXkN7xfj8Sejulv72lp1b3s1bYuYjEJubaNSns2uFZ6MQpJOzzXKx9OvtE3PZ9fgflC8nk432gAAAIDBWGzb//+02Nz/jyv4XVUAAAAYaZ1Pxo8NPA8AAADg8rgYHwAAAK4++/8AAABwpX3v7bfToX7/6F7jPgCr7+7vbVbfvbVa3t0sbe2tlFaqO3dK69XqeqVc6uEbAZVq9c6rsb13d6aW363N7O4fLG1V97ZrS437ei+Vnx5AnwAAAIDTnnr+o78mEXH4jeuNIfVY1lYYambAQyTJt1Xc/sqQMgH64sI/8jO1dzmJAAPX/pkOjA77+MCZe320bRiMd9tU+FN7xY3PjWWbAwAAhmP6S87/w6jKDTsBYGh+OuwEgKHp+Vj81OXmAQxewW3+YOSdOf/fZrxbw5nz/93U6xdKCAAA6LuJ5ugwsnOBE5HLlUqfnRZM1jYq5dmIeDIi/lIsXEun54aYLwAAAAAAAAAAAAAAAAAAAAAAAAA8iur1JOoAAADAlRaR+0eS3f9ruvjSRPvxgceS/xYb44h471fv/OLucq22M5fW//uz+tovs/pXhnEEAwAAAEZR4dzW1n56az8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrp/tG9ldYwyLifLMb1mOwUPx/jjfF4FCLi8f8kkT8xXxIRY32If/h+RDzbKX6SphWTWRZp/D9+eDxfLiKuDzj+yf6n8Z/oQ3wYZR8tRsRbnd5/uZhqjDu///LZ8KA+WWy8yTvGb63/xrqs/77QY4znPv79TNf470c8l++8/mnFT7rEf7HH+Ld/cHDQra3+m4jpjp8/SXOUyx5Y27ozs7t/cGtja3m9vF7enp+fe33hjYXXFmZn1jYq5exvxxg/+/IfDj/o2v9mgJPxW/2cbGb44279f6nH/v/v47tHzzSLhbPxI26+2Pn//2xj3Pn5T18TL2dPT9o+3SofNssn3fjdn290yy2Nv9rl+W/+/4v14/j5U/2/2Vv3T/b5173NAgBcpt39g83lSqW8M4DCC6/2b4FJo5BuBQ0o+WEXWgc7HpZ8xocT/Vp0f0y9Xq9fdhrffuDltDaHH2Q5f+tbv9J9hs5NQ1wpAQAAl+J4o3/YmQAAAAAAAAAAAAAAAAAAAMDoanz/f+yCPwT4/MV+aaw95uFwugoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcK7/BwAA//9BPMSs")
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB='trans=fd'])
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x10, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x400})
pivot_root(0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f2, &(0x7f0000000080))
personality(0x5000007)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
syz_open_dev$tty1(0xc, 0x4, 0x1)

2.971018632s ago: executing program 1 (id=4246):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x1}], 0x1, &(0x7f0000000e40)=ANY=[], 0xd0}}], 0x1, 0x4008094)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r3=>0x0})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000280)={0x0, 0x2}, &(0x7f0000000300)=0x8)
connect$can_bcm(r2, &(0x7f0000000380), 0x10)
sendmsg$can_bcm(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1d, r3}, 0x10, &(0x7f0000000600)={&(0x7f0000000300)=ANY=[@ANYBLOB="01000000440800"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="000000000100000000000000fd"], 0x80}, 0x2}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800"/20, @ANYBLOB="e69f8dafae7e6baccc4e9e5bf598ba01d357f972180c485b483d25e51fa8f89d254048f3836379", @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095", @ANYRES64=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeb2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="000000000ef7225721f223ed680588d0565166c100000000b708000534b7b8a0f9276ca40c0e82dc00000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={@dev={0xfe, 0x80, '\x00', 0xa}, 0x5e})
connect$can_bcm(r2, &(0x7f0000000080), 0x10)

2.041074106s ago: executing program 8 (id=4263):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, @perf_config_ext, 0x2280, 0x0, 0x8, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="190000000400000008000000ff"], 0x48)

2.033342817s ago: executing program 1 (id=4264):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)

1.973794922s ago: executing program 7 (id=4267):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@bridge_delneigh={0x1c, 0x1d, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x52}}, 0x1c}}, 0x0) (fail_nth: 5)

1.712690906s ago: executing program 8 (id=4268):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
r2 = signalfd4(r1, &(0x7f0000000480)={[0x400000000000005]}, 0x8, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f0000000440)={&(0x7f00000001c0), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7f}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x9}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x400}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x3}]}, 0x60}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000005)

1.677551349s ago: executing program 7 (id=4269):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setsig(0x4203, r2, 0x1, &(0x7f0000000040)={0x32, 0x8000, 0x4})
newfstatat(0xffffffffffffff9c, &(0x7f0000000b00)='./file0\x00', &(0x7f0000000b40), 0x0)
stat(&(0x7f0000000bc0)='./file0\x00', &(0x7f0000000c00))
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x161200, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000080)=0x13)

1.676613909s ago: executing program 9 (id=4270):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1, 0xffffffff}, {0x3}, {0x6, 0x0, 0x3}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000680)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000000), 0xfd, 0x244, &(0x7f0000000680)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1.455939969s ago: executing program 8 (id=4273):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r4}, 0x18)
r5 = socket(0x10, 0x3, 0x9)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r5, &(0x7f0000000b00)={&(0x7f0000000a00), 0xc, &(0x7f0000000ac0)={&(0x7f0000000400)={0x1c}, 0xdb}}, 0x0)
sendmmsg$inet6(r2, &(0x7f00000025c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)='P', 0x1}], 0x1}}], 0x1, 0x80)
shutdown(r2, 0x1)
setsockopt(r2, 0x84, 0x80, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='vnet_rx_stopped_ack\x00', r1, 0x0, 0x401}, 0x18)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x6, &(0x7f0000000080)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, r7}, @ldst={0x3, 0x0, 0x3}]}, &(0x7f0000000180)='syzkaller\x00', 0x1, 0xdd, &(0x7f00000001c0)=""/221, 0x41000, 0x20, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xda, @void, @value}, 0x94)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000001000000000000000b00000000030014"], 0x30}}, 0x0)
unshare(0x64000600)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
shutdown(r8, 0x0)
r9 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'bridge0\x00'})

1.245970368s ago: executing program 8 (id=4276):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3, 0x0, 0x10001}, 0x18)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
close(r1)

1.245415238s ago: executing program 8 (id=4277):
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x7, 0x86100)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000001000), 0xe09)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0xb, 0x103ba, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000140)={r2, &(0x7f0000000000), 0x20000000}, 0x20)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r6, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
recvfrom$inet6(r6, &(0x7f0000000000)=""/27, 0x1b, 0x0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x1)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, r6, 0x0, 0x2000000200, 0x7)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e8, 0x1c0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x318, 0x20a, 0x278, 0x318, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x448)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_RX_RING(r7, 0x10e, 0x6, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r2, &(0x7f0000000180), 0x0}, 0x20)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000f00)={0x18, r10, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x41014)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, 0x0, 0x24041081)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000400)={r2, &(0x7f00000003c0), &(0x7f0000000500)=""/184}, 0x20)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000d80)={r1, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x2]}})
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, r10, 0x20, 0x70bd26, 0x16, {}, [@MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2a}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x0)

1.051790125s ago: executing program 1 (id=4278):
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000009c0), 0x0, 0x0, 0x0, 0x2663}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81000e220e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x1, r4, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)

791.815059ms ago: executing program 1 (id=4281):
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000140)="d800000018007b29e00212ba0d8105040a601800fe0f040b067c55a1bc0009001e0006990600000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ccd40dd601edef3d93452a92307ff0ff0e97031e9f05e9f16e9cb500"/216, 0xd8}], 0x1, 0x0, 0x0, 0x2663}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81000e220e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x1, r4, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)

786.04242ms ago: executing program 7 (id=4282):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd20, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}, {0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
close(r0)

742.888343ms ago: executing program 7 (id=4283):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89a0, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89a1, &(0x7f0000000080))

721.043905ms ago: executing program 9 (id=4284):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x24)
syz_open_dev$vcsu(&(0x7f00000002c0), 0x7, 0x84280)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
semctl$IPC_RMID(0x0, 0x0, 0x0)

666.46769ms ago: executing program 2 (id=4285):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_adjtime(0x0, &(0x7f0000000700)={0x1000000000066fb, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x240b})
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
connect(r2, 0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="090000000400000008000000"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10)
r6 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000060000000800000005"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r7, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigsuspend(0x0, 0x0)
fsetxattr$system_posix_acl(r6, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)
sendto$packet(r3, &(0x7f0000000080)="10008100", 0x4, 0x0, &(0x7f00000000c0)={0x11, 0x8100, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14)
getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, &(0x7f0000000040))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r5, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000300), &(0x7f0000000340)=[0x0, 0x0], 0x0, 0xcb, 0x0, 0x0, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xd2, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10)

614.153505ms ago: executing program 1 (id=4286):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
setrlimit(0x9, &(0x7f0000000000))
io_setup(0x2004, &(0x7f0000000680))

592.643966ms ago: executing program 9 (id=4287):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
setrlimit(0x9, &(0x7f0000000000))
io_setup(0x2004, &(0x7f0000000680))

592.302357ms ago: executing program 1 (id=4288):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
syz_open_pts(r1, 0x0)
ptrace(0x10, 0x0)
ptrace$setsig(0x4203, 0x0, 0x1, &(0x7f0000000040)={0x32, 0x8000, 0x4})
newfstatat(0xffffffffffffff9c, &(0x7f0000000b00)='./file0\x00', &(0x7f0000000b40), 0x0)
stat(&(0x7f0000000bc0)='./file0\x00', &(0x7f0000000c00))
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x161200, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000080)=0x13)

569.152349ms ago: executing program 7 (id=4289):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x7, 0x3, 0x0, 0x7fff0000}]})
timer_create(0x6, &(0x7f0000000040)={0x0, 0x3d, 0x3}, &(0x7f0000000080)=<r0=>0x0)
timer_gettime(r0, &(0x7f00000000c0))
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x28, 0xa, 0x3a)
setsockopt$MRT6_TABLE(r1, 0x29, 0xc8, &(0x7f0000000080), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
modify_ldt$write2(0x11, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)={0x24, r3, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x24}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCOUTQNSD(r6, 0x894b, &(0x7f0000000240))
r7 = socket(0x10, 0x803, 0x0)
write$binfmt_elf64(r7, 0x0, 0x40)
timer_gettime(r0, &(0x7f0000000280))
getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="48000000100005f7000000000000000000000002", @ANYRES32=r8, @ANYBLOB="b100000000000000280012000c00010076657468"], 0x48}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="08000200acff", @ANYRES32=r8, @ANYBLOB="2000000014002101000000000000000002010000"], 0x20}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
socket$nl_route(0x10, 0x3, 0x0)

417.742343ms ago: executing program 2 (id=4290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=0x4)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/softnet_stat\x00')
r4 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setuid(r5)
fchown(r3, r5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x1, 0x0, 0x6, 0x6008, r0, 0x7ff, '\x00', r2, r3, 0x5, 0x1, 0x4, 0x9, @void, @value, @void, @value}, 0x50)
syz_emit_ethernet(0x32, &(0x7f00000010c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)

393.405835ms ago: executing program 9 (id=4291):
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000009c0), 0x0, 0x0, 0x0, 0x2663}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81000e220e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x1, r4, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)

369.638837ms ago: executing program 7 (id=4292):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setsig(0x4203, r2, 0x1, &(0x7f0000000040)={0x32, 0x8000, 0x4})
newfstatat(0xffffffffffffff9c, &(0x7f0000000b00)='./file0\x00', &(0x7f0000000b40), 0x0)
stat(&(0x7f0000000bc0)='./file0\x00', &(0x7f0000000c00))
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x161200, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000080)=0x13)

254.010417ms ago: executing program 2 (id=4293):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd20, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}, {0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
close(r0)

253.680727ms ago: executing program 8 (id=4294):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1, 0xffffffff}, {0x3}, {0x6, 0x0, 0x3}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000680)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000000), 0xfd, 0x244, &(0x7f0000000680)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

253.359547ms ago: executing program 2 (id=4295):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
syz_io_uring_setup(0xd2, &(0x7f00000003c0)={0x0, 0x3, 0x0, 0x0, 0x1}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000940)={0x2d71e, 0x0, 0x0, 0x7ffe, 0x0, "00ff7f0a0a008000"})
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f0000000040)=0xd)
unshare(0x62040200)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="ddc9e5852c516e6e7f6426c4aae283eab7eaa7beb7c64efc464043f82d8d13c000a371b65b6f95c58c3760ed56397a3002be80f5cb20d25cfe34228251bad701a438c8e08cebf01ece36dd8221da", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
syz_io_uring_setup(0x4b6, &(0x7f0000000080), &(0x7f0000ff0000), 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
r5 = syz_open_pts(r4, 0x801)
r6 = dup3(r5, r4, 0x0)
write$binfmt_elf64(r6, &(0x7f0000001400)=ANY=[], 0xfe00)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff)
r9 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000e80)='ns/net\x00')
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x24, r8, 0x1, 0x0, 0xfffffffe, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r9}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000d80), r10)
ioctl$sock_SIOCGIFINDEX_802154(r10, 0x8933, &(0x7f0000000dc0)={'wpan0\x00'})

131.779888ms ago: executing program 9 (id=4296):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {}, {@noinit_itable}, {@norecovery}, {@discard}, {@noload}, {@usrjquota}, {@oldalloc}, {@grpquota}]}, 0x1, 0x583, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSdN2/36/dTCGeiGDXTiZS9fWPxME56XocKD3M7RZGU2X0aRjrQO3C3fjjQxBxIH4Arz3cvgGfBUDHQwZRS9EqJzkZMvapH+zJWs+Hzjb8+Sc0+f55jnPk+fJSUgAA+t4+k8u4uWI+CaJONyyLx/ZzuON41Ye3ZhOt2R0dfXTP5NIsseaxyfZ/wezzEsR8etXEady68utLi3PFcvl0kKWH6/NXx2vLi2fvjxfnC3Nlq5MTk2dfWtq8t133u5arK9f+Pv7T+59ePbrEyvf/fzgyJ0kzsWhbF9rHLtwszVzvPhvlhqOc2sOnOhCYf0k6XUF2JGhrJ8PRzoGHI6hrNcDe9+XEbEKDKhE/4cB1ZwHNNf2XVoHvzAeftBYANVjH2mNP994byT21ddGB1aSp1ZG6Xp3rAvlp2X88sfdO+kWG78PsX+TPMC23LwVEWfy+fXjf5KNfzt3pv7m8cbWljForz/QS/fS+c8b7eZ/ucfzn2gz/znYpu/uxOb9P/egC8V0lM7/3ls//01ahq6xocZdsPhffc43nFy6XC6diYj/R8TJGB5N8xvdzzm7cn+1077W+V+6peU354INuQf50afPmSnWihExssvQ6x7eingl3679k8ftn7Rp//T5uLDFMo6V7r7aad/m8T9bqz9FvNZ2/fPkjlay8f3J8fr1MN68Ktb76/ax3zqV3+v40/Y/sHH8Y0nr/drq9sv4cd8/pU77dnr9jySf1dPNTnC9WKstTESMJB+vf3zyybnNfPP4NP6TJzYe/9pd/+ni6/Mtxn/76O2Oh/ZD+89sq/23n7j/0Rc/dCp/a+3/Zj11MnskG//ay66VrVZwt88fAAAAAAAA9JNcRByKJFd4nM7lCoXG5zuOxoFcuVKtnbpUWbwyE/Xvyo7FcK55p/twy+chJrLPwzbzk2vyUxFxJCK+HdpfzxemK+WZXgcPAAAAAAAAAAAAAAAAAAAAfeJgh+//p34f6nXtgGeu/sMGo72uBdALm/zkvx+ahD1sbf/f16N6AM/fJq//wB6m/8Pg0v9hcOn/MLj0fxhc+j8MLv0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAuurC+fPptrry6MZ0mp+5trQ4V7l2eqZUnSvML04XpisLVwuzlcpsuVSYrsxv9vfKlcrViclYvD5eK1Vr49Wl5YvzlcUrtYuX54uzpYul4ecSFQAAAAAAAAAAAAAAAAAAALxYqkvLc8VyubQg0THxfvRFNZ5lgA07Oj3fL1F0PTEUEX1QjV0nbmXNu72zejgoAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAa/wUAAP//qUsw1Q==")
chdir(&(0x7f0000000240)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = memfd_create(&(0x7f0000000280)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xf5\x9bo%\x0e\xfc\x8e\x02;\x18\xb0)6b|\xff\xf5\x95\xd2q#\xc6\xe7\xec?9\xaf\xfa(:\b\xd4\xad\xdc\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfc\xbdnC\xec\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
write$binfmt_script(r2, &(0x7f0000000380)={'#! ', './file0'}, 0xb)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

74.892893ms ago: executing program 9 (id=4297):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, @perf_config_ext, 0x2280, 0x0, 0x8, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="190000000400000008000000ff"], 0x48)

28.830337ms ago: executing program 2 (id=4298):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x24)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
semctl$IPC_RMID(0x0, 0x0, 0x0)

0s ago: executing program 2 (id=4299):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0, 0x0, 0x8000000000000000}, 0x18)
socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89a0, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89a1, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

9.770863][T16609] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.3375: corrupted in-inode xattr: invalid ea_ino
[  229.784546][T16609] EXT4-fs error (device loop7): ext4_orphan_get:1393: comm syz.7.3375: couldn't read orphan inode 15 (err -117)
[  230.020729][T16615] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(16)
[  230.027386][T16615] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  230.035019][T16615] vhci_hcd vhci_hcd.0: Device attached
[  230.147106][T16649] FAULT_INJECTION: forcing a failure.
[  230.147106][T16649] name failslab, interval 1, probability 0, space 0, times 0
[  230.159823][T16649] CPU: 0 UID: 0 PID: 16649 Comm: syz.7.3380 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  230.170669][T16649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  230.180735][T16649] Call Trace:
[  230.184095][T16649]  <TASK>
[  230.187028][T16649]  dump_stack_lvl+0xf2/0x150
[  230.191640][T16649]  dump_stack+0x15/0x20
[  230.195876][T16649]  should_fail_ex+0x223/0x230
[  230.200576][T16649]  ? rtnl_newlink+0x5d/0x1690
[  230.205272][T16649]  should_failslab+0x8f/0xb0
[  230.209951][T16649]  __kmalloc_cache_noprof+0x4b/0x2a0
[  230.215256][T16649]  rtnl_newlink+0x5d/0x1690
[  230.219805][T16649]  ? xa_load+0xb9/0xe0
[  230.223937][T16649]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  230.229482][T16649]  ? mod_objcg_state+0x2ea/0x4f0
[  230.234432][T16649]  ? __rcu_read_unlock+0x4e/0x70
[  230.239443][T16649]  ? avc_has_perm_noaudit+0x1cc/0x210
[  230.244897][T16649]  ? selinux_capable+0x1f2/0x260
[  230.249913][T16649]  ? security_capable+0x81/0x90
[  230.254792][T16649]  ? ns_capable+0x7d/0xb0
[  230.259146][T16649]  ? __pfx_rtnl_newlink+0x10/0x10
[  230.264181][T16649]  rtnetlink_rcv_msg+0x6aa/0x710
[  230.269106][T16649]  ? ref_tracker_free+0x3a5/0x410
[  230.274374][T16649]  ? __dev_queue_xmit+0x161/0x2040
[  230.279547][T16649]  ? skb_clone+0x154/0x1f0
[  230.283964][T16649]  netlink_rcv_skb+0x12c/0x230
[  230.288784][T16649]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  230.294233][T16649]  rtnetlink_rcv+0x1c/0x30
[  230.298674][T16649]  netlink_unicast+0x599/0x670
[  230.303437][T16649]  netlink_sendmsg+0x5cc/0x6e0
[  230.308261][T16649]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.313609][T16649]  __sock_sendmsg+0x140/0x180
[  230.318300][T16649]  ____sys_sendmsg+0x312/0x410
[  230.323054][T16649]  __sys_sendmsg+0x1d9/0x270
[  230.327654][T16649]  __x64_sys_sendmsg+0x46/0x50
[  230.332403][T16649]  x64_sys_call+0x2689/0x2d60
[  230.337118][T16649]  do_syscall_64+0xc9/0x1c0
[  230.341643][T16649]  ? clear_bhb_loop+0x55/0xb0
[  230.346302][T16649]  ? clear_bhb_loop+0x55/0xb0
[  230.350961][T16649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.356849][T16649] RIP: 0033:0x7fe1edb4e719
[  230.361255][T16649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.381021][T16649] RSP: 002b:00007fe1ec7c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  230.389430][T16649] RAX: ffffffffffffffda RBX: 00007fe1edd05f80 RCX: 00007fe1edb4e719
[  230.397402][T16649] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000004
[  230.405385][T16649] RBP: 00007fe1ec7c7090 R08: 0000000000000000 R09: 0000000000000000
[  230.413339][T16649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.421353][T16649] R13: 0000000000000000 R14: 00007fe1edd05f80 R15: 00007ffe34d2cde8
[  230.429316][T16649]  </TASK>
[  230.501966][T14011] vhci_hcd: vhci_device speed not set
[  230.535408][T16677] IPv6: Can't replace route, no match found
[  230.566782][T14011] usb 17-1: new full-speed USB device number 5 using vhci_hcd
[  230.578689][T16631] vhci_hcd: connection reset by peer
[  230.584232][ T1759] vhci_hcd: stop threads
[  230.588613][ T1759] vhci_hcd: release socket
[  230.593044][ T1759] vhci_hcd: disconnect device
[  230.750302][T16692] __nla_validate_parse: 13 callbacks suppressed
[  230.750317][T16692] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3394'.
[  230.775612][T16684] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3390'.
[  230.784818][T16684] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3390'.
[  230.796759][T16695] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3395'.
[  230.952362][T16707] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3399'.
[  231.177724][T16739] IPv6: Can't replace route, no match found
[  231.202452][T16745] loop8: detected capacity change from 0 to 512
[  231.221965][T16745] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  231.236497][T16745] EXT4-fs (loop8): 1 truncate cleaned up
[  231.258713][T16751] lo speed is unknown, defaulting to 1000
[  231.289361][T16754] loop7: detected capacity change from 0 to 1024
[  231.308908][T16754] EXT4-fs: Ignoring removed orlov option
[  231.314679][T16754] EXT4-fs: Ignoring removed nomblk_io_submit option
[  231.392623][T16760] loop8: detected capacity change from 0 to 128
[  231.440381][T16753] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3407'.
[  231.449501][T16753] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3407'.
[  231.471648][T16760] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.501844][T16760] netlink: 100 bytes leftover after parsing attributes in process `syz.8.3408'.
[  231.554007][T16777] loop9: detected capacity change from 0 to 128
[  231.566101][T16777] ext4 filesystem being mounted at /160/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.567736][T16779] loop7: detected capacity change from 0 to 512
[  231.587751][T16777] netlink: 100 bytes leftover after parsing attributes in process `syz.9.3415'.
[  231.623060][T16779] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.3416: corrupted in-inode xattr: invalid ea_ino
[  231.637154][T16779] EXT4-fs error (device loop7): ext4_orphan_get:1393: comm syz.7.3416: couldn't read orphan inode 15 (err -117)
[  231.811719][T16804] loop9: detected capacity change from 0 to 512
[  231.818577][T16804] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  231.856165][T16804] EXT4-fs (loop9): 1 truncate cleaned up
[  232.074745][T16843] loop9: detected capacity change from 0 to 128
[  232.082093][T16846] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3430'.
[  232.098441][T16843] ext4 filesystem being mounted at /167/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.122707][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  232.170776][T16854] batman_adv: batadv0: Adding interface: dummy0
[  232.177139][T16854] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.213764][T16854] batman_adv: batadv0: Interface activated: dummy0
[  232.353940][T16870] loop8: detected capacity change from 0 to 128
[  232.370389][T16870] ext4 filesystem being mounted at /142/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  232.585450][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  232.687718][T16922] loop9: detected capacity change from 0 to 512
[  232.695592][T16922] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  232.706890][T16922] EXT4-fs (loop9): 1 truncate cleaned up
[  232.894917][T16934] loop9: detected capacity change from 0 to 128
[  232.908064][T16934] EXT4-fs mount: 148 callbacks suppressed
[  232.908078][T16934] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  232.931373][T16934] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.964205][T12627] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  233.226932][T16964] lo speed is unknown, defaulting to 1000
[  233.387349][   T29] kauditd_printk_skb: 520 callbacks suppressed
[  233.387364][   T29] audit: type=1326 audit(2000000024.082:7635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16980 comm="syz.9.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  233.423500][   T29] audit: type=1326 audit(2000000024.082:7636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16980 comm="syz.9.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  233.424695][T16984] loop9: detected capacity change from 0 to 512
[  233.447434][   T29] audit: type=1400 audit(2000000024.082:7637): avc:  denied  { mount } for  pid=16980 comm="syz.9.3459" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  233.447487][   T29] audit: type=1326 audit(2000000024.091:7638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16980 comm="syz.9.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  233.516842][T16984] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.529898][T16984] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  233.641677][T16989] loop8: detected capacity change from 0 to 512
[  233.669429][T16993] loop7: detected capacity change from 0 to 512
[  233.676355][T16993] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  233.695912][T16993] EXT4-fs (loop7): 1 truncate cleaned up
[  233.702335][T16993] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.718801][T16989] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.731375][   T29] audit: type=1326 audit(2000000024.377:7639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16997 comm="syz.2.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  233.731828][T16989] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  233.755546][   T29] audit: type=1326 audit(2000000024.377:7640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16997 comm="syz.2.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  233.789332][   T29] audit: type=1326 audit(2000000024.377:7641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16997 comm="syz.2.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  233.813125][   T29] audit: type=1326 audit(2000000024.377:7642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16997 comm="syz.2.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  233.836689][   T29] audit: type=1326 audit(2000000024.377:7643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16997 comm="syz.2.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  233.861175][   T29] audit: type=1326 audit(2000000024.433:7644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16997 comm="syz.2.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  233.899420][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.927662][T16989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  233.942894][T16989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.047076][T17021] loop7: detected capacity change from 0 to 512
[  234.055046][T17021] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  234.073692][T17021] EXT4-fs (loop7): 1 truncate cleaned up
[  234.087493][T17019] lo speed is unknown, defaulting to 1000
[  234.094171][T17021] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.144210][ T3392] usb 3-1: enqueue for inactive port 0
[  234.149790][ T3392] usb 3-1: enqueue for inactive port 0
[  234.156454][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.187096][T17027] 9pnet_rdma: rdma_create_trans (17027): problem binding to privport: 13
[  234.236643][ T3392] vhci_hcd: vhci_device speed not set
[  234.316760][   T24] usb 5-1: enqueue for inactive port 0
[  234.322407][   T24] usb 5-1: enqueue for inactive port 0
[  234.369503][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.403378][   T24] vhci_hcd: vhci_device speed not set
[  234.426732][T17050] loop7: detected capacity change from 0 to 512
[  234.458982][T17050] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.471550][T17050] ext4 filesystem being mounted at /208/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  234.567419][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.608638][T17057] FAULT_INJECTION: forcing a failure.
[  234.608638][T17057] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  234.622023][T17057] CPU: 1 UID: 0 PID: 17057 Comm: syz.8.3487 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  234.632800][T17057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  234.642857][T17057] Call Trace:
[  234.646170][T17057]  <TASK>
[  234.649176][T17057]  dump_stack_lvl+0xf2/0x150
[  234.653819][T17057]  dump_stack+0x15/0x20
[  234.658120][T17057]  should_fail_ex+0x223/0x230
[  234.662809][T17057]  should_fail_alloc_page+0xfd/0x110
[  234.668245][T17057]  __alloc_pages_noprof+0x109/0x340
[  234.673618][T17057]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  234.679018][T17057]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  234.683217][T17063] lo speed is unknown, defaulting to 1000
[  234.684389][T17057]  handle_mm_fault+0xdbe/0x2aa0
[  234.695041][T17057]  exc_page_fault+0x3b9/0x650
[  234.699842][T17057]  asm_exc_page_fault+0x26/0x30
[  234.704710][T17057] RIP: 0033:0x7fde9f3df076
[  234.709132][T17057] Code: 00 00 00 00 41 57 31 c0 41 56 49 89 d6 41 55 49 89 f5 48 89 d6 41 54 49 89 fc 48 8d 3d 15 36 1a 00 55 53 48 81 ec 88 20 00 00 <48> 89 0c 24 4c 89 44 24 08 e8 2c fe fe ff 4d 85 f6 0f 84 46 0a 00
[  234.728911][T17057] RSP: 002b:00007fde9e17ef70 EFLAGS: 00010202
[  234.735094][T17057] RAX: 0000000000000000 RBX: 00007fde9f6c5f80 RCX: 0000000000000000
[  234.743112][T17057] RDX: 0000000020000bc0 RSI: 0000000020000bc0 RDI: 00007fde9f582682
[  234.751067][T17057] RBP: 00007fde9e181090 R08: 00007fde9f3cf230 R09: 0000000000000000
[  234.759020][T17057] R10: 0000000000000001 R11: 0000000020000bc0 R12: 0000000000000001
[  234.766989][T17057] R13: 000000000000004e R14: 0000000020000bc0 R15: 00007ffe059f9168
[  234.774970][T17057]  </TASK>
[  234.775456][T17057] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  234.777654][T17057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.777751][T17057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.874129][T17068] loop9: detected capacity change from 0 to 512
[  234.882189][T17068] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.3492: corrupted in-inode xattr: invalid ea_ino
[  234.895898][T17068] EXT4-fs error (device loop9): ext4_orphan_get:1393: comm syz.9.3492: couldn't read orphan inode 15 (err -117)
[  234.912460][T17068] EXT4-fs (loop9): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.076882][T12627] EXT4-fs (loop9): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  235.178668][T17082] sch_tbf: burst 2 is lower than device lo mtu (65550) !
[  235.179920][T17084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.196740][T17084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.381457][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.494323][T17096] loop8: detected capacity change from 0 to 128
[  235.507390][T17096] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  235.520696][T17096] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.609702][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  235.642536][T17102] loop8: detected capacity change from 0 to 128
[  235.652523][T17102] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  235.666013][T17102] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.746750][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  236.061744][T14011] usb 17-1: enqueue for inactive port 0
[  236.067404][T14011] usb 17-1: enqueue for inactive port 0
[  236.159115][T14011] vhci_hcd: vhci_device speed not set
[  236.290801][T17136] loop9: detected capacity change from 0 to 512
[  236.305392][T17136] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.317992][T17136] ext4 filesystem being mounted at /196/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  236.335771][T17141] loop7: detected capacity change from 0 to 512
[  236.343618][T17141] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  236.356117][T17141] EXT4-fs (loop7): 1 truncate cleaned up
[  236.363198][T17141] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.430694][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.535060][T17149] loop7: detected capacity change from 0 to 512
[  236.554115][T17149] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.566844][T17149] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  236.784735][T17161] loop8: detected capacity change from 0 to 128
[  236.797379][T17161] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  236.814770][T17161] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.836796][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  236.879644][T17169] IPv6: Can't replace route, no match found
[  236.910617][T17174] loop8: detected capacity change from 0 to 512
[  236.917506][T17174] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  236.929201][T17174] EXT4-fs (loop8): 1 truncate cleaned up
[  236.935285][T17174] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.964262][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.015468][T17182] loop8: detected capacity change from 0 to 512
[  237.022375][T17182] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  237.033978][T17182] EXT4-fs (loop8): 1 truncate cleaned up
[  237.040037][T17182] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.073745][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.096792][T17187] loop8: detected capacity change from 0 to 512
[  237.104693][T17187] EXT4-fs: Invalid want_extra_isize 1073741870
[  237.125216][T17187] loop8: detected capacity change from 0 to 128
[  237.138408][T17187] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  237.151170][T17187] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.272480][T17194] IPv6: Can't replace route, no match found
[  237.281615][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.296396][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  237.360906][T17203] loop8: detected capacity change from 0 to 2048
[  237.384540][T17205] loop9: detected capacity change from 0 to 512
[  237.391403][T17205] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  237.402172][T17203] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.413829][T17205] EXT4-fs (loop9): 1 truncate cleaned up
[  237.420494][T17205] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.447338][   T11] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  237.472958][   T11] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  237.485296][   T11] EXT4-fs (loop8): This should not happen!! Data will be lost
[  237.485296][   T11] 
[  237.496575][   T11] EXT4-fs (loop8): Total free blocks count 0
[  237.502679][   T11] EXT4-fs (loop8): Free/Dirty block details
[  237.508809][   T11] EXT4-fs (loop8): free_blocks=2415919104
[  237.514694][   T11] EXT4-fs (loop8): dirty_blocks=16
[  237.519886][   T11] EXT4-fs (loop8): Block reservation details
[  237.525915][   T11] EXT4-fs (loop8): i_reserved_data_blocks=1
[  237.532585][T17210] Invalid ELF header type: 2 != 1
[  237.533842][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.546876][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.558670][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.620961][T17212] FAULT_INJECTION: forcing a failure.
[  237.620961][T17212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.634101][T17212] CPU: 0 UID: 0 PID: 17212 Comm: syz.9.3545 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  237.644873][T17212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  237.654929][T17212] Call Trace:
[  237.658201][T17212]  <TASK>
[  237.661158][T17212]  dump_stack_lvl+0xf2/0x150
[  237.665771][T17212]  dump_stack+0x15/0x20
[  237.669932][T17212]  should_fail_ex+0x223/0x230
[  237.674623][T17212]  should_fail+0xb/0x10
[  237.678797][T17212]  should_fail_usercopy+0x1a/0x20
[  237.683834][T17212]  _copy_to_iter+0x248/0xd00
[  237.688433][T17212]  ? down_read+0x171/0x4b0
[  237.692857][T17212]  copy_page_to_iter+0x171/0x2b0
[  237.697830][T17212]  process_vm_rw+0x5f0/0x8c0
[  237.702467][T17212]  ? ksys_write+0x17a/0x1b0
[  237.706981][T17212]  __x64_sys_process_vm_readv+0x7a/0x90
[  237.712537][T17212]  x64_sys_call+0x255d/0x2d60
[  237.717283][T17212]  do_syscall_64+0xc9/0x1c0
[  237.721794][T17212]  ? clear_bhb_loop+0x55/0xb0
[  237.726619][T17212]  ? clear_bhb_loop+0x55/0xb0
[  237.731301][T17212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.737260][T17212] RIP: 0033:0x7f054592e719
[  237.741717][T17212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.761373][T17212] RSP: 002b:00007f05445a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  237.769838][T17212] RAX: ffffffffffffffda RBX: 00007f0545ae5f80 RCX: 00007f054592e719
[  237.777832][T17212] RDX: 0000000000000002 RSI: 0000000020008400 RDI: 0000000000000206
[  237.785820][T17212] RBP: 00007f05445a7090 R08: 0000000000000286 R09: 0000000000000000
[  237.793796][T17212] R10: 0000000020008640 R11: 0000000000000246 R12: 0000000000000001
[  237.801943][T17212] R13: 0000000000000000 R14: 00007f0545ae5f80 R15: 00007ffca2dfd428
[  237.809927][T17212]  </TASK>
[  237.816765][T17217] loop7: detected capacity change from 0 to 128
[  237.856513][T17217] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  237.871818][T17222] loop8: detected capacity change from 0 to 128
[  237.894168][T17222] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  237.907296][T17217] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.927730][T17222] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.946327][T17217] __nla_validate_parse: 4 callbacks suppressed
[  237.946341][T17217] netlink: 100 bytes leftover after parsing attributes in process `syz.7.3544'.
[  237.981510][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  238.101999][T11501] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  238.187625][T17239] siw: device registration error -23
[  238.271845][T17253] loop7: detected capacity change from 0 to 512
[  238.307806][T17253] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  238.332792][T17253] EXT4-fs (loop7): 1 truncate cleaned up
[  238.351193][T17253] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.438606][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.455498][T17268] batman_adv: batadv0: Adding interface: dummy0
[  238.461868][T17268] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.496398][T17268] batman_adv: batadv0: Interface activated: dummy0
[  238.606435][T17284] FAULT_INJECTION: forcing a failure.
[  238.606435][T17284] name failslab, interval 1, probability 0, space 0, times 0
[  238.619215][T17284] CPU: 0 UID: 0 PID: 17284 Comm: syz.9.3556 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  238.630007][T17284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  238.640214][T17284] Call Trace:
[  238.643506][T17284]  <TASK>
[  238.646511][T17284]  dump_stack_lvl+0xf2/0x150
[  238.651152][T17284]  dump_stack+0x15/0x20
[  238.655315][T17284]  should_fail_ex+0x223/0x230
[  238.660008][T17284]  ? genl_start+0x11e/0x390
[  238.664557][T17284]  should_failslab+0x8f/0xb0
[  238.669198][T17284]  __kmalloc_cache_noprof+0x4b/0x2a0
[  238.674540][T17284]  genl_start+0x11e/0x390
[  238.678952][T17284]  __netlink_dump_start+0x32a/0x520
[  238.684168][T17284]  genl_rcv_msg+0x4e5/0x6c0
[  238.688851][T17284]  ? __pfx_ieee802154_llsec_dump_seclevels+0x10/0x10
[  238.695621][T17284]  ? __pfx_genl_start+0x10/0x10
[  238.700492][T17284]  ? __pfx_genl_dumpit+0x10/0x10
[  238.705456][T17284]  ? __pfx_genl_done+0x10/0x10
[  238.710247][T17284]  netlink_rcv_skb+0x12c/0x230
[  238.715042][T17284]  ? __pfx_genl_rcv_msg+0x10/0x10
[  238.720124][T17284]  genl_rcv+0x28/0x40
[  238.724111][T17284]  netlink_unicast+0x599/0x670
[  238.728976][T17284]  netlink_sendmsg+0x5cc/0x6e0
[  238.733770][T17284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.739084][T17284]  __sock_sendmsg+0x140/0x180
[  238.743790][T17284]  ____sys_sendmsg+0x312/0x410
[  238.748631][T17284]  __sys_sendmsg+0x1d9/0x270
[  238.753254][T17284]  __x64_sys_sendmsg+0x46/0x50
[  238.758055][T17284]  x64_sys_call+0x2689/0x2d60
[  238.762793][T17284]  do_syscall_64+0xc9/0x1c0
[  238.767311][T17284]  ? clear_bhb_loop+0x55/0xb0
[  238.772052][T17284]  ? clear_bhb_loop+0x55/0xb0
[  238.776910][T17284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.782880][T17284] RIP: 0033:0x7f054592e719
[  238.787324][T17284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.806946][T17284] RSP: 002b:00007f0544565038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  238.815372][T17284] RAX: ffffffffffffffda RBX: 00007f0545ae6130 RCX: 00007f054592e719
[  238.823414][T17284] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006
[  238.831434][T17284] RBP: 00007f0544565090 R08: 0000000000000000 R09: 0000000000000000
[  238.839554][T17284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.847544][T17284] R13: 0000000000000000 R14: 00007f0545ae6130 R15: 00007ffca2dfd428
[  238.855612][T17284]  </TASK>
[  238.890267][T17288] loop8: detected capacity change from 0 to 128
[  238.908198][T17288] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  238.923845][T17288] ext4 filesystem being mounted at /167/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.943274][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  239.006053][T17296] siw: device registration error -23
[  239.013452][T17294] loop8: detected capacity change from 0 to 512
[  239.043062][T17294] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2240: inode #15: comm syz.8.3562: corrupted in-inode xattr: invalid ea_ino
[  239.059937][T17294] EXT4-fs error (device loop8): ext4_orphan_get:1393: comm syz.8.3562: couldn't read orphan inode 15 (err -117)
[  239.077755][T17301] loop7: detected capacity change from 0 to 1024
[  239.084451][T17301] EXT4-fs: Ignoring removed orlov option
[  239.090313][T17301] EXT4-fs: Ignoring removed nomblk_io_submit option
[  239.098589][T17294] EXT4-fs (loop8): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.142799][T17301] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.365759][T12501] EXT4-fs (loop8): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  239.416345][T17310] Invalid ELF header type: 2 != 1
[  239.440046][T17312] IPv6: Can't replace route, no match found
[  239.531554][T17315] loop8: detected capacity change from 0 to 128
[  239.581237][T17315] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  239.619978][T17315] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.672029][   T29] kauditd_printk_skb: 463 callbacks suppressed
[  239.672107][   T29] audit: type=1326 audit(2000000029.877:8108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17308 comm="syz.8.3567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  239.753834][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  239.790449][T17325] rdma_op ffff888110d26980 conn xmit_rdma 0000000000000000
[  239.798578][   T29] audit: type=1326 audit(2000000029.913:8109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17308 comm="syz.8.3567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  239.806501][T17328] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3572'.
[  239.822136][   T29] audit: type=1326 audit(2000000029.932:8110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17308 comm="syz.8.3567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  239.854513][   T29] audit: type=1326 audit(2000000029.932:8111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17308 comm="syz.8.3567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  239.878168][   T29] audit: type=1326 audit(2000000029.932:8112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17308 comm="syz.8.3567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  239.901746][   T29] audit: type=1326 audit(2000000029.932:8113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17308 comm="syz.8.3567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  239.925165][   T29] audit: type=1326 audit(2000000029.932:8114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17308 comm="syz.8.3567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  240.008087][   T29] audit: type=1326 audit(2000000030.181:8115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17343 comm="syz.2.3574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  240.031741][   T29] audit: type=1326 audit(2000000030.181:8116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17343 comm="syz.2.3574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  240.055658][   T29] audit: type=1326 audit(2000000030.181:8117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17343 comm="syz.2.3574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  240.116353][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.161712][T17354] loop7: detected capacity change from 0 to 512
[  240.227637][T17354] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.3575: corrupted in-inode xattr: invalid ea_ino
[  240.248597][T17354] EXT4-fs error (device loop7): ext4_orphan_get:1393: comm syz.7.3575: couldn't read orphan inode 15 (err -117)
[  240.273372][T17354] EXT4-fs (loop7): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.344188][T17374] FAULT_INJECTION: forcing a failure.
[  240.344188][T17374] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.357410][T17374] CPU: 1 UID: 0 PID: 17374 Comm: syz.9.3579 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  240.368182][T17374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  240.378290][T17374] Call Trace:
[  240.381563][T17374]  <TASK>
[  240.384485][T17374]  dump_stack_lvl+0xf2/0x150
[  240.389080][T17374]  dump_stack+0x15/0x20
[  240.393237][T17374]  should_fail_ex+0x223/0x230
[  240.398005][T17374]  should_fail+0xb/0x10
[  240.402163][T17374]  should_fail_usercopy+0x1a/0x20
[  240.407289][T17374]  _copy_from_user+0x1e/0xb0
[  240.411942][T17374]  copy_msghdr_from_user+0x54/0x2a0
[  240.417147][T17374]  __sys_sendmsg+0x171/0x270
[  240.421761][T17374]  __x64_sys_sendmsg+0x46/0x50
[  240.426558][T17374]  x64_sys_call+0x2689/0x2d60
[  240.431324][T17374]  do_syscall_64+0xc9/0x1c0
[  240.435912][T17374]  ? clear_bhb_loop+0x55/0xb0
[  240.440586][T17374]  ? clear_bhb_loop+0x55/0xb0
[  240.445360][T17374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.451334][T17374] RIP: 0033:0x7f054592e719
[  240.455742][T17374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.475353][T17374] RSP: 002b:00007f05445a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  240.483814][T17374] RAX: ffffffffffffffda RBX: 00007f0545ae5f80 RCX: 00007f054592e719
[  240.491777][T17374] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  240.499757][T17374] RBP: 00007f05445a7090 R08: 0000000000000000 R09: 0000000000000000
[  240.507761][T17374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.515772][T17374] R13: 0000000000000000 R14: 00007f0545ae5f80 R15: 00007ffca2dfd428
[  240.523741][T17374]  </TASK>
[  240.615247][T17377] IPv6: Can't replace route, no match found
[  240.668094][T11501] EXT4-fs (loop7): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  241.179691][T17419] IPv6: Can't replace route, no match found
[  241.260310][T17425] loop8: detected capacity change from 0 to 1024
[  241.268055][T17425] EXT4-fs: Ignoring removed orlov option
[  241.273836][T17425] EXT4-fs: Ignoring removed nomblk_io_submit option
[  241.299266][T17425] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.381777][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.431411][T17433] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3597'.
[  241.471609][T17435] loop8: detected capacity change from 0 to 128
[  241.482251][T17435] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  241.494988][T17435] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.578668][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  241.677388][T17444] loop8: detected capacity change from 0 to 1024
[  241.698626][T17444] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.748217][T17457] IPv6: Can't replace route, no match found
[  241.763494][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.822937][T17463] loop7: detected capacity change from 0 to 1024
[  241.830107][T17463] EXT4-fs: Ignoring removed orlov option
[  241.835840][T17463] EXT4-fs: Ignoring removed nomblk_io_submit option
[  241.862613][T17463] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.969798][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.054091][T17484] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3615'.
[  242.630009][T17503] IPv6: Can't replace route, no match found
[  242.754599][T17505] loop9: detected capacity change from 0 to 1024
[  242.762594][T17505] EXT4-fs: Ignoring removed orlov option
[  242.768291][T17505] EXT4-fs: Ignoring removed nomblk_io_submit option
[  242.795074][T17505] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.874346][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.885066][T17509] loop8: detected capacity change from 0 to 128
[  242.896364][T17509] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  242.913693][T17509] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.945125][T17514] siw: device registration error -23
[  242.958005][T17516] loop7: detected capacity change from 0 to 1024
[  242.964790][T17516] EXT4-fs: Ignoring removed orlov option
[  242.970608][T17516] EXT4-fs: Ignoring removed nomblk_io_submit option
[  242.991529][T17516] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.190462][T17536] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3633'.
[  243.921466][T17561] loop9: detected capacity change from 0 to 128
[  243.990393][T17561] ext4 filesystem being mounted at /215/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  244.137897][T17569] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3644'.
[  244.171788][T17573] loop7: detected capacity change from 0 to 1024
[  244.178397][T17573] EXT4-fs: Ignoring removed orlov option
[  244.184190][T17573] EXT4-fs: Ignoring removed nomblk_io_submit option
[  244.238970][T17581] loop8: detected capacity change from 0 to 128
[  244.262948][T17581] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.130985][T17663] netlink: 60 bytes leftover after parsing attributes in process `syz.8.3664'.
[  245.145938][T17665] loop7: detected capacity change from 0 to 512
[  245.160410][T17665] ext4 filesystem being mounted at /234/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  245.485265][   T29] kauditd_printk_skb: 500 callbacks suppressed
[  245.485323][   T29] audit: type=1326 audit(2000000035.237:8618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17670 comm="syz.2.3666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.515506][   T29] audit: type=1326 audit(2000000035.237:8619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17670 comm="syz.2.3666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.539024][   T29] audit: type=1326 audit(2000000035.237:8620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17670 comm="syz.2.3666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.565356][   T29] audit: type=1326 audit(2000000035.293:8621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17670 comm="syz.2.3666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.589036][   T29] audit: type=1326 audit(2000000035.293:8622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17670 comm="syz.2.3666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.612986][   T29] audit: type=1326 audit(2000000035.330:8623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17673 comm="syz.2.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.636497][   T29] audit: type=1326 audit(2000000035.330:8624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17673 comm="syz.2.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.660032][   T29] audit: type=1326 audit(2000000035.330:8625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17673 comm="syz.2.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.683785][   T29] audit: type=1326 audit(2000000035.330:8626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17673 comm="syz.2.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.707415][   T29] audit: type=1326 audit(2000000035.330:8627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17673 comm="syz.2.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  245.771308][T17678] can0: slcan on ttyS3.
[  246.173462][T17678] can0 (unregistered): slcan off ttyS3.
[  246.218741][T17711] loop8: detected capacity change from 0 to 512
[  246.245353][T17711] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  246.392642][T17711] EXT4-fs (loop8): 1 truncate cleaned up
[  246.852642][T17733] loop9: detected capacity change from 0 to 512
[  246.879114][T17733] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  246.903831][T17733] EXT4-fs (loop9): 1 truncate cleaned up
[  246.944681][T17743] loop9: detected capacity change from 0 to 512
[  246.959700][T17743] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.3681: corrupted in-inode xattr: invalid ea_ino
[  246.973369][T17743] EXT4-fs error (device loop9): ext4_orphan_get:1393: comm syz.9.3681: couldn't read orphan inode 15 (err -117)
[  246.986233][T17745] IPv6: Can't replace route, no match found
[  247.058851][T17748] loop7: detected capacity change from 0 to 1024
[  247.068199][T17748] EXT4-fs: Ignoring removed orlov option
[  247.073927][T17748] EXT4-fs: Ignoring removed nomblk_io_submit option
[  247.238689][T17762] IPv6: Can't replace route, no match found
[  247.314762][T17769] loop9: detected capacity change from 0 to 1024
[  247.321597][T17769] EXT4-fs: Ignoring removed orlov option
[  247.327395][T17769] EXT4-fs: Ignoring removed nomblk_io_submit option
[  247.380345][T17773] loop7: detected capacity change from 0 to 512
[  247.387317][T17773] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  247.413395][T17773] EXT4-fs (loop7): 1 truncate cleaned up
[  247.452985][T17780] loop8: detected capacity change from 0 to 1024
[  247.470582][T17780] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  247.480941][T17780] JBD2: no valid journal superblock found
[  247.486715][T17780] EXT4-fs (loop8): Could not load journal inode
[  247.544405][T17791] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3698'.
[  248.134188][T17822] loop7: detected capacity change from 0 to 1024
[  248.212432][T17812] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3708'.
[  248.221588][T17812] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3708'.
[  248.302878][T17831] FAULT_INJECTION: forcing a failure.
[  248.302878][T17831] name failslab, interval 1, probability 0, space 0, times 0
[  248.315623][T17831] CPU: 0 UID: 0 PID: 17831 Comm: syz.7.3713 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  248.326414][T17831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  248.336493][T17831] Call Trace:
[  248.339780][T17831]  <TASK>
[  248.342797][T17831]  dump_stack_lvl+0xf2/0x150
[  248.347428][T17831]  dump_stack+0x15/0x20
[  248.351657][T17831]  should_fail_ex+0x223/0x230
[  248.356490][T17831]  ? __kvmalloc_node_noprof+0x72/0x170
[  248.362007][T17831]  should_failslab+0x8f/0xb0
[  248.366708][T17831]  __kmalloc_node_noprof+0xa8/0x380
[  248.372014][T17831]  __kvmalloc_node_noprof+0x72/0x170
[  248.377322][T17831]  io_ring_ctx_alloc+0x1fc/0xd90
[  248.382378][T17831]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  248.388186][T17831]  io_uring_create+0x1cf/0x940
[  248.392985][T17831]  __se_sys_io_uring_setup+0x1d2/0x1e0
[  248.398502][T17831]  __x64_sys_io_uring_setup+0x31/0x40
[  248.403933][T17831]  x64_sys_call+0x1f7e/0x2d60
[  248.408769][T17831]  do_syscall_64+0xc9/0x1c0
[  248.413449][T17831]  ? clear_bhb_loop+0x55/0xb0
[  248.418150][T17831]  ? clear_bhb_loop+0x55/0xb0
[  248.422845][T17831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.428814][T17831] RIP: 0033:0x7fe1edb4e719
[  248.433321][T17831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.452948][T17831] RSP: 002b:00007fe1ec7a6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  248.461398][T17831] RAX: ffffffffffffffda RBX: 00007fe1edd06058 RCX: 00007fe1edb4e719
[  248.469448][T17831] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000488
[  248.477512][T17831] RBP: 00007fe1ec7a6090 R08: 0000000000000000 R09: 0000000000000000
[  248.485516][T17831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.493492][T17831] R13: 0000000000000000 R14: 00007fe1edd06058 R15: 00007ffe34d2cde8
[  248.501483][T17831]  </TASK>
[  248.579890][T17874] IPv6: Can't replace route, no match found
[  248.631708][T17881] loop9: detected capacity change from 0 to 512
[  248.650454][T17881] ext4 filesystem being mounted at /237/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  248.655769][T17882] loop8: detected capacity change from 0 to 1024
[  248.668705][T17882] EXT4-fs: Ignoring removed orlov option
[  248.674441][T17882] EXT4-fs: Ignoring removed nomblk_io_submit option
[  248.822535][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  248.879372][T17901] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3729'.
[  248.891336][T17901] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(15)
[  248.897952][T17901] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  248.905653][T17901] vhci_hcd vhci_hcd.0: Device attached
[  249.099642][   T35] vhci_hcd: vhci_device speed not set
[  249.164371][   T35] usb 5-1: new full-speed USB device number 13 using vhci_hcd
[  249.296333][T17913] syz.1.3734[17913] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  249.297428][T17913] syz.1.3734[17913] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  249.331812][T17913] syz.1.3734[17913] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  249.642449][T17925] loop9: detected capacity change from 0 to 512
[  249.669402][T17927] IPv6: Can't replace route, no match found
[  249.680362][T17925] ext4 filesystem being mounted at /239/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  249.754938][T17902] vhci_hcd: connection reset by peer
[  249.766370][T17931] loop7: detected capacity change from 0 to 1024
[  249.773225][T17931] EXT4-fs: Ignoring removed orlov option
[  249.778995][T17931] EXT4-fs: Ignoring removed nomblk_io_submit option
[  249.787604][ T8342] vhci_hcd: stop threads
[  249.791875][ T8342] vhci_hcd: release socket
[  249.796345][ T8342] vhci_hcd: disconnect device
[  249.926667][T17943] loop7: detected capacity change from 0 to 512
[  249.934534][T17943] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  249.946146][T17943] EXT4-fs (loop7): 1 truncate cleaned up
[  249.972874][T17947] loop7: detected capacity change from 0 to 512
[  249.983310][T17947] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.3744: corrupted in-inode xattr: invalid ea_ino
[  250.002706][T17947] EXT4-fs error (device loop7): ext4_orphan_get:1393: comm syz.7.3744: couldn't read orphan inode 15 (err -117)
[  250.212599][T17964] loop7: detected capacity change from 0 to 512
[  250.220744][T17964] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  250.232011][T17964] EXT4-fs (loop7): 1 truncate cleaned up
[  250.817554][T17976] loop9: detected capacity change from 0 to 1024
[  250.825164][T17976] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  250.837911][T17976] JBD2: no valid journal superblock found
[  250.843658][T17976] EXT4-fs (loop9): Could not load journal inode
[  250.871608][T17982] loop8: detected capacity change from 0 to 1024
[  250.882017][T17982] EXT4-fs: Ignoring removed orlov option
[  250.887869][T17982] EXT4-fs: Ignoring removed nomblk_io_submit option
[  250.967556][T17988] Invalid ELF header type: 2 != 1
[  251.379907][T17998] loop7: detected capacity change from 0 to 512
[  251.404233][T17998] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  251.428779][T17998] EXT4-fs (loop7): 1 truncate cleaned up
[  251.635527][T18010] IPv6: Can't replace route, no match found
[  251.709566][T18012] loop7: detected capacity change from 0 to 1024
[  251.720378][T18012] EXT4-fs: Ignoring removed orlov option
[  251.726210][T18012] EXT4-fs: Ignoring removed nomblk_io_submit option
[  251.840529][   T29] kauditd_printk_skb: 238 callbacks suppressed
[  251.840556][   T29] audit: type=1326 audit(2000000041.097:8866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  251.849105][T18016] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3768'.
[  251.870985][   T29] audit: type=1326 audit(2000000041.097:8867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  251.902998][   T29] audit: type=1326 audit(2000000041.097:8868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  251.926634][   T29] audit: type=1326 audit(2000000041.097:8869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  251.950450][   T29] audit: type=1326 audit(2000000041.097:8870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  251.973841][   T29] audit: type=1326 audit(2000000041.097:8871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  251.997584][   T29] audit: type=1326 audit(2000000041.097:8872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  252.021089][   T29] audit: type=1326 audit(2000000041.097:8873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  252.044848][   T29] audit: type=1326 audit(2000000041.097:8874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  252.068430][   T29] audit: type=1326 audit(2000000041.097:8875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.8.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  252.121565][T18023] loop9: detected capacity change from 0 to 1024
[  252.132305][T18023] EXT4-fs: Ignoring removed orlov option
[  252.138214][T18023] EXT4-fs: Ignoring removed nomblk_io_submit option
[  252.144923][T18027] loop7: detected capacity change from 0 to 1024
[  252.161794][T18027] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  252.173860][T18027] JBD2: no valid journal superblock found
[  252.179695][T18027] EXT4-fs (loop7): Could not load journal inode
[  252.305551][T18035] loop7: detected capacity change from 0 to 512
[  252.315355][T18035] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  252.548995][T18035] EXT4-fs (loop7): 1 truncate cleaned up
[  252.733099][T18056] lo speed is unknown, defaulting to 1000
[  252.746474][T18059] IPv6: Can't replace route, no match found
[  252.815447][T18061] loop7: detected capacity change from 0 to 1024
[  252.822354][T18061] EXT4-fs: Ignoring removed orlov option
[  252.828118][T18061] EXT4-fs: Ignoring removed nomblk_io_submit option
[  253.097831][T18082] loop8: detected capacity change from 0 to 1024
[  253.238407][T18101] loop9: detected capacity change from 0 to 1024
[  253.251963][T18101] EXT4-fs: Ignoring removed orlov option
[  253.257778][T18101] EXT4-fs: Ignoring removed nomblk_io_submit option
[  253.774372][T18120] geneve2: entered promiscuous mode
[  253.779691][T18120] geneve2: entered allmulticast mode
[  254.078952][T18138] loop8: detected capacity change from 0 to 2048
[  254.106636][   T11] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  254.121567][   T11] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  254.133969][   T11] EXT4-fs (loop8): This should not happen!! Data will be lost
[  254.133969][   T11] 
[  254.144106][   T11] EXT4-fs (loop8): Total free blocks count 0
[  254.150177][   T11] EXT4-fs (loop8): Free/Dirty block details
[  254.156429][   T11] EXT4-fs (loop8): free_blocks=2415919104
[  254.162228][   T11] EXT4-fs (loop8): dirty_blocks=16
[  254.167349][   T11] EXT4-fs (loop8): Block reservation details
[  254.173426][   T11] EXT4-fs (loop8): i_reserved_data_blocks=1
[  254.328410][T18149] loop8: detected capacity change from 0 to 1024
[  254.360519][T18149] EXT4-fs: Ignoring removed orlov option
[  254.366341][T18149] EXT4-fs: Ignoring removed nomblk_io_submit option
[  254.426699][T18159] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3820'.
[  254.553626][T18169] IPv6: Can't replace route, no match found
[  254.628451][T18174] loop9: detected capacity change from 0 to 1024
[  254.636379][T18174] EXT4-fs: Ignoring removed orlov option
[  254.642147][T18174] EXT4-fs: Ignoring removed nomblk_io_submit option
[  254.665520][   T35] usb 5-1: enqueue for inactive port 0
[  254.671517][   T35] usb 5-1: enqueue for inactive port 0
[  254.756752][   T35] vhci_hcd: vhci_device speed not set
[  255.106957][T18195] Invalid ELF header type: 2 != 1
[  255.111499][T18197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3833'.
[  255.259305][T18206] FAULT_INJECTION: forcing a failure.
[  255.259305][T18206] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.272468][T18206] CPU: 0 UID: 0 PID: 18206 Comm: syz.2.3836 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  255.283324][T18206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  255.293378][T18206] Call Trace:
[  255.296650][T18206]  <TASK>
[  255.299581][T18206]  dump_stack_lvl+0xf2/0x150
[  255.304197][T18206]  dump_stack+0x15/0x20
[  255.308374][T18206]  should_fail_ex+0x223/0x230
[  255.313078][T18206]  should_fail+0xb/0x10
[  255.317370][T18206]  should_fail_usercopy+0x1a/0x20
[  255.322428][T18206]  fpu__restore_sig+0x11d/0xb00
[  255.327328][T18206]  restore_sigcontext+0x1b5/0x220
[  255.332438][T18206]  __do_sys_rt_sigreturn+0xfd/0x160
[  255.337653][T18206]  x64_sys_call+0x28e1/0x2d60
[  255.342349][T18206]  do_syscall_64+0xc9/0x1c0
[  255.346871][T18206]  ? clear_bhb_loop+0x55/0xb0
[  255.351609][T18206]  ? clear_bhb_loop+0x55/0xb0
[  255.356372][T18206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.362287][T18206] RIP: 0033:0x7f9b3770e717
[  255.366740][T18206] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  255.386396][T18206] RSP: 002b:00007f9b36387038 EFLAGS: 00000246
[  255.392474][T18206] RAX: 0000000000000013 RBX: 00007f9b378c5f80 RCX: 00007f9b3770e719
[  255.400448][T18206] RDX: 0000000000000001 RSI: 0000000020000400 RDI: 0000000000000003
[  255.408484][T18206] RBP: 00007f9b36387090 R08: 0000000000000000 R09: 0000000000000000
[  255.416465][T18206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.424447][T18206] R13: 0000000000000000 R14: 00007f9b378c5f80 R15: 00007ffef8289d58
[  255.432435][T18206]  </TASK>
[  255.440476][T18213] IPv6: Can't replace route, no match found
[  255.516807][T18218] loop8: detected capacity change from 0 to 1024
[  255.544073][T18218] EXT4-fs: Ignoring removed orlov option
[  255.549893][T18218] EXT4-fs: Ignoring removed nomblk_io_submit option
[  255.711877][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  255.737795][T18237] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3845'.
[  255.808849][T18241] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3847'.
[  255.824270][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  255.878246][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  255.896448][T18247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=22816 sclass=netlink_route_socket pid=18247 comm=syz.8.3849
[  255.986591][T18252] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=22816 sclass=netlink_route_socket pid=18252 comm=syz.8.3849
[  256.074708][T18263] netlink: 'syz.1.3856': attribute type 3 has an invalid length.
[  256.096117][T18265] loop8: detected capacity change from 0 to 512
[  256.139246][T18265] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.153743][T18265] EXT4-fs error (device loop8): ext4_xattr_block_get:596: inode #15: comm syz.8.3857: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  256.170556][T18265] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  256.179676][T18265] EXT4-fs error (device loop8): ext4_xattr_block_get:596: inode #15: comm syz.8.3857: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  256.196512][T18265] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  256.206452][T18265] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm syz.8.3857: bg 0: block 18: invalid block bitmap
[  256.219083][T18276] loop9: detected capacity change from 0 to 2048
[  256.219195][T18265] EXT4-fs error (device loop8): ext4_acquire_dquot:6879: comm syz.8.3857: Failed to acquire dquot type 1
[  256.298398][ T9117] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  256.322751][ T9117] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  256.335025][ T9117] EXT4-fs (loop9): This should not happen!! Data will be lost
[  256.335025][ T9117] 
[  256.344802][ T9117] EXT4-fs (loop9): Total free blocks count 0
[  256.350915][ T9117] EXT4-fs (loop9): Free/Dirty block details
[  256.356838][ T9117] EXT4-fs (loop9): free_blocks=2415919104
[  256.362586][ T9117] EXT4-fs (loop9): dirty_blocks=16
[  256.367709][ T9117] EXT4-fs (loop9): Block reservation details
[  256.373731][ T9117] EXT4-fs (loop9): i_reserved_data_blocks=1
[  256.391393][T18287] Invalid ELF header type: 2 != 1
[  256.433631][T18291] loop9: detected capacity change from 0 to 512
[  256.460692][T18291] ext4 filesystem being mounted at /262/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  256.854260][T18316] lo speed is unknown, defaulting to 1000
[  257.094276][T18321] loop7: detected capacity change from 0 to 2048
[  257.133286][   T28] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  257.148636][   T28] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  257.160865][   T28] EXT4-fs (loop7): This should not happen!! Data will be lost
[  257.160865][   T28] 
[  257.170514][   T28] EXT4-fs (loop7): Total free blocks count 0
[  257.176524][   T28] EXT4-fs (loop7): Free/Dirty block details
[  257.182410][   T28] EXT4-fs (loop7): free_blocks=2415919104
[  257.188165][   T28] EXT4-fs (loop7): dirty_blocks=16
[  257.193267][   T28] EXT4-fs (loop7): Block reservation details
[  257.199275][   T28] EXT4-fs (loop7): i_reserved_data_blocks=1
[  257.282774][   T29] kauditd_printk_skb: 493 callbacks suppressed
[  257.282790][   T29] audit: type=1326 audit(2000000046.125:9367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.312679][   T29] audit: type=1326 audit(2000000046.125:9368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.337734][   T29] audit: type=1326 audit(2000000046.125:9369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.361415][   T29] audit: type=1326 audit(2000000046.125:9370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.384832][   T29] audit: type=1326 audit(2000000046.125:9371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.408496][   T29] audit: type=1326 audit(2000000046.125:9372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.444718][   T29] audit: type=1326 audit(2000000046.264:9373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.468370][   T29] audit: type=1326 audit(2000000046.264:9374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.493282][   T29] audit: type=1326 audit(2000000046.282:9375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.517295][   T29] audit: type=1326 audit(2000000046.282:9376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18330 comm="syz.7.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  257.623647][T18347] loop9: detected capacity change from 0 to 2048
[  257.632297][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  257.670091][ T1759] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  257.676501][T18356] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3887'.
[  257.700039][ T1759] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  257.712273][ T1759] EXT4-fs (loop9): This should not happen!! Data will be lost
[  257.712273][ T1759] 
[  257.722001][ T1759] EXT4-fs (loop9): Total free blocks count 0
[  257.728134][ T1759] EXT4-fs (loop9): Free/Dirty block details
[  257.734051][ T1759] EXT4-fs (loop9): free_blocks=2415919104
[  257.739888][ T1759] EXT4-fs (loop9): dirty_blocks=16
[  257.745078][ T1759] EXT4-fs (loop9): Block reservation details
[  257.745093][ T1759] EXT4-fs (loop9): i_reserved_data_blocks=1
[  258.142747][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  258.197453][T18389] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3901'.
[  258.208722][T18391] loop8: detected capacity change from 0 to 2048
[  258.246115][   T11] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  258.261174][   T11] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  258.273598][   T11] EXT4-fs (loop8): This should not happen!! Data will be lost
[  258.273598][   T11] 
[  258.283307][   T11] EXT4-fs (loop8): Total free blocks count 0
[  258.289359][   T11] EXT4-fs (loop8): Free/Dirty block details
[  258.295394][   T11] EXT4-fs (loop8): free_blocks=2415919104
[  258.301336][   T11] EXT4-fs (loop8): dirty_blocks=16
[  258.306547][   T11] EXT4-fs (loop8): Block reservation details
[  258.312579][   T11] EXT4-fs (loop8): i_reserved_data_blocks=1
[  258.361135][T18404] loop8: detected capacity change from 0 to 1024
[  258.368290][T18404] EXT4-fs: Ignoring removed orlov option
[  258.374046][T18404] EXT4-fs: Ignoring removed nomblk_io_submit option
[  258.483159][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  258.554175][T18419] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3913'.
[  258.598687][T18421] loop7: detected capacity change from 0 to 2048
[  258.643716][   T11] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  258.679276][   T11] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  258.691555][   T11] EXT4-fs (loop7): This should not happen!! Data will be lost
[  258.691555][   T11] 
[  258.701253][   T11] EXT4-fs (loop7): Total free blocks count 0
[  258.707308][   T11] EXT4-fs (loop7): Free/Dirty block details
[  258.713300][   T11] EXT4-fs (loop7): free_blocks=2415919104
[  258.719099][   T11] EXT4-fs (loop7): dirty_blocks=16
[  258.724298][   T11] EXT4-fs (loop7): Block reservation details
[  258.730379][   T11] EXT4-fs (loop7): i_reserved_data_blocks=1
[  258.759695][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  258.847168][T18447] loop7: detected capacity change from 0 to 512
[  258.867346][T18447] ext4 filesystem being mounted at /299/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  259.094993][T18458] siw: device registration error -23
[  259.421709][T18472] loop8: detected capacity change from 0 to 512
[  259.435160][T18472] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  259.465403][T18472] EXT4-fs (loop8): 1 truncate cleaned up
[  259.566513][T18475] loop8: detected capacity change from 0 to 1024
[  259.574280][T18475] EXT4-fs: Ignoring removed orlov option
[  259.580106][T18475] EXT4-fs: Ignoring removed nomblk_io_submit option
[  259.869833][T18481] loop7: detected capacity change from 0 to 512
[  259.885920][T18481] ext4 filesystem being mounted at /300/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  259.927937][T18490] siw: device registration error -23
[  260.023079][T18494] loop9: detected capacity change from 0 to 2048
[  260.203472][  T407] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  260.227565][  T407] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  260.239879][  T407] EXT4-fs (loop9): This should not happen!! Data will be lost
[  260.239879][  T407] 
[  260.249862][  T407] EXT4-fs (loop9): Total free blocks count 0
[  260.255874][  T407] EXT4-fs (loop9): Free/Dirty block details
[  260.261770][  T407] EXT4-fs (loop9): free_blocks=2415919104
[  260.267571][  T407] EXT4-fs (loop9): dirty_blocks=16
[  260.272771][  T407] EXT4-fs (loop9): Block reservation details
[  260.278778][  T407] EXT4-fs (loop9): i_reserved_data_blocks=1
[  260.395358][T18514] lo speed is unknown, defaulting to 1000
[  260.533950][T18524] siw: device registration error -23
[  260.671998][T18532] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3952'.
[  261.072875][T18561] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3964'.
[  261.148195][T18567] loop7: detected capacity change from 0 to 1024
[  261.157438][T18567] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  261.160900][T18568] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3966'.
[  261.169899][T18567] JBD2: no valid journal superblock found
[  261.182520][T18567] EXT4-fs (loop7): Could not load journal inode
[  261.246357][T18568] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(15)
[  261.252973][T18568] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  261.260768][T18568] vhci_hcd vhci_hcd.0: Device attached
[  261.376201][T18576] loop9: detected capacity change from 0 to 1024
[  261.384521][T18576] EXT4-fs: Ignoring removed orlov option
[  261.390313][T18576] EXT4-fs: Ignoring removed nomblk_io_submit option
[  261.431056][T18580] loop7: detected capacity change from 0 to 1024
[  261.441493][T18580] EXT4-fs: Ignoring removed orlov option
[  261.447246][T18580] EXT4-fs: Ignoring removed nomblk_io_submit option
[  261.454533][ T3392] vhci_hcd: vhci_device speed not set
[  261.577049][ T3392] usb 5-1: new full-speed USB device number 14 using vhci_hcd
[  261.662647][T18586] IPv6: Can't replace route, no match found
[  261.874537][T18605] FAULT_INJECTION: forcing a failure.
[  261.874537][T18605] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.887694][T18605] CPU: 0 UID: 0 PID: 18605 Comm: syz.1.3980 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  261.898473][T18605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  261.908520][T18605] Call Trace:
[  261.911796][T18605]  <TASK>
[  261.914713][T18605]  dump_stack_lvl+0xf2/0x150
[  261.919325][T18605]  dump_stack+0x15/0x20
[  261.923472][T18605]  should_fail_ex+0x223/0x230
[  261.928261][T18605]  should_fail+0xb/0x10
[  261.932417][T18605]  should_fail_usercopy+0x1a/0x20
[  261.937453][T18605]  _copy_from_user+0x1e/0xb0
[  261.942106][T18605]  ppp_get_filter+0x3f/0x160
[  261.946710][T18605]  ppp_ioctl+0xbdd/0x11b0
[  261.951144][T18605]  ? __pfx_ppp_ioctl+0x10/0x10
[  261.955913][T18605]  __se_sys_ioctl+0xcd/0x140
[  261.960686][T18605]  __x64_sys_ioctl+0x43/0x50
[  261.965348][T18605]  x64_sys_call+0x15cc/0x2d60
[  261.970020][T18605]  do_syscall_64+0xc9/0x1c0
[  261.974519][T18605]  ? clear_bhb_loop+0x55/0xb0
[  261.979210][T18605]  ? clear_bhb_loop+0x55/0xb0
[  261.983899][T18605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.989861][T18605] RIP: 0033:0x7fc842bee719
[  261.994338][T18605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.013940][T18605] RSP: 002b:00007fc841867038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  262.022370][T18605] RAX: ffffffffffffffda RBX: 00007fc842da5f80 RCX: 00007fc842bee719
[  262.030350][T18605] RDX: 00000000200003c0 RSI: 0000000040107446 RDI: 0000000000000003
[  262.038402][T18605] RBP: 00007fc841867090 R08: 0000000000000000 R09: 0000000000000000
[  262.046367][T18605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.054330][T18605] R13: 0000000000000000 R14: 00007fc842da5f80 R15: 00007ffc626516f8
[  262.062306][T18605]  </TASK>
[  262.065952][T18570] vhci_hcd: connection reset by peer
[  262.071447][ T9117] vhci_hcd: stop threads
[  262.075767][ T9117] vhci_hcd: release socket
[  262.080243][ T9117] vhci_hcd: disconnect device
[  262.135537][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  262.393794][T18625] siw: device registration error -23
[  262.428698][T18627] IPv6: Can't replace route, no match found
[  262.515914][T18633] loop7: detected capacity change from 0 to 1024
[  262.522709][T18633] EXT4-fs: Ignoring removed orlov option
[  262.528541][T18633] EXT4-fs: Ignoring removed nomblk_io_submit option
[  262.561744][T18637] loop9: detected capacity change from 0 to 512
[  262.585773][T18637] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  262.593791][T18637] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  262.601796][T18637] System zones: 0-1, 15-15, 18-18, 34-34
[  262.607903][T18637] EXT4-fs (loop9): orphan cleanup on readonly fs
[  262.614376][T18637] EXT4-fs warning (device loop9): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  262.628984][T18637] EXT4-fs (loop9): Cannot turn on quotas: error -22
[  262.645336][T18637] EXT4-fs error (device loop9): ext4_orphan_get:1414: comm syz.9.3993: bad orphan inode 16
[  262.661526][T18637] ext4_test_bit(bit=15, block=18) = 1
[  262.666966][T18637] is_bad_inode(inode)=0
[  262.671449][T18637] NEXT_ORPHAN(inode)=0
[  262.675535][T18637] max_ino=32
[  262.678789][T18637] i_nlink=2
[  262.692651][T18637] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  262.695870][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  262.700564][T18637] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  262.915943][T18650] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3996'.
[  262.966076][T18657] loop9: detected capacity change from 0 to 1024
[  262.974228][T18657] EXT4-fs: Ignoring removed orlov option
[  262.979911][T18657] EXT4-fs: Ignoring removed nomblk_io_submit option
[  263.043868][T18662] siw: device registration error -23
[  263.092146][   T29] kauditd_printk_skb: 368 callbacks suppressed
[  263.092161][   T29] audit: type=1326 audit(2000000051.477:9742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18666 comm="syz.7.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  263.121881][   T29] audit: type=1326 audit(2000000051.477:9743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18666 comm="syz.7.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  263.145408][   T29] audit: type=1326 audit(2000000051.477:9744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18666 comm="syz.7.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  263.169083][   T29] audit: type=1326 audit(2000000051.477:9745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18666 comm="syz.7.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  263.175346][T18671] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4003'.
[  263.192581][   T29] audit: type=1326 audit(2000000051.477:9746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18666 comm="syz.7.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  263.193263][   T29] audit: type=1326 audit(2000000051.560:9747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18670 comm="syz.8.4003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  263.248835][   T29] audit: type=1326 audit(2000000051.560:9748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18670 comm="syz.8.4003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  263.272468][   T29] audit: type=1326 audit(2000000051.560:9749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18670 comm="syz.8.4003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  263.296040][   T29] audit: type=1326 audit(2000000051.560:9750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18670 comm="syz.8.4003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  263.319531][   T29] audit: type=1326 audit(2000000051.560:9751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18670 comm="syz.8.4003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde9f50e719 code=0x7ffc0000
[  263.373885][T18675] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4004'.
[  263.386889][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  263.436751][T18686] FAULT_INJECTION: forcing a failure.
[  263.436751][T18686] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.449969][T18686] CPU: 1 UID: 0 PID: 18686 Comm: syz.1.4010 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  263.460768][T18686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  263.470880][T18686] Call Trace:
[  263.474166][T18686]  <TASK>
[  263.477088][T18686]  dump_stack_lvl+0xf2/0x150
[  263.481798][T18686]  dump_stack+0x15/0x20
[  263.485947][T18686]  should_fail_ex+0x223/0x230
[  263.490642][T18686]  should_fail+0xb/0x10
[  263.494799][T18686]  should_fail_usercopy+0x1a/0x20
[  263.499826][T18686]  _copy_from_user+0x1e/0xb0
[  263.504422][T18686]  __sys_bpf+0x14e/0x7a0
[  263.508739][T18686]  __x64_sys_bpf+0x43/0x50
[  263.513166][T18686]  x64_sys_call+0x2625/0x2d60
[  263.517966][T18686]  do_syscall_64+0xc9/0x1c0
[  263.522520][T18686]  ? clear_bhb_loop+0x55/0xb0
[  263.527248][T18686]  ? clear_bhb_loop+0x55/0xb0
[  263.531927][T18686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.537825][T18686] RIP: 0033:0x7fc842bee719
[  263.542255][T18686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.561860][T18686] RSP: 002b:00007fc841867038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  263.570266][T18686] RAX: ffffffffffffffda RBX: 00007fc842da5f80 RCX: 00007fc842bee719
[  263.578356][T18686] RDX: 0000000000000020 RSI: 00000000200005c0 RDI: 0000000000000008
[  263.586363][T18686] RBP: 00007fc841867090 R08: 0000000000000000 R09: 0000000000000000
[  263.594368][T18686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.602363][T18686] R13: 0000000000000001 R14: 00007fc842da5f80 R15: 00007ffc626516f8
[  263.610331][T18686]  </TASK>
[  263.710909][T18703] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4017'.
[  263.757192][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  263.758206][T18708] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4019'.
[  263.824913][T18715] loop8: detected capacity change from 0 to 1024
[  263.846912][T18715] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  263.914791][T18715] JBD2: no valid journal superblock found
[  263.920724][T18715] EXT4-fs (loop8): Could not load journal inode
[  263.979800][T18727] loop9: detected capacity change from 0 to 1024
[  263.991976][T18727] EXT4-fs: Ignoring removed orlov option
[  263.997672][T18727] EXT4-fs: Ignoring removed nomblk_io_submit option
[  264.010022][T18731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4029'.
[  264.158587][T18720] FAULT_INJECTION: forcing a failure.
[  264.158587][T18720] name failslab, interval 1, probability 0, space 0, times 0
[  264.166077][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  264.171281][T18720] CPU: 0 UID: 0 PID: 18720 Comm: syz.7.4023 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  264.191955][T18720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  264.202092][T18720] Call Trace:
[  264.205375][T18720]  <TASK>
[  264.208315][T18720]  dump_stack_lvl+0xf2/0x150
[  264.213014][T18720]  dump_stack+0x15/0x20
[  264.216852][T18743] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4032'.
[  264.217258][T18720]  should_fail_ex+0x223/0x230
[  264.230911][T18720]  ? skb_clone+0x154/0x1f0
[  264.235417][T18720]  should_failslab+0x8f/0xb0
[  264.240033][T18720]  kmem_cache_alloc_noprof+0x4c/0x290
[  264.245464][T18720]  skb_clone+0x154/0x1f0
[  264.249691][T18720]  __netlink_deliver_tap+0x2bd/0x4c0
[  264.255017][T18720]  netlink_unicast+0x64a/0x670
[  264.259836][T18720]  netlink_sendmsg+0x5cc/0x6e0
[  264.264653][T18720]  ? __pfx_netlink_sendmsg+0x10/0x10
[  264.269945][T18720]  __sock_sendmsg+0x140/0x180
[  264.274631][T18720]  ____sys_sendmsg+0x312/0x410
[  264.279481][T18720]  __sys_sendmsg+0x1d9/0x270
[  264.284105][T18720]  __x64_sys_sendmsg+0x46/0x50
[  264.288946][T18720]  x64_sys_call+0x2689/0x2d60
[  264.293676][T18720]  do_syscall_64+0xc9/0x1c0
[  264.298222][T18720]  ? clear_bhb_loop+0x55/0xb0
[  264.302899][T18720]  ? clear_bhb_loop+0x55/0xb0
[  264.307575][T18720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.313458][T18720] RIP: 0033:0x7fe1edb4e719
[  264.317857][T18720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.337489][T18720] RSP: 002b:00007fe1ec7c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.345896][T18720] RAX: ffffffffffffffda RBX: 00007fe1edd05f80 RCX: 00007fe1edb4e719
[  264.353856][T18720] RDX: 0000000000000000 RSI: 000000002000c2c0 RDI: 0000000000000006
[  264.361823][T18720] RBP: 00007fe1ec7c7090 R08: 0000000000000000 R09: 0000000000000000
[  264.369898][T18720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.377885][T18720] R13: 0000000000000000 R14: 00007fe1edd05f80 R15: 00007ffe34d2cde8
[  264.385946][T18720]  </TASK>
[  264.392257][T18720] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4023'.
[  264.459639][T18752] loop7: detected capacity change from 0 to 512
[  264.480463][T18752] ext4 filesystem being mounted at /322/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.503527][T18756] loop8: detected capacity change from 0 to 1024
[  264.510485][T18756] EXT4-fs: Ignoring removed orlov option
[  264.516227][T18756] EXT4-fs: Ignoring removed nomblk_io_submit option
[  264.653517][T18767] Invalid ELF header type: 2 != 1
[  264.795010][T18770] geneve2: entered promiscuous mode
[  264.800248][T18770] geneve2: entered allmulticast mode
[  265.021459][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  265.108375][T18785] netlink: 'syz.9.4045': attribute type 2 has an invalid length.
[  265.307679][T18784] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4046'.
[  265.316786][T18784] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4046'.
[  265.441050][T12501] EXT4-fs unmount: 103 callbacks suppressed
[  265.441068][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.658214][T18807] IPv6: Can't replace route, no match found
[  265.754712][T18815] loop7: detected capacity change from 0 to 1024
[  265.761425][T18815] EXT4-fs: Ignoring removed orlov option
[  265.767098][T18815] EXT4-fs: Ignoring removed nomblk_io_submit option
[  265.782996][T18815] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.802642][T18822] netlink: 108 bytes leftover after parsing attributes in process `syz.9.4057'.
[  265.814713][T18822] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(15)
[  265.821482][T18822] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  265.829142][T18822] vhci_hcd vhci_hcd.0: Device attached
[  265.861642][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.026430][T18836] Invalid ELF header type: 2 != 1
[  266.027978][   T35] vhci_hcd: vhci_device speed not set
[  266.092954][   T35] usb 19-1: new full-speed USB device number 3 using vhci_hcd
[  266.579822][T18845] lo speed is unknown, defaulting to 1000
[  266.642463][T18825] vhci_hcd: connection reset by peer
[  266.657791][   T11] vhci_hcd: stop threads
[  266.662058][   T11] vhci_hcd: release socket
[  266.666563][   T11] vhci_hcd: disconnect device
[  266.742893][T18845] syz.1.4068[18845] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  266.743002][T18845] syz.1.4068[18845] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  266.758179][T18845] syz.1.4068[18845] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  266.858396][T18850] geneve2: entered promiscuous mode
[  266.875107][T18850] geneve2: entered allmulticast mode
[  267.024471][T18861] loop7: detected capacity change from 0 to 256
[  267.043848][T18861] FAT-fs (loop7): Directory bread(block 64) failed
[  267.052225][T18861] FAT-fs (loop7): Directory bread(block 65) failed
[  267.059245][T18861] FAT-fs (loop7): Directory bread(block 66) failed
[  267.061894][T18863] lo speed is unknown, defaulting to 1000
[  267.066151][T18861] FAT-fs (loop7): Directory bread(block 67) failed
[  267.079452][T18861] FAT-fs (loop7): Directory bread(block 68) failed
[  267.086031][T18861] FAT-fs (loop7): Directory bread(block 69) failed
[  267.094617][T18861] FAT-fs (loop7): Directory bread(block 70) failed
[  267.095938][ T3392] usb 5-1: enqueue for inactive port 0
[  267.102806][T18861] FAT-fs (loop7): Directory bread(block 71) failed
[  267.116445][T18861] FAT-fs (loop7): Directory bread(block 72) failed
[  267.124488][T18861] FAT-fs (loop7): Directory bread(block 73) failed
[  267.131383][ T3392] usb 5-1: enqueue for inactive port 0
[  267.148856][T18861] syz.7.4075: attempt to access beyond end of device
[  267.148856][T18861] loop7: rw=0, sector=1768, nr_sectors = 4 limit=256
[  267.230900][ T3392] vhci_hcd: vhci_device speed not set
[  267.273989][T18886] Invalid ELF header type: 2 != 1
[  267.390232][T18901] loop7: detected capacity change from 0 to 2048
[  267.419239][T18907] siw: device registration error -23
[  267.459484][T18901] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.515410][  T407] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  267.561370][  T407] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  267.573652][  T407] EXT4-fs (loop7): This should not happen!! Data will be lost
[  267.573652][  T407] 
[  267.583324][  T407] EXT4-fs (loop7): Total free blocks count 0
[  267.589342][  T407] EXT4-fs (loop7): Free/Dirty block details
[  267.595319][  T407] EXT4-fs (loop7): free_blocks=2415919104
[  267.601249][  T407] EXT4-fs (loop7): dirty_blocks=16
[  267.606594][  T407] EXT4-fs (loop7): Block reservation details
[  267.612633][  T407] EXT4-fs (loop7): i_reserved_data_blocks=1
[  267.662732][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.207876][T18993] geneve2: entered promiscuous mode
[  268.213208][T18993] geneve2: entered allmulticast mode
[  268.241099][T18995] loop7: detected capacity change from 0 to 512
[  268.274146][T18995] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.289116][T18995] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.308300][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.690365][T19020] loop9: detected capacity change from 0 to 512
[  268.709489][T19020] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.4111: corrupted in-inode xattr: invalid ea_ino
[  268.723262][T19020] EXT4-fs error (device loop9): ext4_orphan_get:1393: comm syz.9.4111: couldn't read orphan inode 15 (err -117)
[  268.740246][T19020] EXT4-fs (loop9): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.886008][T19020] __nla_validate_parse: 8 callbacks suppressed
[  268.886026][T19020] netlink: 100 bytes leftover after parsing attributes in process `syz.9.4111'.
[  268.901313][T19020] netlink: 100 bytes leftover after parsing attributes in process `syz.9.4111'.
[  268.999095][T19028] netlink: 830 bytes leftover after parsing attributes in process `syz.8.4113'.
[  269.010131][T19028] loop7: detected capacity change from 0 to 7
[  269.016327][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.025827][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.033685][ T3305]  loop7: unable to read partition table
[  269.042169][T19030] Invalid ELF header type: 2 != 1
[  269.045937][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.055450][T19028] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.058338][T12627] EXT4-fs (loop9): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  269.078009][T19028] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.085915][T19028]  loop7: unable to read partition table
[  269.085971][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.102128][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.105948][T19028] loop_reread_partitions: partition scan of loop7 (�被x������ڬ��dƤ����ݡ�����
[  269.105948][T19028] 
) failed (rc=-5)
[  269.110674][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.133202][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.141104][   T29] kauditd_printk_skb: 258 callbacks suppressed
[  269.141167][   T29] audit: type=1326 audit(2000000057.059:10010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19031 comm="syz.9.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  269.171016][   T29] audit: type=1326 audit(2000000057.059:10011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19031 comm="syz.9.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  269.194658][   T29] audit: type=1326 audit(2000000057.068:10012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19031 comm="syz.9.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  269.208271][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.218368][   T29] audit: type=1326 audit(2000000057.068:10013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19031 comm="syz.9.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  269.249581][   T29] audit: type=1326 audit(2000000057.068:10014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19031 comm="syz.9.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  269.273253][   T29] audit: type=1326 audit(2000000057.068:10015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19031 comm="syz.9.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  269.420443][   T29] audit: type=1326 audit(2000000057.327:10016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19031 comm="syz.9.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  269.444093][   T29] audit: type=1326 audit(2000000057.327:10017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19031 comm="syz.9.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054592e719 code=0x7ffc0000
[  269.478947][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  269.557824][   T29] audit: type=1326 audit(2000000057.447:10018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19047 comm="syz.1.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc842bee719 code=0x7ffc0000
[  269.581432][   T29] audit: type=1326 audit(2000000057.447:10019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19047 comm="syz.1.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc842bee719 code=0x7ffc0000
[  269.709698][T19057] loop9: detected capacity change from 0 to 512
[  269.721329][T19058] geneve2: entered promiscuous mode
[  269.726723][T19058] geneve2: entered allmulticast mode
[  269.757840][T19057] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.4125: corrupted in-inode xattr: invalid ea_ino
[  269.797583][T19057] EXT4-fs error (device loop9): ext4_orphan_get:1393: comm syz.9.4125: couldn't read orphan inode 15 (err -117)
[  269.834918][T19057] EXT4-fs (loop9): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.143300][T19057] netlink: 100 bytes leftover after parsing attributes in process `syz.9.4125'.
[  270.152391][T19057] netlink: 100 bytes leftover after parsing attributes in process `syz.9.4125'.
[  270.219969][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  270.318381][T19079] loop7: detected capacity change from 0 to 512
[  270.330228][T12627] EXT4-fs (loop9): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  270.346017][T19079] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4134: bg 0: block 248: padding at end of block bitmap is not set
[  270.369733][T19083] loop9: detected capacity change from 0 to 1024
[  270.377849][T19083] EXT4-fs: Ignoring removed orlov option
[  270.383524][T19083] EXT4-fs: Ignoring removed nomblk_io_submit option
[  270.400808][T19079] EXT4-fs error (device loop7): ext4_acquire_dquot:6879: comm syz.7.4134: Failed to acquire dquot type 1
[  270.415782][T19079] EXT4-fs (loop7): 1 truncate cleaned up
[  270.424719][T19079] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.437674][T19079] ext4 filesystem being mounted at /345/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  270.496353][T19083] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.622632][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.696335][T19096] Invalid ELF header type: 2 != 1
[  271.011138][T19103] loop7: detected capacity change from 0 to 1024
[  271.050863][T19103] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.136084][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  271.318107][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.598799][   T35] usb 19-1: enqueue for inactive port 0
[  271.604586][   T35] usb 19-1: enqueue for inactive port 0
[  271.685347][   T35] vhci_hcd: vhci_device speed not set
[  271.749854][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.794727][T19135] loop7: detected capacity change from 0 to 1024
[  271.812763][T19135] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  271.823607][T19135] JBD2: no valid journal superblock found
[  271.829395][T19135] EXT4-fs (loop7): Could not load journal inode
[  271.924672][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  271.987634][T19144] loop7: detected capacity change from 0 to 512
[  272.054727][T19144] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.085696][T19144] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  272.253670][T19150] netlink: 108 bytes leftover after parsing attributes in process `syz.8.4156'.
[  272.267376][T19150] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(15)
[  272.273998][T19150] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  272.281627][T19150] vhci_hcd vhci_hcd.0: Device attached
[  272.480753][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.489882][    T9] vhci_hcd: vhci_device speed not set
[  272.563091][    T9] usb 17-1: new full-speed USB device number 6 using vhci_hcd
[  272.632124][T19162] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4160'.
[  273.041300][T19165] netlink: 100 bytes leftover after parsing attributes in process `syz.2.4161'.
[  273.050371][T19165] netlink: 100 bytes leftover after parsing attributes in process `syz.2.4161'.
[  273.060207][T19167] netlink: 108 bytes leftover after parsing attributes in process `syz.9.4162'.
[  273.078003][T19167] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(15)
[  273.084685][T19167] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  273.092347][T19167] vhci_hcd vhci_hcd.0: Device attached
[  273.096530][T19151] vhci_hcd: connection reset by peer
[  273.106120][ T1759] vhci_hcd: stop threads
[  273.110442][ T1759] vhci_hcd: release socket
[  273.114987][ T1759] vhci_hcd: disconnect device
[  273.246364][T19176] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(16)
[  273.252984][T19176] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  273.260862][T19176] vhci_hcd vhci_hcd.0: Device attached
[  273.408451][   T35] vhci_hcd: vhci_device speed not set
[  273.462824][T14010] vhci_hcd: vhci_device speed not set
[  273.527655][T14010] usb 15-1: new full-speed USB device number 5 using vhci_hcd
[  273.670303][T19194] loop8: detected capacity change from 0 to 2048
[  273.684096][T19194] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.705114][   T11] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  273.720171][   T11] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  273.732521][   T11] EXT4-fs (loop8): This should not happen!! Data will be lost
[  273.732521][   T11] 
[  273.742262][   T11] EXT4-fs (loop8): Total free blocks count 0
[  273.748261][   T11] EXT4-fs (loop8): Free/Dirty block details
[  273.754150][   T11] EXT4-fs (loop8): free_blocks=2415919104
[  273.759874][   T11] EXT4-fs (loop8): dirty_blocks=16
[  273.764480][T19177] vhci_hcd: connection reset by peer
[  273.764976][   T11] EXT4-fs (loop8): Block reservation details
[  273.771941][  T407] vhci_hcd: stop threads
[  273.776252][   T11] EXT4-fs (loop8): i_reserved_data_blocks=1
[  273.777672][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.780552][  T407] vhci_hcd: release socket
[  273.799963][  T407] vhci_hcd: disconnect device
[  273.815969][T19199] IPv6: Can't replace route, no match found
[  273.884361][T19201] loop8: detected capacity change from 0 to 1024
[  273.891305][T19201] EXT4-fs: Ignoring removed orlov option
[  273.897054][T19201] EXT4-fs: Ignoring removed nomblk_io_submit option
[  273.908703][T19201] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.977321][T19187] vhci_hcd: connection reset by peer
[  273.982749][   T28] vhci_hcd: stop threads
[  273.987136][   T28] vhci_hcd: release socket
[  273.991559][   T28] vhci_hcd: disconnect device
[  274.000275][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.849547][T19223] loop9: detected capacity change from 0 to 512
[  274.857409][T19223] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.4176: corrupted in-inode xattr: invalid ea_ino
[  274.883773][T19223] EXT4-fs error (device loop9): ext4_orphan_get:1393: comm syz.9.4176: couldn't read orphan inode 15 (err -117)
[  274.906889][T19223] EXT4-fs (loop9): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.937996][T19226] loop7: detected capacity change from 0 to 1024
[  274.962881][T19226] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  274.981355][T19226] JBD2: no valid journal superblock found
[  274.987100][T19226] EXT4-fs (loop7): Could not load journal inode
[  275.100882][T19231] IPv6: Can't replace route, no match found
[  275.130176][T19223] __nla_validate_parse: 1 callbacks suppressed
[  275.130190][T19223] netlink: 100 bytes leftover after parsing attributes in process `syz.9.4176'.
[  275.145554][T19223] netlink: 100 bytes leftover after parsing attributes in process `syz.9.4176'.
[  275.240846][T12627] EXT4-fs (loop9): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  275.270510][T19259] loop9: detected capacity change from 0 to 1024
[  275.307649][T19259] EXT4-fs: Ignoring removed orlov option
[  275.313400][T19259] EXT4-fs: Ignoring removed nomblk_io_submit option
[  275.350708][T19259] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.466790][T19277] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4185'.
[  275.491574][T19277] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(15)
[  275.498207][T19277] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  275.505946][T19277] vhci_hcd vhci_hcd.0: Device attached
[  275.706104][ T3392] vhci_hcd: vhci_device speed not set
[  275.771147][ T3392] usb 5-1: new full-speed USB device number 15 using vhci_hcd
[  276.028098][T19299] loop7: detected capacity change from 0 to 1024
[  276.034914][T19299] EXT4-fs: Ignoring removed orlov option
[  276.040607][T19299] EXT4-fs: Ignoring removed nomblk_io_submit option
[  276.054909][T19299] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.166032][T19303] loop8: detected capacity change from 0 to 1024
[  276.179086][T19303] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  276.196629][T19303] JBD2: no valid journal superblock found
[  276.202416][T19303] EXT4-fs (loop8): Could not load journal inode
[  276.229475][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.252863][T19280] vhci_hcd: connection reset by peer
[  276.264070][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  276.293923][  T407] vhci_hcd: stop threads
[  276.298203][  T407] vhci_hcd: release socket
[  276.302780][  T407] vhci_hcd: disconnect device
[  276.336162][T19315] IPv6: Can't replace route, no match found
[  276.476380][T19321] Invalid ELF header type: 2 != 1
[  276.625634][T19328] loop8: detected capacity change from 0 to 1024
[  276.654653][T19328] EXT4-fs: Ignoring removed orlov option
[  276.660418][T19328] EXT4-fs: Ignoring removed nomblk_io_submit option
[  276.706773][T19331] loop9: detected capacity change from 0 to 1024
[  276.728274][T19328] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.739120][T19331] EXT4-fs: Ignoring removed orlov option
[  276.746032][T19331] EXT4-fs: Ignoring removed nomblk_io_submit option
[  276.956252][T19331] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.112391][T11501] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.139472][T19346] geneve2: entered promiscuous mode
[  277.144723][T19346] geneve2: entered allmulticast mode
[  277.220022][   T29] kauditd_printk_skb: 178 callbacks suppressed
[  277.220038][   T29] audit: type=1326 audit(2000000064.515:10196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.250070][   T29] audit: type=1326 audit(2000000064.515:10197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.273099][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  277.273708][   T29] audit: type=1326 audit(2000000064.515:10198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.307353][   T29] audit: type=1326 audit(2000000064.524:10199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.331332][   T29] audit: type=1326 audit(2000000064.524:10200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.355244][   T29] audit: type=1326 audit(2000000064.524:10201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.378753][   T29] audit: type=1326 audit(2000000064.524:10202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.402363][   T29] audit: type=1326 audit(2000000064.524:10203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.425943][   T29] audit: type=1326 audit(2000000064.524:10204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.449749][   T29] audit: type=1326 audit(2000000064.524:10205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19347 comm="syz.7.4206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1edb4e719 code=0x7ffc0000
[  277.526653][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.634131][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.014928][    T9] usb 17-1: enqueue for inactive port 0
[  278.024062][    T9] usb 17-1: enqueue for inactive port 0
[  278.101432][    T9] vhci_hcd: vhci_device speed not set
[  278.117872][T19404] Cannot find set identified by id 0 to match
[  278.188866][T19409] 9pnet_fd: Insufficient options for proto=fd
[  278.238534][T19412] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4219'.
[  278.316534][T19416] loop8: detected capacity change from 0 to 2048
[  278.352341][T19416] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.374265][   T28] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  278.389329][   T28] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  278.401600][   T28] EXT4-fs (loop8): This should not happen!! Data will be lost
[  278.401600][   T28] 
[  278.411349][   T28] EXT4-fs (loop8): Total free blocks count 0
[  278.417385][   T28] EXT4-fs (loop8): Free/Dirty block details
[  278.423463][   T28] EXT4-fs (loop8): free_blocks=2415919104
[  278.429272][   T28] EXT4-fs (loop8): dirty_blocks=16
[  278.434585][   T28] EXT4-fs (loop8): Block reservation details
[  278.440667][   T28] EXT4-fs (loop8): i_reserved_data_blocks=1
[  278.447546][T12501] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.468167][T19422] netlink: 32 bytes leftover after parsing attributes in process `syz.8.4223'.
[  278.969546][T14010] usb 15-1: enqueue for inactive port 0
[  278.975708][T14010] usb 15-1: enqueue for inactive port 0
[  279.054999][   T35] usb 19-1: enqueue for inactive port 0
[  279.060690][   T35] usb 19-1: enqueue for inactive port 0
[  279.076600][T14010] vhci_hcd: vhci_device speed not set
[  279.141655][   T35] vhci_hcd: vhci_device speed not set
[  280.252333][T19565] loop8: detected capacity change from 0 to 512
[  280.273399][T19565] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2240: inode #15: comm syz.8.4245: corrupted in-inode xattr: invalid ea_ino
[  280.288133][T19565] EXT4-fs error (device loop8): ext4_orphan_get:1393: comm syz.8.4245: couldn't read orphan inode 15 (err -117)
[  280.300788][T19565] EXT4-fs (loop8): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.318763][T19575] loop9: detected capacity change from 0 to 512
[  280.336312][T19575] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.348899][T19575] ext4 filesystem being mounted at /319/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  280.372481][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.410679][T19581] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4249'.
[  280.470905][T19586] FAULT_INJECTION: forcing a failure.
[  280.470905][T19586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.483901][T19565] netlink: 100 bytes leftover after parsing attributes in process `syz.8.4245'.
[  280.484066][T19586] CPU: 1 UID: 0 PID: 19586 Comm: syz.9.4251 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  280.493099][T19565] netlink: 100 bytes leftover after parsing attributes in process `syz.8.4245'.
[  280.503776][T19586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  280.503793][T19586] Call Trace:
[  280.503799][T19586]  <TASK>
[  280.503807][T19586]  dump_stack_lvl+0xf2/0x150
[  280.533717][T19586]  dump_stack+0x15/0x20
[  280.537927][T19586]  should_fail_ex+0x223/0x230
[  280.542635][T19586]  should_fail+0xb/0x10
[  280.546909][T19586]  should_fail_usercopy+0x1a/0x20
[  280.551944][T19586]  _copy_from_user+0x1e/0xb0
[  280.556548][T19586]  __se_sys_memfd_create+0x26b/0x5c0
[  280.561852][T19586]  __x64_sys_memfd_create+0x31/0x40
[  280.567069][T19586]  x64_sys_call+0x2891/0x2d60
[  280.571758][T19586]  do_syscall_64+0xc9/0x1c0
[  280.576307][T19586]  ? clear_bhb_loop+0x55/0xb0
[  280.580991][T19586]  ? clear_bhb_loop+0x55/0xb0
[  280.585678][T19586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.591587][T19586] RIP: 0033:0x7f054592e719
[  280.595994][T19586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.615606][T19586] RSP: 002b:00007f05445a6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  280.624043][T19586] RAX: ffffffffffffffda RBX: 0000000000000518 RCX: 00007f054592e719
[  280.631998][T19586] RDX: 00007f05445a6ef0 RSI: 0000000000000000 RDI: 00007f05459a1c0a
[  280.639983][T19586] RBP: 0000000020000200 R08: 00007f05445a6bb7 R09: 00007f05445a6e40
[  280.647943][T19586] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000840
[  280.655900][T19586] R13: 00007f05445a6ef0 R14: 00007f05445a6eb0 R15: 0000000020000080
[  280.663863][T19586]  </TASK>
[  280.681949][T12501] EXT4-fs (loop8): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  280.741136][T19590] loop9: detected capacity change from 0 to 4096
[  280.758837][T19590] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.843665][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.903368][T19610] loop9: detected capacity change from 0 to 2048
[  280.951397][T19610] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.989775][   T28] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  281.004686][   T28] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  281.016955][   T28] EXT4-fs (loop9): This should not happen!! Data will be lost
[  281.016955][   T28] 
[  281.026643][   T28] EXT4-fs (loop9): Total free blocks count 0
[  281.032683][   T28] EXT4-fs (loop9): Free/Dirty block details
[  281.038702][   T28] EXT4-fs (loop9): free_blocks=2415919104
[  281.044458][   T28] EXT4-fs (loop9): dirty_blocks=16
[  281.049715][   T28] EXT4-fs (loop9): Block reservation details
[  281.055946][   T28] EXT4-fs (loop9): i_reserved_data_blocks=1
[  281.063034][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.125242][T19638] loop9: detected capacity change from 0 to 512
[  281.158021][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  281.172436][T19638] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.4258: bg 0: block 248: padding at end of block bitmap is not set
[  281.189123][T19638] EXT4-fs error (device loop9): ext4_acquire_dquot:6879: comm syz.9.4258: Failed to acquire dquot type 1
[  281.203261][T19638] EXT4-fs (loop9): 1 truncate cleaned up
[  281.218874][T19638] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.233437][ T3392] usb 5-1: enqueue for inactive port 0
[  281.238937][ T3392] usb 5-1: enqueue for inactive port 0
[  281.250297][T19638] ext4 filesystem being mounted at /326/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.266715][T19656] FAULT_INJECTION: forcing a failure.
[  281.266715][T19656] name failslab, interval 1, probability 0, space 0, times 0
[  281.279395][T19656] CPU: 1 UID: 0 PID: 19656 Comm: syz.7.4267 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  281.290153][T19656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  281.300318][T19656] Call Trace:
[  281.303616][T19656]  <TASK>
[  281.306593][T19656]  dump_stack_lvl+0xf2/0x150
[  281.311225][T19656]  dump_stack+0x15/0x20
[  281.315390][T19656]  should_fail_ex+0x223/0x230
[  281.320095][T19656]  ? skb_clone+0x154/0x1f0
[  281.324523][T19656]  should_failslab+0x8f/0xb0
[  281.329114][T19656]  kmem_cache_alloc_noprof+0x4c/0x290
[  281.334496][T19656]  skb_clone+0x154/0x1f0
[  281.338732][T19656]  __netlink_deliver_tap+0x2bd/0x4c0
[  281.344177][T19656]  netlink_unicast+0x64a/0x670
[  281.348969][T19656]  netlink_sendmsg+0x5cc/0x6e0
[  281.353730][T19656]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.359072][T19656]  __sock_sendmsg+0x140/0x180
[  281.363746][T19656]  ____sys_sendmsg+0x312/0x410
[  281.368522][T19656]  __sys_sendmsg+0x1d9/0x270
[  281.373175][T19656]  __x64_sys_sendmsg+0x46/0x50
[  281.377993][T19656]  x64_sys_call+0x2689/0x2d60
[  281.382672][T19656]  do_syscall_64+0xc9/0x1c0
[  281.387251][T19656]  ? clear_bhb_loop+0x55/0xb0
[  281.391944][T19656]  ? clear_bhb_loop+0x55/0xb0
[  281.396612][T19656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.402569][T19656] RIP: 0033:0x7fe1edb4e719
[  281.406975][T19656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.426576][T19656] RSP: 002b:00007fe1ec7c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  281.434982][T19656] RAX: ffffffffffffffda RBX: 00007fe1edd05f80 RCX: 00007fe1edb4e719
[  281.443021][T19656] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  281.450985][T19656] RBP: 00007fe1ec7c7090 R08: 0000000000000000 R09: 0000000000000000
[  281.458946][T19656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.466908][T19656] R13: 0000000000000000 R14: 00007fe1edd05f80 R15: 00007ffe34d2cde8
[  281.474875][T19656]  </TASK>
[  281.488895][T19660] IPv6: Can't replace route, no match found
[  281.490852][ T3392] vhci_hcd: vhci_device speed not set
[  281.545485][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.748601][T19674] siw: device registration error -23
[  281.783945][T19677] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=19677 comm=syz.8.4273
[  281.811295][T19677] lo speed is unknown, defaulting to 1000
[  281.940682][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  282.082053][T19707] netlink: 1320 bytes leftover after parsing attributes in process `syz.8.4277'.
[  282.092430][T19707] xt_nfacct: accounting object `syz1' does not exists
[  282.103171][T19707] loop7: detected capacity change from 0 to 7
[  282.168546][T19707] buffer_io_error: 4 callbacks suppressed
[  282.168570][T19707] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.187631][T19707] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.195491][T19707]  loop7: unable to read partition table
[  282.204327][T19707] loop_reread_partitions: partition scan of loop7 (�被x������ڬ��dƤ����ݡ�����
[  282.204327][T19707] 
) failed (rc=-5)
[  282.243584][T19724] loop9: detected capacity change from 0 to 128
[  282.273653][T19724] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  282.286822][T19724] ext4 filesystem being mounted at /327/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  282.364290][T19731] lo speed is unknown, defaulting to 1000
[  282.400412][T19733] IPv6: Can't replace route, no match found
[  282.435420][ T3016] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.443875][ T3016] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.451776][ T3016]  loop7: unable to read partition table
[  282.465782][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.478656][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.488267][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.496586][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.506830][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.507190][T12627] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  282.516438][ T3305] Buffer I/O error on dev loop7, logical block 0, async page read
[  282.545296][T19744] loop9: detected capacity change from 0 to 512
[  282.569757][T19744] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.582506][T19744] ext4 filesystem being mounted at /328/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  282.628694][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.639442][ T3016]  loop7: unable to read partition table
[  282.642803][   T29] kauditd_printk_skb: 381 callbacks suppressed
[  282.642885][   T29] audit: type=1326 audit(2000000069.516:10585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.660536][T19755] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4289'.
[  282.675008][   T29] audit: type=1326 audit(2000000069.516:10586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.707723][   T29] audit: type=1326 audit(2000000069.516:10587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.731453][   T29] audit: type=1326 audit(2000000069.516:10588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.755084][   T29] audit: type=1326 audit(2000000069.516:10589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.778930][   T29] audit: type=1326 audit(2000000069.516:10590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.802559][   T29] audit: type=1326 audit(2000000069.516:10591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.826620][   T29] audit: type=1326 audit(2000000069.516:10592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.850544][   T29] audit: type=1326 audit(2000000069.516:10593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.851491][ T3016]  loop7: unable to read partition table
[  282.874482][   T29] audit: type=1326 audit(2000000069.516:10594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19745 comm="syz.2.4285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f9b3770e719 code=0x7ffc0000
[  282.917673][T19767] loop9: detected capacity change from 0 to 1024
[  282.953046][T19767] EXT4-fs: Ignoring removed orlov option
[  282.958844][T19767] EXT4-fs: Ignoring removed nomblk_io_submit option
[  283.005971][T19772] lo speed is unknown, defaulting to 1000
[  283.011604][T19767] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.048163][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.073940][T19780] loop9: detected capacity change from 0 to 1024
[  283.081326][T19780] EXT4-fs: Ignoring removed oldalloc option
[  283.119358][T19780] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.147431][T12627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.234816][T19786] ==================================================================
[  283.242906][T19786] BUG: KCSAN: data-race in _free_event / perf_pending_task
[  283.250113][T19786] 
[  283.252422][T19786] write to 0xffff888115ed47d8 of 4 bytes by task 19787 on cpu 0:
[  283.260116][T19786]  perf_pending_task+0xe8/0x220
[  283.264957][T19786]  task_work_run+0x13a/0x1a0
[  283.269536][T19786]  syscall_exit_to_user_mode+0xbe/0x130
[  283.275061][T19786]  do_syscall_64+0xd6/0x1c0
[  283.279548][T19786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.285437][T19786] 
[  283.287764][T19786] read to 0xffff888115ed47d8 of 4 bytes by task 19786 on cpu 1:
[  283.295390][T19786]  _free_event+0x3d/0xa10
[  283.299703][T19786]  perf_event_release_kernel+0x61a/0x670
[  283.305319][T19786]  perf_release+0x1f/0x30
[  283.309632][T19786]  __fput+0x17a/0x6d0
[  283.313609][T19786]  ____fput+0x1c/0x30
[  283.317576][T19786]  task_work_run+0x13a/0x1a0
[  283.322175][T19786]  syscall_exit_to_user_mode+0xbe/0x130
[  283.327712][T19786]  do_syscall_64+0xd6/0x1c0
[  283.332212][T19786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.338122][T19786] 
[  283.340427][T19786] value changed: 0x7ed6c7bf -> 0x00000000
[  283.346141][T19786] 
[  283.348447][T19786] Reported by Kernel Concurrency Sanitizer on:
[  283.354590][T19786] CPU: 1 UID: 0 PID: 19786 Comm: syz.9.4297 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  283.365335][T19786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  283.375382][T19786] ==================================================================
[  283.643091][T19792] loop8: detected capacity change from 0 to 128
[  283.664174][T19792] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  283.676496][T19792] ext4 filesystem being mounted at /325/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  283.891318][T12501] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.