last executing test programs:

4.290311594s ago: executing program 4 (id=2970):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000008040000cd00000001"], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000200)={<r1=>0x0, 0x4, 0x10, 0x6, 0x2}, &(0x7f0000000280)=0x18)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000002c0)={r1, 0x5}, &(0x7f0000000580)=0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x2000000000000226, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

4.121139666s ago: executing program 4 (id=2974):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x17, 0x4, 0x8, 0x10, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffd, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000400), r2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) (async)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000080000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r6}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r6}, 0x18)
r7 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4, 0x39}, &(0x7f0000000140)=<r8=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01) (async)
setuid(0xee01)
r9 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$tcp_congestion(r9, 0x0, 0xffffff28)
io_uring_enter(r7, 0xa32, 0x0, 0x47, 0x0, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r10, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0xc00, 0x0, 0x0, 0x0, 0x0, 0x22, 0x1, 0x0}, &(0x7f0000000000)=0x12)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x0, 0x20040}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, r4, 0x225, 0x68020}}}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x0)

3.84382721s ago: executing program 4 (id=2977):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000200000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

3.731447561s ago: executing program 4 (id=2981):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00'}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

3.702340132s ago: executing program 4 (id=2982):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000008040000cd00000001"], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000200)={<r3=>0x0, 0x4, 0x10, 0x6, 0x2}, &(0x7f0000000280)=0x18)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000002c0)={r3, 0x5}, &(0x7f0000000580)=0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x2000000000000226, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r5 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
fsmount(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")

3.424998575s ago: executing program 3 (id=2985):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000180)={0x0, &(0x7f0000000040)=""/24, &(0x7f00000005c0), &(0x7f00000006c0), 0x3}, 0x38)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

3.015683531s ago: executing program 3 (id=2986):
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0})
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
r3 = syz_io_uring_complete(0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r4=>r3, {r0, r1}}, './file0\x00'})
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_access\x00')
pwritev2(r2, &(0x7f00000002c0)=[{&(0x7f00000001c0)="868abdf7e6e2a813662c01677ddc5458c8eddf3852d0164633ec5944c6a1aa7bc0cac8f3aea53616358eaa2849c10140c2d670d0913bbf78c67bc6086e8e9be4baa291110ac8fca2c667458f5fa3d1f273a57aebde23d163a643111c412a36fce72f975d2297ed0133740a28f3a989c886f56cb7102ee3b46c79361a4ab300ea9a7c53a2c7d3128091438fd1e85970fe71443b1646cc3e2d9815b2a9a9e1a951f1c155d63c554e1e95745521dbd0d14be4c5b889dc3efb0bfc6ab08dce41223d9885991ac410768938d5ea8cb4545d8c5622cc9907a620371a69d1e122a1148fdc71d791a26b122fa111fec40db773f4becd7b695d1f", 0xf6}], 0x1, 0x6, 0x2, 0x11)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000300))
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000380)={'veth0_to_team\x00', 0x1})
write$selinux_context(r3, &(0x7f00000003c0)='system_u:object_r:system_map_t:s0\x00', 0x22)
mount$nfs4(&(0x7f0000000400)='system_u:object_r:system_map_t:s0\x00', &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x108000, &(0x7f00000004c0)={[{'veth0_to_team\x00'}, {}, {'$'}, {'veth0_to_team\x00'}, {'veth0_to_team\x00'}, {'veth0_to_team\x00'}, {'veth0_to_team\x00'}, {'veth0_to_team\x00'}, {}], [{@measure}, {@fsuuid={'fsuuid', 0x3d, {[0x63, 0x62, 0x36, 0xd, 0x39, 0x30, 0x32, 0x34], 0x2d, [0x38, 0x33, 0x31, 0x62], 0x2d, [0x61, 0x39, 0x66, 0x36], 0x2d, [0x39, 0x30, 0x36, 0x34], 0x2d, [0x39, 0x34, 0x64, 0x38, 0x37, 0x63, 0x34, 0x30]}}}, {@dont_hash}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@appraise}]})
getresuid(&(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r5 = socket$igmp(0x2, 0x3, 0x2)
listen(r5, 0x9eee)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
sendfile(r6, r3, &(0x7f0000000640), 0x400)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000680)={'syz_tun\x00'})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f00000006c0), 0x109640, 0x0)
move_mount(r7, &(0x7f0000000700)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000800), 0x58000, 0x0)
perf_event_open(&(0x7f0000000780)={0x0, 0x80, 0x2, 0xe6, 0x6, 0xd4, 0x0, 0x6, 0x440, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000, 0x1, @perf_config_ext={0x9, 0x8}, 0x0, 0x400, 0x4, 0x7, 0x2, 0x8001, 0x0, 0x0, 0x5, 0x0, 0x4}, 0xffffffffffffffff, 0x3, r8, 0x2)
mount(&(0x7f0000000840)=@sg0, &(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='fuse\x00', 0x40, &(0x7f0000000900)='\x00')
syz_io_uring_setup(0x2339, &(0x7f0000000940)={0x0, 0x762b, 0x1000, 0x2, 0x299}, &(0x7f00000009c0), &(0x7f0000000a00))
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000b00)={&(0x7f0000000a40), 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x38, 0x140f, 0x100, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xd, 0x45, 'opa_vnic\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0xc010}, 0x8000)
mkdir(&(0x7f0000000b40)='./file0\x00', 0xd0)
socket$inet_sctp(0x2, 0x5, 0x84)
getxattr(&(0x7f0000000b80)='./file1\x00', &(0x7f0000000bc0)=@random={'osx.', '*#:/+,#*@[#}**-:*\x00'}, &(0x7f0000000c00)=""/238, 0xee)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r2, 0x8008f511, &(0x7f0000000d00))
r9 = dup2(r5, r3)
ioctl$SIOCX25SCUDMATCHLEN(r9, 0x89e7, &(0x7f0000000d40)={0x25})
add_key$keyring(&(0x7f0000000d80), &(0x7f0000000dc0)={'syz', 0x3}, 0x0, 0x0, 0x0)

2.878084523s ago: executing program 3 (id=2987):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2004de, &(0x7f0000000500)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x203}}, {@mblk_io_submit}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x1f, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0x10, 0xd}}, [@TCA_RATE={0xfffffffffffffe2c, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)

2.233729171s ago: executing program 3 (id=2991):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000200000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

1.703806798s ago: executing program 3 (id=2994):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000))

1.635885249s ago: executing program 3 (id=2995):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000180)={0x0, &(0x7f0000000040)=""/24, &(0x7f00000005c0), &(0x7f00000006c0), 0x3}, 0x38)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2)
sendmsg$IPSET_CMD_ADD(r0, 0x0, 0x80)

1.500249881s ago: executing program 1 (id=2996):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{0x0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
capset(&(0x7f0000000100)={0x19980330, 0xffffffffffffffff}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = gettid()
r2 = eventfd2(0x0, 0x0)
write$eventfd(r2, &(0x7f0000000140)=0xfffffffffffffff8, 0x8)
write$eventfd(r2, &(0x7f0000000040)=0x8, 0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x22000600)
r4 = io_uring_setup(0x7d4, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfdb}}, @TCA_CT_MARK={0x8, 0x10}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004000}, 0x10000000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)

1.473848011s ago: executing program 2 (id=2997):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="000000000a4c0000200012800800010068737200", @ANYBLOB, @ANYRES32], 0x40}}, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000000c0)={0x0, 0x300, &(0x7f0000000cc0)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000010651fbe347b2c2b00"], 0x20}}, 0x0)

1.410987002s ago: executing program 2 (id=2998):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x2000, 0x0)
read$snapshot(r0, 0x0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00', <r2=>0x0})
r3 = add_key$fscrypt_v1(&(0x7f0000000580), &(0x7f00000005c0)={'fscrypt:', @desc3}, &(0x7f0000000600)={0x0, "cd9704284101811cb4f809a0a1b239474de255454edee8cb633decd2c87c89ad11ae2361e8964e2b96089fb5815ece7d1c2541187f5218e577731b68317b04d1", 0x2d}, 0x48, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000100000004000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000b446a28822221e"], 0x50)
r7 = gettid()
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000bc0000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r8, 0x0, 0x3}, 0x18)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b097ead85847817353d2dbad05dd5", 0x1c, 0xfffffffffffffffd)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r9 = perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, r7, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r10}, &(0x7f0000000180), &(0x7f00000001c0)=r9}, 0x20)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r11}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000004c0)={[{@acl}, {@barrier}, {@barrier_val}, {@sysvgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x587, &(0x7f0000002100)="$eJzs3U1rG9caAOB3ZMn5cO6NAyHcexeXQBZNSSPHdj9SKDRdljY00O5TYSsmWI6CJYfYDTRZNJtuSiiU0kDpD+i+y9A/0F8RaAOhBNMuSkFl5JGt2JIdOzJSoueBSc6ZD595feY9PqORUABD62T6Ty7ivxHxVRJxtG1bPrKNJ9f2W31yayZdkmg0Pv49iSRb19o/yf4fyyr/iYifv4g4k9vabm15Zb5UqZQXs/pEfeH6RG155ezVhdJcea58bWp6+vwb01Nvv/Vmz2J99dKf33704P3zX55a/ebHR8fuJXEhjmTb2uN4DrfbKydLf2elQlzYtONkDxobJEm/T4A9GcnyvBDpGHA0RrKsB15+n0dEY02uAQyZpJn/YxvjADAkWvOA1r19j+6DXxiP31u7AWrGPtoef37ttZE42Lw3OryaPHVnlN7vjveg/bSNn367fy9dYvvXIQ7tUAfYldt3IuJcPr91/E+y8W/vzjVfPN7e5jaG7e8P9NODdP7zWqf5X259/hMd5j9jHXJ3L3bO/9yjHjTTVTr/e6fj/Hd96BofyWr/as75CsmVq5XyuYj4d0ScjsKBtL7d85zzqw8b3ba1z//SJW2/NRfMzuNR/sDTx8yW6qWIGH2euFse34n4X75T/Ml6/ycd+j/9fVzq+BMLW9acKN//f7f2d45/fzV+iHilY/9vPNFKtn8+OdG8HiZaV8VWf9w98Uu39vsdf9r/h7ePfzxpf15b230b3x/8q9xt216v/9Hkk2a5lQQ3S/X64mTEaPJhs36wff3UxrGtemv/NP7Tp7Yf/zpd/+nN16fPGP/d43e77joI/T+7q/7ffeHhB5991639Z+v/15ul09mabPzrLLtWnvUEn/f3BwAAAAAAAIMkFxFHIskV18u5XLG49v6O43E4V6nW6meuVJeuzUbzs7LjUci1nnQfbXs/xGT2fthWfWpTfToijkXE1yOHmvXiTLUy2+/gAQAAAAAAAAAAAAAAAAAAYECMdfn8f+rXkX6fHbDvml9scKDfZwH0w45f+d+Lb3oCBtKO+Q+8tOQ/DC/5D8NL/sPwkv8wvOQ/DC/5D8NL/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXbp4MV0aq09uzaT12RvLS/PVG2dny7X54sLSTHGmuni9OFetzlXKxZnqwk4/r1KtXp+ciqWbE/VyrT5RW165vFBdula/fHWhNFe+XC5s7Jrb38gAAAAAAAAAAAAAAAAAAADgxVFbXpkvVSrlRYWuhXdjIE5jPwNcs6fD84MShUKXwp2se3d3VB8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY5J8AAAD//9ybLZI=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000180)='GPL\x00', 0xb8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r12, 0x5, 0xe, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
request_key(&(0x7f00000004c0)='id_resolver\x00', &(0x7f0000000500)={'syz', 0x3}, &(0x7f0000000540)='/dev/vcs#\x00', r3)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000006c0)={@private0, @remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x82480227, r2})

1.076143326s ago: executing program 2 (id=3001):
socket$inet(0x2, 0x80001, 0x84) (async)
r0 = socket$inet(0x2, 0x80001, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x64)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
memfd_secret(0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r8, 0x40187013, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="19"], 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="19"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9], 0x44}}, 0x0)
getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x0, [0x7, 0x5, 0xd010]}, &(0x7f0000000100)=0x44)

820.065359ms ago: executing program 2 (id=3003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xfffffffffffffd12, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x5f, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000001600)="7e1a7dfd7b4aea36b5f2ed8fcef2da1575cfc912861abd5a29eb7e14", 0x1c}], 0x1)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000140), 0x13f, 0xa}}, 0x20)
r5 = syz_io_uring_setup(0x5ab8, &(0x7f00000003c0)={0x0, 0x4278, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000002c0)=<r7=>0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9, 0x0, 0x8000000}, 0x18)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', <r11=>0x0})
bind$packet(r10, &(0x7f0000000040)={0x11, 0x19, r11, 0x1, 0x1}, 0x14)
bind$packet(r10, &(0x7f00000000c0)={0x11, 0x6, r11, 0x1, 0x4, 0x6, @random="0700ffffa1f6"}, 0x14)
syz_io_uring_submit(r6, r7, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x3b, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0, 0xc0002120, 0x1})
r12 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r12, 0x10e, 0x1, 0x0, 0x0)
bind$netlink(r12, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfb}, 0xc)
fsetxattr$trusted_overlay_origin(r12, &(0x7f0000000180), &(0x7f0000000200), 0x2, 0x2)
r13 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x9d})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r13, 0x11, &(0x7f00000002c0), 0x2)
io_uring_enter(r5, 0x678, 0x5, 0x0, 0x0, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c0000001a00000825bd7000fedbdf250a800002fe01fe0a00010000060015000400000008000400", @ANYRES32=r11, @ANYBLOB="08000300", @ANYRES32=r11, @ANYBLOB="0600350002000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x13f, 0x8}}, 0x20)
syz_genetlink_get_family_id$devlink(&(0x7f0000000380), r12)
close_range(r2, 0xffffffffffffffff, 0x0)

794.6045ms ago: executing program 0 (id=3004):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000200000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

772.36581ms ago: executing program 2 (id=3005):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x40800, 0x0, 0x0, 0x0, &(0x7f0000000000))
sendfile(0xffffffffffffffff, r2, &(0x7f0000000280)=0xc0, 0x8)
pipe2$9p(&(0x7f0000002180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r5}, 0x18)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdio@', @ANYRESHEX=r4, @ANYBLOB=',access=user,\x00'])
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0x32600)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r1, 0x0, 0x1034}, 0x18)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r8, 0x0, 0x2}, 0x18)
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r9, 0x0)
connect$unix(r7, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r10 = socket$unix(0x1, 0x1, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000980)=ANY=[@ANYRES32=r12, @ANYRES16=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYRES16=r5], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000340)='ext4_mb_release_inode_pa\x00', r13, 0x0, 0xffffffffdfc00000}, 0x18)
sendmsg$NFT_BATCH(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c000480480001800800010066696200"], 0x122}}, 0x10)
connect$unix(r10, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
close(r9)
sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000006c0)="3755fd56893f04e0fa70a413d7d7d19336c32a74e472306dba7141b03e31bc3a74932785443fb61db38cd885f4ed606f13912a823f780d05d666d0f850f03b7ba61decee6e6754eaa02abba34c729f041f51db30b3083668e3caf6dd5ad8801d9a3d18c66f1538e7a688e4be23029fd1870cebd8a22b778b2ca9c6f0fbae6caed6d7a303a401a8a17b7a", 0x8a}], 0x1}}], 0x2, 0x0)

628.175832ms ago: executing program 1 (id=3006):
socket$igmp(0x2, 0x3, 0x2)
socket$unix(0x1, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x80ff, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001a00010000000000000000000a008000", @ANYRES32=0x0, @ANYBLOB="0000000008000200000000001400", @ANYRES64=r0], 0x38}}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r2 = syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file2\x00', 0xc04d100c, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@sysvgroups}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}]}, 0xfe, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd6, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = io_uring_setup(0x38eb, &(0x7f0000000300)={0x0, 0x342a, 0x40, 0x0, 0x3d7})
r4 = socket$inet6(0xa, 0x806, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x0)
bind$inet6(r4, &(0x7f0000000440)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
listen(r4, 0x3)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r3, 0x18, &(0x7f0000000280)={0x753, r2, 0x9, {0x8, 0x5b}, 0x81}, 0x1)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x1, 0x10}, 0x18)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)

579.171683ms ago: executing program 0 (id=3007):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b000000070000000f0000000900000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000072000000"], &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x80000000000000}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000008000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000014010000033800001d13f8ff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000001840), 0xfffffff7, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000440), 0x2, r0}, 0x38)

409.973695ms ago: executing program 2 (id=3008):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000008040000cd00000001"], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000200)={<r4=>0x0, 0x4, 0x10, 0x6, 0x2}, &(0x7f0000000280)=0x18)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000002c0)={r4, 0x5}, &(0x7f0000000580)=0x8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x2000000000000226, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")

403.569125ms ago: executing program 1 (id=3009):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
write$UHID_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fffffff7850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})

366.465215ms ago: executing program 0 (id=3010):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

344.185066ms ago: executing program 1 (id=3011):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r0, &(0x7f00000016c0)="ab", 0x1, 0x18844, &(0x7f0000001440)={0x2, 0x4e22, @local}, 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="20000000000000008400000002000000000041000000000000000000", @ANYRES32=0x0, @ANYBLOB='0\x00'], 0x50}, 0x0)

336.732446ms ago: executing program 4 (id=3012):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000a40000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r2=>0x0})
r3 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28)
ioctl$EXT4_IOC_GROUP_ADD(r3, 0xc0185879, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x18, &(0x7f0000000200)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}], &(0x7f00000002c0)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000001bc0)=""/4096, 0x40f00, 0x1, '\x00', r2, 0x0, r3, 0x8, &(0x7f0000000340)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000380)={0x4, 0x8, 0x80000000, 0x9cb}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000003c0)=[r0, r0], &(0x7f0000000400)=[{0x0, 0x1, 0x9, 0xb}, {0x3, 0x3, 0x9, 0x4}, {0x5, 0x2, 0x10, 0x5}, {0x5, 0x3, 0x4, 0x8}, {0x2, 0x5, 0x2, 0x3}], 0x10, 0xfffffffb, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_SETVESABLANK(r4, 0x541c, &(0x7f0000000480))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f0000000140)='Q', 0xfffffffffffffcc1, 0x200980)
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x18)
r9 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r9, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000001300)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r9, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendfile(r6, r6, 0x0, 0xe0000000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

229.765967ms ago: executing program 0 (id=3013):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000))

195.657438ms ago: executing program 0 (id=3014):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file3\x00', 0xe, &(0x7f0000000500)={[], [{@context={'context', 0x3d, 'system_u'}}]}, 0x3, 0x448, &(0x7f0000001400)="$eJzs20toXNUbAPDv3knSf5+Zf62PPqzRKgYfSZNW7cKNouBCQdBFXcY8Suy0kSaCLUGjSF1Kwb24FFy6cqUbUVeCW91LoUhAWl1F7szcZGacSTNhkkk7vx/c9Jy5Zzjfxz1n5tx7OgH0rKHsTxKxLyJ+i4jBSrW+wVDln1vLi5N/Ly9OJrGy8safSbndzeXFybxp/r691cpwGpF+ksTRJv3OX75yfqL010pFxOjChXdH5y9feXr2wsS56XPTF8fPnDl9auy5Z8ef6UieWUw3j3wwd+zwK29de23y7LW3f/o6yfNvyKNDhtY7+ViW9F1kf0056etiILSlEBHZ5eovz//BKMTaxRuMlz/uanDAlsq+ffe2Pr20AtzFkuh2BEB35F/02f1vfmzT0mNHuPFC5QYoy/tW9aic6Yu02qa/4f62k4Yi4uzSP19kR2zNcwgAgDrfZeufp5qt/9K4r6bdgereUDEi/h8RByPinog4FBH3RpTb3h8RD7TZf+MmyX/XP+n1TSW2Qdn67/nq3lb9+i9f/UWxUK3tL+ffn8wcP1A+kf0djv5dM7Ol6bF1+vj+pV8/a3Wudv2XHVn/+VqwGsf1vl3175maWJjYfMb1bnwUcaSvWf7J6k5AEhGHI+LIJvuYfeKrY63O3T7/egO1lQ7sM618GfF45fovRUP+uay0zv7k6P+iNH1yNBsFJ5v28fMvV19v1X+7+Xdadv33NB3/q/kXk9X92tL0pfn2+7j6+6d1c7p2f3mz438gebNczsfD+xMLC5fGIgaSVytB174+vvbevJ63z/IfPtF8/h+sifdoRGSD+MGIOB4RD1VjfzgiHomIE+vk/+OLj77T6txOuP5TbV3/tcJANL7SvFA4/8O3dZ0W28k/u/6ny6Xh6isb+fzbSFybG80AAABw50kjYl8k6chqOU1HRir/X/5Q7ElLc/MLT87MvXdxqvIbgWL0p/mTrsH8eWj1+Wexpj7eUD9VfW78eWF3uT4yOVea6nby0OP2tpj/mT8K3Y4O2HJ+rwW9y/yH3mX+Q+8y/6F3NZn/u7sRB7D9mn3/f9iFOIDt1zD/bftBD3H/D73L/IfeZf5DT5rfHbf/kbxCrxS+ObnhxpHukJjXK1QGeRI7JZ47qNDtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+DcAAP//dMbo2g==")
r1 = socket$inet(0x2b, 0x801, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x1, @remote}, 0xa}}, 0x26)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x30, r4, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IFNAME={0x14}]}, 0x30}}, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2, &(0x7f0000000000), &(0x7f0000000340)=0x4)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000080)={0x6, {{0x2, 0x4e23, @loopback}}, 0x0, 0x4, [{{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e21, @multicast2}}, {{0x2, 0x4e22, @local}}, {{0x2, 0x4e20, @local}}]}, 0x290)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, 0x0, 0x64)

189.903968ms ago: executing program 1 (id=3015):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000027c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000c00)=ANY=[@ANYRESOCT=r3, @ANYRESDEC=r3, @ANYRES64=r2, @ANYRES16=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r5}, 0x10)
r7 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000940)=ANY=[@ANYBLOB="0020008b3ecec996935a0000000000000000002e7c1065d1b5c3ff7cd9a4c91a762a7356c86c55966c4ef33270f11bff2052f2d655b151fe6825b2ea6a1e5eca8a9444160534ac80e119222f7a6bec46e77dc5d35232de7662c29ce0852e0d82872192090a26c526c843676272299edbc2406708a80e337454c90067c30b9cbbbca01e478a5d03219b8dcb4330a054931b0d7658ec1619006863a2d9e15a85499f2d9a0400000000000000eae7cf515cb75b626f438e02857e0f5aa0331554b27b40962b9cdb6599a502a9bcdec5f16b385543167d514f3dd1ec8a4b28f91637a8fdf080295d9effe8f1030100d1f04bf4c7a9ec28e463c03644d1f92eeac2b204ccb46eb300221a598ac4c85e2b1fdec6d69ce9c9a2925c379d61023ac67c77d2018f82db609ca04bbe0d739e55d717420caf102dd9ef509468cd7c3ed4be89a58b181b2879c109f743aebe27206e6247fb23e3f03c653d8eb81f40d0af63c5a32c08ca6621f9b05c71b695748c0c7fe674575dcc7811e6d7a2605dec8586205fcb038f42511b5120cdab0393493cb35c7385576da499927bbb725816d25b4500df100a88c7d0867890338d98444aff882201f36974f2fd94bb3fa43274b7f66fa5ba0c8f5cdf8ae9415f6163d0eb4000ac8964fdbf6f05fe929d27b48f547fc94e26051e0dae59a60f858ed975e0169b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r6, @ANYRES32=<r8=>r7, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x23)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r12}, 0x10)
pipe2(&(0x7f0000001cc0)={<r13=>0xffffffffffffffff, <r14=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000080), 0x8080, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r13}, 0x2c, {'wfdno', 0x3d, r14}, 0x2c, {[{@aname={'aname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00'}}]}})
r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r15}, 0x18)
r16 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000c40)=ANY=[@ANYRES8=r10, @ANYRESHEX=r7, @ANYRES8=r4, @ANYRESDEC=r8, @ANYRESDEC=r3], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r16}, 0x18)
r17 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r17, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x4c085}, 0x80)
write$cgroup_int(r9, &(0x7f0000000000)=0xfe8e, 0x12)
r18 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r9, &(0x7f0000000900)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xc0000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000b40)=ANY=[@ANYBLOB="24000000936643e730c72532b4177be5c7ab418937beb8af62d7b9d59453f1ed6ef8a7ab9ede7fbf44a30c05ffd7c0da41180738f5a655fe50bdea6ae14ef38ad503d02b3d696c467ff5da78c11cb20823e468bf7c71017477b0be4f679728a1c9829f70f03ebe958e2487682086cd4e8c1db678b61e49ba6dd43278ebc55932d51a", @ANYRES16=r18, @ANYBLOB="20002abd7000fbdbdf253d00000008005d000100000008005d0001000000"], 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x20000850)
r19 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r19, 0x0, 0x4}, 0x18)

111.564549ms ago: executing program 0 (id=3016):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x1008002, &(0x7f0000000340)={[{@grpquota}, {@sysvgroups}, {@resuid}, {@errors_continue}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x0, 0x5e0, &(0x7f0000000bc0)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sQxd3pv6bR3+kU7t3J/v2TouefM5Zzb6dNz5vScOwFU1mD6Ty1if0RMJxH9yfxiWWdkhYMLz3vw50dn00cS9fprvyeRZHn585Psa192ck9E/PhDEvs6VtY7M3ft4vjU1OTV7Hh49tL08MzctcMXLo2fnzw/eXn0hdETx48dPzFyZFPXdb0g7/TNd9/v/2TszW+++isZ+faXsSROxsvZE5dex1YZjMHG9yRZWdR3YqsrK0lH9nOy9CVOOoue2dW+RrFu+euXvjpPRH90xMMXrz8+fqXUxgHbqp5E1IGKSsQ/VFQ+Dsjf2y9/H1wrZVQCtMP9UwsTACvjv3NhbjB6GnMDux8ksXRaJ4mIzc3MNdsTEXfvjN08d2fsZmzTPBxQbP5GRDxZFP9JI/4HoicGGvFfa4r/dFxwJvua5r+6yfqXTxWLf2ifhfjvWTX+o0X8v7Uk/t/eZP2DD5Pv9DbFf+9mLwkAAAAAAAAq6/apiHi+6O//tcX1P1Gw/qcvIk5uQf2Dy45X/v2/dm8LqgEK3D8V8VLh+t9avvp3oCNL/aexHqArOXdhavJIRPw3Ig5F1670eGSVOg5/uu/LVmWD2fq//JHWfzdbC5i1417nruZzJsZnxx/1uoGI+zcinipc/5ss9v9JQf+f/j6YXmcd+569daZV2drxD2yX+tcRBwv7/4d3rUhWvz/HcGM8MJyPClZ6+sPPvmtV/2bjv/AWE8CGpP3/7tXjfyBZer+emY3XcXSus96qbLPj/+7k9cYtZ7qzvA/GZ2evjkR0J6c70tym/NGNtxkeR3k85PGSxv+hZ1af/ysa//dGxPyy/zv5o3lPce7/f/f92qo9xv9QnjT+JzbU/288MXpr4PtW9a+v/z/W6OsPZTnm/2DBF3mYdjfnF4RjZ1FRu9sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+DWkTsiaQ2tJiu1YaGIvoi4n+xuzZ1ZWb2uXNX3rs8kZY1Pv+/ln/Sb//CcZJ//v/AkuPRZcdHI2JvRHze0ds4Hjp7ZWqi7IsHAAAAAAAAAAAAAAAAAACAHaKvxf7/1G8dZbcO2HadZTcAKE1B/P9URjuA9tP/Q3WJf6gu8Q/VJf6husQ/VJf4h+oS/1Bd4h8AAAAAAB4rew/c/jmJiPkXexuPVHdW1lVqy4DtViu7AUBp3OIHqsvSH6gu7/GBZI3ynpYnrXXmaqbPPsLJAAAAAAAAAAAAAFA5B/fb/w9VZf8/VJf9/1Bd+f7/AyW3A2g/7/GBWGMnf+H+/zXPAgAAAAAAAAAAAAC20szctYvjU1OTVyXe2BnNaGeiXq9fT38Kdkp7/uWJfCn8TmnPskS+1299Z5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//+Ekkyg==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$mouse(&(0x7f0000000080), 0x5, 0x2000)
write$P9_RSYMLINK(r3, &(0x7f00000001c0)={0x14, 0x11, 0x2, {0x10, 0x1}}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000000}, 0x18)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, 0x0, &(0x7f0000000000)={0x8, 0x4, 0x0, 0x6})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x1008002, &(0x7f0000000340)={[{@grpquota}, {@sysvgroups}, {@resuid}, {@errors_continue}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x0, 0x5e0, &(0x7f0000000bc0)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sQxd3pv6bR3+kU7t3J/v2TouefM5Zzb6dNz5vScOwFU1mD6Ty1if0RMJxH9yfxiWWdkhYMLz3vw50dn00cS9fprvyeRZHn585Psa192ck9E/PhDEvs6VtY7M3ft4vjU1OTV7Hh49tL08MzctcMXLo2fnzw/eXn0hdETx48dPzFyZFPXdb0g7/TNd9/v/2TszW+++isZ+faXsSROxsvZE5dex1YZjMHG9yRZWdR3YqsrK0lH9nOy9CVOOoue2dW+RrFu+euXvjpPRH90xMMXrz8+fqXUxgHbqp5E1IGKSsQ/VFQ+Dsjf2y9/H1wrZVQCtMP9UwsTACvjv3NhbjB6GnMDux8ksXRaJ4mIzc3MNdsTEXfvjN08d2fsZmzTPBxQbP5GRDxZFP9JI/4HoicGGvFfa4r/dFxwJvua5r+6yfqXTxWLf2ifhfjvWTX+o0X8v7Uk/t/eZP2DD5Pv9DbFf+9mLwkAAAAAAAAq6/apiHi+6O//tcX1P1Gw/qcvIk5uQf2Dy45X/v2/dm8LqgEK3D8V8VLh+t9avvp3oCNL/aexHqArOXdhavJIRPw3Ig5F1670eGSVOg5/uu/LVmWD2fq//JHWfzdbC5i1417nruZzJsZnxx/1uoGI+zcinipc/5ss9v9JQf+f/j6YXmcd+569daZV2drxD2yX+tcRBwv7/4d3rUhWvz/HcGM8MJyPClZ6+sPPvmtV/2bjv/AWE8CGpP3/7tXjfyBZer+emY3XcXSus96qbLPj/+7k9cYtZ7qzvA/GZ2evjkR0J6c70tym/NGNtxkeR3k85PGSxv+hZ1af/ysa//dGxPyy/zv5o3lPce7/f/f92qo9xv9QnjT+JzbU/288MXpr4PtW9a+v/z/W6OsPZTnm/2DBF3mYdjfnF4RjZ1FRu9sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+DWkTsiaQ2tJiu1YaGIvoi4n+xuzZ1ZWb2uXNX3rs8kZY1Pv+/ln/Sb//CcZJ//v/AkuPRZcdHI2JvRHze0ds4Hjp7ZWqi7IsHAAAAAAAAAAAAAAAAAACAHaKvxf7/1G8dZbcO2HadZTcAKE1B/P9URjuA9tP/Q3WJf6gu8Q/VJf6husQ/VJf4h+oS/1Bd4h8AAAAAAB4rew/c/jmJiPkXexuPVHdW1lVqy4DtViu7AUBp3OIHqsvSH6gu7/GBZI3ynpYnrXXmaqbPPsLJAAAAAAAAAAAAAFA5B/fb/w9VZf8/VJf9/1Bd+f7/AyW3A2g/7/GBWGMnf+H+/zXPAgAAAAAAAAAAAAC20szctYvjU1OTVyXe2BnNaGeiXq9fT38Kdkp7/uWJfCn8TmnPskS+1299Z5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//+Ekkyg==") (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
syz_open_dev$mouse(&(0x7f0000000080), 0x5, 0x2000) (async)
write$P9_RSYMLINK(r3, &(0x7f00000001c0)={0x14, 0x11, 0x2, {0x10, 0x1}}, 0x14) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000000}, 0x18) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, 0x0, &(0x7f0000000000)={0x8, 0x4, 0x0, 0x6}) (async)

0s ago: executing program 1 (id=3017):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000002000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

kernel console output (not intermixed with test programs):

  298.355723][T10690] ext4_test_bit(bit=12, block=18) = 1
[  298.361205][T10690] is_bad_inode(inode)=0
[  298.365373][T10690] NEXT_ORPHAN(inode)=2130706432
[  298.370307][T10690] max_ino=32
[  298.373529][T10690] i_nlink=1
[  298.377349][T10690] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  298.624270][T10690] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz.0.2487: deleted inode referenced: 12
[  298.637794][T10690] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz.0.2487: deleted inode referenced: 12
[  298.664807][T10694] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2488'.
[  298.699271][T10696] dccp_invalid_packet: P.Data Offset(100) too large
[  298.781863][T10685] Cannot find add_set index 3 as target
[  298.923788][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  298.931474][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  298.939501][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  298.955075][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  298.962569][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  298.970040][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  298.977899][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  298.985316][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  298.992774][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.000330][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.007909][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.015319][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.015350][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.030277][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.030305][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.030332][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.030375][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.030444][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.030470][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.030543][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  299.030879][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.031034][   T10] hid-generic 0000:0004:0000.000B: hidraw0: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  299.032495][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.034187][T10710] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.086960][T10715] netlink: 'syz.4.2495': attribute type 10 has an invalid length.
[  299.147536][T10716] netlink: 'syz.3.2497': attribute type 7 has an invalid length.
[  299.170279][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.182948][T10710] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.213718][T10720] loop2: detected capacity change from 0 to 2048
[  299.228147][T10710] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.241656][T10720] Alternate GPT is invalid, using primary GPT.
[  299.248117][T10720]  loop2: p2 p3 p7
[  299.278239][T10710] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.402267][T10736] loop3: detected capacity change from 0 to 1024
[  299.437273][T10736] EXT4-fs: Ignoring removed oldalloc option
[  299.443227][T10736] EXT4-fs: Ignoring removed i_version option
[  299.475969][T10738] loop2: detected capacity change from 0 to 512
[  299.484161][T10736] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.507729][T10738] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  299.530329][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.559382][T10738] EXT4-fs (loop2): 1 truncate cleaned up
[  299.576570][T10738] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.621877][T10738] xt_hashlimit: max too large, truncated to 1048576
[  299.689477][T10752] netlink: 'syz.0.2511': attribute type 7 has an invalid length.
[  299.697399][T10752] __nla_validate_parse: 4 callbacks suppressed
[  299.697426][T10752] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2511'.
[  299.774652][T10755] loop0: detected capacity change from 0 to 512
[  299.783382][T10756] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2513'.
[  299.807990][T10755] EXT4-fs (loop0): orphan cleanup on readonly fs
[  299.814927][T10755] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2512: bad orphan inode 13
[  299.827933][T10755] ext4_test_bit(bit=12, block=18) = 1
[  299.833345][T10755] is_bad_inode(inode)=0
[  299.837595][T10755] NEXT_ORPHAN(inode)=2130706432
[  299.842472][T10755] max_ino=32
[  299.845735][T10755] i_nlink=1
[  299.850746][T10755] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  299.911149][T10755] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz.0.2512: deleted inode referenced: 12
[  299.931560][T10755] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz.0.2512: deleted inode referenced: 12
[  300.038570][T10763] loop1: detected capacity change from 0 to 2048
[  300.047231][T10738] Cannot find add_set index 3 as target
[  300.100502][T10763] Alternate GPT is invalid, using primary GPT.
[  300.107015][T10763]  loop1: p2 p3 p7
[  300.237450][T10769] loop3: detected capacity change from 0 to 512
[  300.245912][T10769] EXT4-fs (loop3): orphan cleanup on readonly fs
[  300.253816][T10769] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.2519: bad orphan inode 13
[  300.264398][T10769] ext4_test_bit(bit=12, block=18) = 1
[  300.269835][T10769] is_bad_inode(inode)=0
[  300.273997][T10769] NEXT_ORPHAN(inode)=2130706432
[  300.278988][T10769] max_ino=32
[  300.282188][T10769] i_nlink=1
[  300.290728][T10769] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  300.317964][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.320258][T10769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.327361][   T29] kauditd_printk_skb: 277 callbacks suppressed
[  300.327379][   T29] audit: type=1400 audit(1746583310.699:10344): avc:  denied  { execute } for  pid=10768 comm="syz.3.2519" name="file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  300.336445][T10769] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.341607][   T29] audit: type=1400 audit(1746583310.699:10345): avc:  denied  { read open } for  pid=10768 comm="syz.3.2519" path="/482/bus/file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  300.395699][   T29] audit: type=1400 audit(1746583310.699:10346): avc:  denied  { write } for  pid=10768 comm="syz.3.2519" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  300.419007][   T29] audit: type=1400 audit(1746583310.699:10347): avc:  denied  { ioctl } for  pid=10768 comm="syz.3.2519" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  300.496797][T10775] EXT4-fs error (device loop3): ext4_lookup:1793: inode #2: comm syz.3.2519: deleted inode referenced: 12
[  300.516843][T10775] EXT4-fs error (device loop3): ext4_lookup:1793: inode #2: comm syz.3.2519: deleted inode referenced: 12
[  300.517910][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.616182][T10780] netlink: 'syz.0.2523': attribute type 7 has an invalid length.
[  300.624059][T10780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2523'.
[  300.713524][T10783] loop0: detected capacity change from 0 to 512
[  300.834238][T10783] EXT4-fs (loop0): too many log groups per flexible block group
[  300.842029][T10783] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  300.851242][T10783] EXT4-fs (loop0): mount failed
[  301.256583][T10710] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.269292][T10710] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.310181][T10710] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.316845][T10801] loop0: detected capacity change from 0 to 2048
[  301.322573][T10710] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.353642][T10803] loop1: detected capacity change from 0 to 512
[  301.373204][T10803] EXT4-fs (loop1): orphan cleanup on readonly fs
[  301.379387][T10801] Alternate GPT is invalid, using primary GPT.
[  301.385964][T10801]  loop0: p2 p3 p7
[  301.392338][T10803] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.2532: bad orphan inode 13
[  301.402625][T10803] ext4_test_bit(bit=12, block=18) = 1
[  301.408161][T10803] is_bad_inode(inode)=0
[  301.412422][T10803] NEXT_ORPHAN(inode)=2130706432
[  301.417409][T10803] max_ino=32
[  301.420612][T10803] i_nlink=1
[  301.426479][T10806] netlink: 'syz.4.2533': attribute type 21 has an invalid length.
[  301.446822][T10803] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  301.506029][T10803] EXT4-fs error (device loop1): ext4_lookup:1793: inode #2: comm syz.1.2532: deleted inode referenced: 12
[  301.521106][T10803] EXT4-fs error (device loop1): ext4_lookup:1793: inode #2: comm syz.1.2532: deleted inode referenced: 12
[  301.553081][   T29] audit: type=1326 audit(1746583311.929:10348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc47eae969 code=0x7ffc0000
[  301.576723][   T29] audit: type=1326 audit(1746583311.929:10349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc47eae969 code=0x7ffc0000
[  301.601257][   T29] audit: type=1326 audit(1746583311.979:10350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fdc47eae969 code=0x7ffc0000
[  301.625046][   T29] audit: type=1326 audit(1746583311.979:10351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc47eae969 code=0x7ffc0000
[  301.648919][   T29] audit: type=1326 audit(1746583311.979:10352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc47eae969 code=0x7ffc0000
[  301.673730][   T29] audit: type=1326 audit(1746583311.979:10353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fdc47eae969 code=0x7ffc0000
[  301.700807][T10814] loop4: detected capacity change from 0 to 512
[  301.733453][T10814] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.746317][T10814] ext4 filesystem being mounted at /526/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  301.781069][T10821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2537'.
[  301.797960][T10821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2537'.
[  301.815239][T10821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2537'.
[  301.824290][T10821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2537'.
[  301.845571][T10821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2537'.
[  301.855027][T10821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2537'.
[  301.898711][T10829] loop2: detected capacity change from 0 to 512
[  301.907520][T10829] EXT4-fs (loop2): too many log groups per flexible block group
[  301.915225][T10829] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  301.922175][T10829] EXT4-fs (loop2): mount failed
[  302.027384][T10838] loop2: detected capacity change from 0 to 512
[  302.038630][T10838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.051212][T10838] ext4 filesystem being mounted at /537/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  302.067010][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.126620][T10846] loop1: detected capacity change from 0 to 2048
[  302.143825][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.191751][T10846] Alternate GPT is invalid, using primary GPT.
[  302.198263][T10846]  loop1: p2 p3 p7
[  302.384329][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.401763][T10857] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2549'.
[  302.424670][T10859] loop3: detected capacity change from 0 to 1024
[  302.431564][T10859] EXT4-fs: Ignoring removed oldalloc option
[  302.437620][T10859] EXT4-fs: Ignoring removed orlov option
[  302.443700][T10859] EXT4-fs (loop3): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  302.459928][T10859] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.500644][T10864] loop4: detected capacity change from 0 to 512
[  302.540019][T10864] EXT4-fs (loop4): too many log groups per flexible block group
[  302.547810][T10864] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  302.561710][T10871] netlink: 'syz.0.2553': attribute type 21 has an invalid length.
[  302.562259][T10864] EXT4-fs (loop4): mount failed
[  302.591479][T10873] loop0: detected capacity change from 0 to 512
[  302.599428][T10873] EXT4-fs (loop0): orphan cleanup on readonly fs
[  302.606321][T10873] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2554: bad orphan inode 13
[  302.617628][T10873] ext4_test_bit(bit=12, block=18) = 1
[  302.623046][T10873] is_bad_inode(inode)=0
[  302.627336][T10873] NEXT_ORPHAN(inode)=2130706432
[  302.632224][T10873] max_ino=32
[  302.635527][T10873] i_nlink=1
[  302.639527][T10873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  302.763401][T10881] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz.0.2554: deleted inode referenced: 12
[  302.802259][T10881] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz.0.2554: deleted inode referenced: 12
[  302.846376][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.907140][T10883] loop2: detected capacity change from 0 to 512
[  303.037720][T10890] loop2: detected capacity change from 0 to 512
[  303.049435][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.075891][T10890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.088775][T10890] ext4 filesystem being mounted at /539/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  303.127911][T10898] FAULT_INJECTION: forcing a failure.
[  303.127911][T10898] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.141274][T10898] CPU: 0 UID: 0 PID: 10898 Comm: syz.1.2564 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  303.141310][T10898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  303.141326][T10898] Call Trace:
[  303.141340][T10898]  <TASK>
[  303.141351][T10898]  __dump_stack+0x1d/0x30
[  303.141419][T10898]  dump_stack_lvl+0xe8/0x140
[  303.141443][T10898]  dump_stack+0x15/0x1b
[  303.141464][T10898]  should_fail_ex+0x265/0x280
[  303.141499][T10898]  should_fail+0xb/0x20
[  303.141581][T10898]  should_fail_usercopy+0x1a/0x20
[  303.141602][T10898]  _copy_to_user+0x20/0xa0
[  303.141622][T10898]  simple_read_from_buffer+0xb5/0x130
[  303.141702][T10898]  proc_fail_nth_read+0x100/0x140
[  303.141790][T10898]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  303.141818][T10898]  vfs_read+0x19d/0x6f0
[  303.141847][T10898]  ? __rcu_read_unlock+0x4f/0x70
[  303.141874][T10898]  ? __fget_files+0x184/0x1c0
[  303.141958][T10898]  ksys_read+0xda/0x1a0
[  303.141983][T10898]  __x64_sys_read+0x40/0x50
[  303.142026][T10898]  x64_sys_call+0x2d77/0x2fb0
[  303.142047][T10898]  do_syscall_64+0xd0/0x1a0
[  303.142096][T10898]  ? clear_bhb_loop+0x25/0x80
[  303.142135][T10898]  ? clear_bhb_loop+0x25/0x80
[  303.142163][T10898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.142189][T10898] RIP: 0033:0x7f2acdced37c
[  303.142220][T10898] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  303.142241][T10898] RSP: 002b:00007f2acc357030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  303.142316][T10898] RAX: ffffffffffffffda RBX: 00007f2acdf15fa0 RCX: 00007f2acdced37c
[  303.142359][T10898] RDX: 000000000000000f RSI: 00007f2acc3570a0 RDI: 0000000000000005
[  303.142374][T10898] RBP: 00007f2acc357090 R08: 0000000000000000 R09: 0000000000000014
[  303.142390][T10898] R10: 0000000004004810 R11: 0000000000000246 R12: 0000000000000001
[  303.142405][T10898] R13: 0000000000000000 R14: 00007f2acdf15fa0 R15: 00007ffdf731e0e8
[  303.142424][T10898]  </TASK>
[  303.401570][   T31] smc: removing ib device syz2
[  303.408090][T10901] bond0: (slave bond_slave_0): Releasing backup interface
[  303.422174][ T3380] syz2: Port: 1 Link DOWN
[  303.597898][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.651431][T10912] can0: slcan on ttyS3.
[  303.747881][T10912] can0 (unregistered): slcan off ttyS3.
[  303.755871][T10921] can0: slcan on ttyS3.
[  303.758552][T10920] loop0: detected capacity change from 0 to 512
[  303.825091][T10920] EXT4-fs (loop0): too many log groups per flexible block group
[  303.832862][T10920] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  303.853422][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.878980][T10920] EXT4-fs (loop0): mount failed
[  303.967344][T10937] loop2: detected capacity change from 0 to 512
[  303.977448][T10937] loop2: detected capacity change from 0 to 512
[  304.488555][T10946] loop4: detected capacity change from 0 to 128
[  304.536510][T10951] netlink: 'syz.4.2585': attribute type 7 has an invalid length.
[  304.679768][T10963] loop4: detected capacity change from 0 to 512
[  304.699663][T10963] ext4 filesystem being mounted at /543/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  304.865891][T10971] __nla_validate_parse: 8 callbacks suppressed
[  304.865908][T10971] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2591'.
[  304.906189][T10973] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2592'.
[  305.010026][T10981] netlink: 'syz.0.2596': attribute type 7 has an invalid length.
[  305.017887][T10981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2596'.
[  305.099003][T10986] netlink: 'syz.0.2598': attribute type 3 has an invalid length.
[  305.106787][T10986] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2598'.
[  305.163500][T10990] FAULT_INJECTION: forcing a failure.
[  305.163500][T10990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.176663][T10990] CPU: 0 UID: 0 PID: 10990 Comm: syz.0.2600 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  305.176698][T10990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  305.176715][T10990] Call Trace:
[  305.176722][T10990]  <TASK>
[  305.176791][T10990]  __dump_stack+0x1d/0x30
[  305.176818][T10990]  dump_stack_lvl+0xe8/0x140
[  305.176901][T10990]  dump_stack+0x15/0x1b
[  305.176946][T10990]  should_fail_ex+0x265/0x280
[  305.176986][T10990]  should_fail+0xb/0x20
[  305.177020][T10990]  should_fail_usercopy+0x1a/0x20
[  305.177081][T10990]  _copy_to_user+0x20/0xa0
[  305.177145][T10990]  bpf_obj_get_info_by_fd+0x1c3a/0x1ee0
[  305.177204][T10990]  __sys_bpf+0x6bb/0x790
[  305.177247][T10990]  __x64_sys_bpf+0x41/0x50
[  305.177376][T10990]  x64_sys_call+0x2478/0x2fb0
[  305.177402][T10990]  do_syscall_64+0xd0/0x1a0
[  305.177429][T10990]  ? clear_bhb_loop+0x25/0x80
[  305.177460][T10990]  ? clear_bhb_loop+0x25/0x80
[  305.177565][T10990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.177591][T10990] RIP: 0033:0x7fdc47eae969
[  305.177608][T10990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.177630][T10990] RSP: 002b:00007fdc46517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  305.177665][T10990] RAX: ffffffffffffffda RBX: 00007fdc480d5fa0 RCX: 00007fdc47eae969
[  305.177739][T10990] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 000000000000000f
[  305.177754][T10990] RBP: 00007fdc46517090 R08: 0000000000000000 R09: 0000000000000000
[  305.177769][T10990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.177784][T10990] R13: 0000000000000000 R14: 00007fdc480d5fa0 R15: 00007ffd73cbc528
[  305.177808][T10990]  </TASK>
[  305.179872][T10992] dccp_invalid_packet: P.Data Offset(100) too large
[  305.507200][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  305.507215][   T29] audit: type=1400 audit(1746583315.879:10435): avc:  denied  { getopt } for  pid=11003 comm="syz.4.2607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  305.583846][   T29] audit: type=1400 audit(1746583315.919:10436): avc:  denied  { write } for  pid=11004 comm="syz.1.2608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  305.629230][T11013] loop4: detected capacity change from 0 to 512
[  305.661364][   T29] audit: type=1400 audit(1746583316.039:10437): avc:  denied  { sqpoll } for  pid=11019 comm="syz.0.2614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  305.688432][T11020] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2614'.
[  305.708238][T11013] EXT4-fs (loop4): too many log groups per flexible block group
[  305.715972][T11013] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  305.716357][   T29] audit: type=1400 audit(1746583316.089:10438): avc:  denied  { create } for  pid=11019 comm="syz.0.2614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  305.722982][T11013] EXT4-fs (loop4): mount failed
[  305.752073][T11017] netlink: '+}[@': attribute type 4 has an invalid length.
[  305.761392][T11017] netlink: '+}[@': attribute type 4 has an invalid length.
[  305.778519][T11027] dccp_invalid_packet: P.Data Offset(100) too large
[  305.800634][   T29] audit: type=1400 audit(1746583316.179:10439): avc:  denied  { bind } for  pid=11019 comm="syz.0.2614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  305.836340][T11033] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2617'.
[  305.853959][   T29] audit: type=1400 audit(1746583316.209:10440): avc:  denied  { listen } for  pid=11019 comm="syz.0.2614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  305.932423][T11038] loop4: detected capacity change from 0 to 512
[  305.948415][T11038] ext4 filesystem being mounted at /547/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  305.959055][   T29] audit: type=1326 audit(1746583316.339:10441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11036 comm="syz.1.2619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2acdcee969 code=0x7ffc0000
[  305.989451][   T29] audit: type=1326 audit(1746583316.339:10442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11036 comm="syz.1.2619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2acdcee969 code=0x7ffc0000
[  306.013325][   T29] audit: type=1326 audit(1746583316.369:10443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11036 comm="syz.1.2619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f2acdcee969 code=0x7ffc0000
[  306.037042][   T29] audit: type=1326 audit(1746583316.369:10444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11036 comm="syz.1.2619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2acdcee969 code=0x7ffc0000
[  306.476768][T11052] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2623'.
[  306.544317][T11060] loop2: detected capacity change from 0 to 512
[  306.558247][T11060] EXT4-fs (loop2): too many log groups per flexible block group
[  306.566073][T11060] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  306.573146][T11060] EXT4-fs (loop2): mount failed
[  306.636545][T11068] dccp_invalid_packet: P.Data Offset(100) too large
[  306.653712][T11067] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2629'.
[  306.754918][T11075] loop2: detected capacity change from 0 to 512
[  306.846115][T11075] ext4 filesystem being mounted at /554/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  306.918207][T11083] netlink: 'syz.1.2635': attribute type 1 has an invalid length.
[  306.961228][T11086] 9pnet_fd: Insufficient options for proto=fd
[  306.980919][T11070] SELinux:  policydb version 0 does not match my version range 15-34
[  306.992315][T11070] SELinux: failed to load policy
[  307.003674][T11088] loop1: detected capacity change from 0 to 512
[  307.011370][T11088] EXT4-fs: Ignoring removed nobh option
[  307.030451][T11088] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #4: comm syz.1.2637: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 771, max 4(4), depth 0(0)
[  307.050269][T11088] EXT4-fs error (device loop1): ext4_quota_enable:7129: comm syz.1.2637: Bad quota inode: 4, type: 1
[  307.061596][T11088] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  307.077909][T11088] EXT4-fs (loop1): mount failed
[  307.087995][T11088] loop1: detected capacity change from 0 to 512
[  307.095563][T11088] EXT4-fs (loop1): orphan cleanup on readonly fs
[  307.101973][T11088] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  307.111342][T11088] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  307.127525][T11088] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.2637: attempt to clear invalid blocks 2 len 1
[  307.141672][T11088] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2637: invalid indirect mapped block 1819239214 (level 0)
[  307.173541][T11088] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2637: invalid indirect mapped block 1819239214 (level 1)
[  307.191820][T11088] EXT4-fs (loop1): 1 truncate cleaned up
[  307.199542][T11088] EXT4-fs (loop1): shut down requested (2)
[  307.234014][T11102] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2641'.
[  307.258640][T11104] FAULT_INJECTION: forcing a failure.
[  307.258640][T11104] name failslab, interval 1, probability 0, space 0, times 0
[  307.271535][T11104] CPU: 1 UID: 0 PID: 11104 Comm: syz.3.2642 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  307.271649][T11104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  307.271690][T11106] FAULT_INJECTION: forcing a failure.
[  307.271690][T11106] name failslab, interval 1, probability 0, space 0, times 0
[  307.271746][T11104] Call Trace:
[  307.271755][T11104]  <TASK>
[  307.271764][T11104]  __dump_stack+0x1d/0x30
[  307.271851][T11104]  dump_stack_lvl+0xe8/0x140
[  307.271878][T11104]  dump_stack+0x15/0x1b
[  307.271900][T11104]  should_fail_ex+0x265/0x280
[  307.271942][T11104]  should_failslab+0x8c/0xb0
[  307.271989][T11104]  kmem_cache_alloc_node_noprof+0x57/0x320
[  307.272079][T11104]  ? __alloc_skb+0x101/0x320
[  307.272144][T11104]  __alloc_skb+0x101/0x320
[  307.272184][T11104]  netlink_alloc_large_skb+0xba/0xf0
[  307.272234][T11104]  netlink_sendmsg+0x3cf/0x6b0
[  307.272348][T11104]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.272389][T11104]  __sock_sendmsg+0x142/0x180
[  307.272422][T11104]  ____sys_sendmsg+0x31e/0x4e0
[  307.272451][T11104]  ___sys_sendmsg+0x17b/0x1d0
[  307.272530][T11104]  __x64_sys_sendmsg+0xd4/0x160
[  307.272594][T11104]  x64_sys_call+0x2999/0x2fb0
[  307.272622][T11104]  do_syscall_64+0xd0/0x1a0
[  307.272649][T11104]  ? clear_bhb_loop+0x25/0x80
[  307.272677][T11104]  ? clear_bhb_loop+0x25/0x80
[  307.272767][T11104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.272794][T11104] RIP: 0033:0x7f01b912e969
[  307.272875][T11104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.272899][T11104] RSP: 002b:00007f01b7797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.272923][T11104] RAX: ffffffffffffffda RBX: 00007f01b9355fa0 RCX: 00007f01b912e969
[  307.272978][T11104] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  307.272993][T11104] RBP: 00007f01b7797090 R08: 0000000000000000 R09: 0000000000000000
[  307.273008][T11104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.273023][T11104] R13: 0000000000000000 R14: 00007f01b9355fa0 R15: 00007ffcd995c9c8
[  307.273048][T11104]  </TASK>
[  307.486471][T11106] CPU: 0 UID: 0 PID: 11106 Comm: syz.1.2643 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  307.486504][T11106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  307.486520][T11106] Call Trace:
[  307.486529][T11106]  <TASK>
[  307.486539][T11106]  __dump_stack+0x1d/0x30
[  307.486615][T11106]  dump_stack_lvl+0xe8/0x140
[  307.486641][T11106]  dump_stack+0x15/0x1b
[  307.486660][T11106]  should_fail_ex+0x265/0x280
[  307.486755][T11106]  should_failslab+0x8c/0xb0
[  307.486866][T11106]  __kmalloc_node_noprof+0xa9/0x410
[  307.486890][T11106]  ? __vmalloc_node_range_noprof+0x3c5/0xdf0
[  307.486924][T11106]  __vmalloc_node_range_noprof+0x3c5/0xdf0
[  307.487014][T11106]  ? __rcu_read_unlock+0x4f/0x70
[  307.487039][T11106]  ? sel_write_load+0x158/0x380
[  307.487156][T11106]  vmalloc_noprof+0x5e/0x70
[  307.487233][T11106]  ? sel_write_load+0x158/0x380
[  307.487274][T11106]  sel_write_load+0x158/0x380
[  307.487315][T11106]  ? __pfx_sel_write_load+0x10/0x10
[  307.487420][T11106]  vfs_write+0x266/0x8d0
[  307.487451][T11106]  ? __rcu_read_unlock+0x4f/0x70
[  307.487477][T11106]  ? __fget_files+0x184/0x1c0
[  307.487538][T11106]  ksys_write+0xda/0x1a0
[  307.487604][T11106]  __x64_sys_write+0x40/0x50
[  307.487637][T11106]  x64_sys_call+0x2cdd/0x2fb0
[  307.487665][T11106]  do_syscall_64+0xd0/0x1a0
[  307.487767][T11106]  ? clear_bhb_loop+0x25/0x80
[  307.487794][T11106]  ? clear_bhb_loop+0x25/0x80
[  307.487815][T11106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.487842][T11106] RIP: 0033:0x7f2acdcee969
[  307.487860][T11106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.487896][T11106] RSP: 002b:00007f2acc357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  307.487920][T11106] RAX: ffffffffffffffda RBX: 00007f2acdf15fa0 RCX: 00007f2acdcee969
[  307.487936][T11106] RDX: 00000000000000d1 RSI: 0000200000000d40 RDI: 0000000000000006
[  307.487988][T11106] RBP: 00007f2acc357090 R08: 0000000000000000 R09: 0000000000000000
[  307.488000][T11106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.488012][T11106] R13: 0000000000000000 R14: 00007f2acdf15fa0 R15: 00007ffdf731e0e8
[  307.488033][T11106]  </TASK>
[  307.488042][T11106] syz.1.2643: vmalloc error: size 4096, failed to allocated page array size 8, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null)
[  307.511287][T11108] loop0: detected capacity change from 0 to 512
[  307.513986][T11106] ,cpuset=/,mems_allowed=0
[  307.732571][T11106] CPU: 0 UID: 0 PID: 11106 Comm: syz.1.2643 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  307.732666][T11106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  307.732683][T11106] Call Trace:
[  307.732744][T11106]  <TASK>
[  307.732755][T11106]  __dump_stack+0x1d/0x30
[  307.732839][T11106]  dump_stack_lvl+0xe8/0x140
[  307.732862][T11106]  dump_stack+0x15/0x1b
[  307.732883][T11106]  warn_alloc+0x12b/0x1a0
[  307.732918][T11106]  __vmalloc_node_range_noprof+0x455/0xdf0
[  307.732956][T11106]  ? __rcu_read_unlock+0x4f/0x70
[  307.733049][T11106]  ? sel_write_load+0x158/0x380
[  307.733168][T11106]  vmalloc_noprof+0x5e/0x70
[  307.733196][T11106]  ? sel_write_load+0x158/0x380
[  307.733233][T11106]  sel_write_load+0x158/0x380
[  307.733268][T11106]  ? __pfx_sel_write_load+0x10/0x10
[  307.733320][T11106]  vfs_write+0x266/0x8d0
[  307.733349][T11106]  ? __rcu_read_unlock+0x4f/0x70
[  307.733375][T11106]  ? __fget_files+0x184/0x1c0
[  307.733419][T11106]  ksys_write+0xda/0x1a0
[  307.733448][T11106]  __x64_sys_write+0x40/0x50
[  307.733472][T11106]  x64_sys_call+0x2cdd/0x2fb0
[  307.733525][T11106]  do_syscall_64+0xd0/0x1a0
[  307.733556][T11106]  ? clear_bhb_loop+0x25/0x80
[  307.733580][T11106]  ? clear_bhb_loop+0x25/0x80
[  307.733643][T11106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.733669][T11106] RIP: 0033:0x7f2acdcee969
[  307.733688][T11106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.733736][T11106] RSP: 002b:00007f2acc357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  307.733754][T11106] RAX: ffffffffffffffda RBX: 00007f2acdf15fa0 RCX: 00007f2acdcee969
[  307.733775][T11106] RDX: 00000000000000d1 RSI: 0000200000000d40 RDI: 0000000000000006
[  307.733790][T11106] RBP: 00007f2acc357090 R08: 0000000000000000 R09: 0000000000000000
[  307.733806][T11106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.733821][T11106] R13: 0000000000000000 R14: 00007f2acdf15fa0 R15: 00007ffdf731e0e8
[  307.733845][T11106]  </TASK>
[  307.733863][T11106] Mem-Info:
[  307.942207][T11106] active_anon:14523 inactive_anon:7 isolated_anon:0
[  307.942207][T11106]  active_file:24898 inactive_file:2201 isolated_file:0
[  307.942207][T11106]  unevictable:0 dirty:13 writeback:0
[  307.942207][T11106]  slab_reclaimable:3210 slab_unreclaimable:17900
[  307.942207][T11106]  mapped:37128 shmem:11131 pagetables:1079
[  307.942207][T11106]  sec_pagetables:0 bounce:0
[  307.942207][T11106]  kernel_misc_reclaimable:0
[  307.942207][T11106]  free:1877671 free_pcp:3221 free_cma:0
[  307.987268][T11106] Node 0 active_anon:63196kB inactive_anon:28kB active_file:99592kB inactive_file:8804kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:148512kB dirty:52kB writeback:0kB shmem:49744kB writeback_tmp:0kB kernel_stack:3088kB pagetables:4316kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  307.998036][T11115] netlink: 'syz.4.2646': attribute type 10 has an invalid length.
[  308.016131][T11106] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  308.023998][T11115] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2646'.
[  308.050897][T11106] lowmem_reserve[]: 0 2884 7863 7863
[  308.065278][T11106] Node 0 DMA32 free:2950036kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953568kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  308.094113][T11106] lowmem_reserve[]: 0 0 4978 4978
[  308.099338][T11106] Node 0 Normal free:4529396kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:69344kB inactive_anon:28kB active_file:99592kB inactive_file:8804kB unevictable:0kB writepending:52kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:13956kB local_pcp:4832kB free_cma:0kB
[  308.129548][T11106] lowmem_reserve[]: 0 0 0 0
[  308.134215][T11106] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  308.147096][T11106] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2950036kB
[  308.163446][T11106] Node 0 Normal: 11*4kB (UE) 51*8kB (UME) 714*16kB (UE) 786*32kB (UE) 768*64kB (UME) 618*128kB (UME) 425*256kB (UME) 311*512kB (UME) 264*1024kB (UME) 128*2048kB (UME) 870*4096kB (UM) = 4529316kB
[  308.183015][T11106] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  308.192350][T11106] 41977 total pagecache pages
[  308.197161][T11106] 7 pages in swap cache
[  308.201326][T11106] Free swap  = 124968kB
[  308.205493][T11106] Total swap = 124996kB
[  308.209755][T11106] 2097051 pages RAM
[  308.213572][T11106] 0 pages HighMem/MovableOnly
[  308.218304][T11106] 80258 pages reserved
[  308.223577][T11114] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.248594][T11108] EXT4-fs (loop0): orphan cleanup on readonly fs
[  308.290154][T11108] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2644: bad orphan inode 13
[  308.314975][T11114] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.325201][T11108] ext4_test_bit(bit=12, block=18) = 1
[  308.330717][T11108] is_bad_inode(inode)=0
[  308.334881][T11108] NEXT_ORPHAN(inode)=2130706432
[  308.339809][T11108] max_ino=32
[  308.343049][T11108] i_nlink=1
[  308.409097][T11114] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.436401][T11108] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz.0.2644: deleted inode referenced: 12
[  308.461886][T11108] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz.0.2644: deleted inode referenced: 12
[  308.487586][T11114] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.574436][T11114] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.588398][T11114] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.609867][T11114] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.623129][T11114] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.694287][T11138] loop1: detected capacity change from 0 to 512
[  308.780706][T11142] loop1: detected capacity change from 0 to 512
[  308.810963][T11142] loop1: detected capacity change from 0 to 512
[  309.097369][ T3305] EXT4-fs unmount: 9 callbacks suppressed
[  309.097385][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.219763][T11165] dccp_invalid_packet: P.Data Offset(0) too small
[  309.383327][T11184] loop4: detected capacity change from 0 to 512
[  309.427786][T11184] EXT4-fs (loop4): orphan cleanup on readonly fs
[  309.465594][T11184] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.2679: bad orphan inode 13
[  309.490704][T11184] ext4_test_bit(bit=12, block=18) = 1
[  309.496320][T11184] is_bad_inode(inode)=0
[  309.500736][T11184] NEXT_ORPHAN(inode)=2130706432
[  309.505930][T11184] max_ino=32
[  309.509157][T11184] i_nlink=1
[  309.532870][T11194] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  309.550786][T11184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  309.584861][T11198] loop2: detected capacity change from 0 to 512
[  309.600346][T11198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.612910][T11198] ext4 filesystem being mounted at /559/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  309.680695][T11184] EXT4-fs error (device loop4): ext4_lookup:1793: inode #2: comm syz.4.2679: deleted inode referenced: 12
[  309.694231][T11184] EXT4-fs error (device loop4): ext4_lookup:1793: inode #2: comm syz.4.2679: deleted inode referenced: 12
[  310.082378][T11209] dccp_invalid_packet: P.Data Offset(0) too small
[  310.241287][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.737672][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  310.737691][   T29] audit: type=1400 audit(1746583321.119:10577): avc:  denied  { egress } for  pid=14 comm="ksoftirqd/0" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  310.767618][   T29] audit: type=1400 audit(1746583321.119:10578): avc:  denied  { sendto } for  pid=14 comm="ksoftirqd/0" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  310.815580][   T29] audit: type=1400 audit(1746583321.189:10579): avc:  denied  { shutdown } for  pid=11228 comm="syz.3.2694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  310.887752][   T29] audit: type=1400 audit(1746583321.269:10580): avc:  denied  { ioctl } for  pid=11228 comm="syz.3.2694" path="socket:[31824]" dev="sockfs" ino=31824 ioctlcmd=0x5333 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  310.915165][T11230] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=11230 comm=syz.3.2694
[  310.929667][   T29] audit: type=1400 audit(1746583321.289:10581): avc:  denied  { relabelfrom } for  pid=11228 comm="syz.3.2694" name="" dev="pipefs" ino=31823 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  310.954665][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.132631][T11239] loop0: detected capacity change from 0 to 512
[  311.143082][T11241] __nla_validate_parse: 3 callbacks suppressed
[  311.143097][T11241] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2699'.
[  311.143440][T11239] loop0: detected capacity change from 0 to 512
[  311.204810][T11245] loop2: detected capacity change from 0 to 512
[  311.213078][T11245] EXT4-fs (loop2): orphan cleanup on readonly fs
[  311.226698][T11245] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.2701: bad orphan inode 13
[  311.238394][T11245] ext4_test_bit(bit=12, block=18) = 1
[  311.243845][T11245] is_bad_inode(inode)=0
[  311.248145][T11245] NEXT_ORPHAN(inode)=2130706432
[  311.253117][T11245] max_ino=32
[  311.256446][T11245] i_nlink=1
[  311.260284][T11245] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  311.293577][T11245] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.2701: deleted inode referenced: 12
[  311.308317][T11245] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.2701: deleted inode referenced: 12
[  311.368692][T11252] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2703'.
[  311.405482][T11254] dccp_invalid_packet: P.Data Offset(100) too large
[  311.413730][T11248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2702'.
[  311.471895][T11258] loop4: detected capacity change from 0 to 512
[  311.507702][T11258] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.520270][T11258] ext4 filesystem being mounted at /565/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  311.543169][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.576107][T11263] loop4: detected capacity change from 0 to 512
[  311.588078][T11263] loop4: detected capacity change from 0 to 512
[  311.719479][T11277] loop3: detected capacity change from 0 to 512
[  311.737638][T11277] EXT4-fs (loop3): too many log groups per flexible block group
[  311.745352][T11277] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  311.752367][T11277] EXT4-fs (loop3): mount failed
[  311.754527][T11265] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2709'.
[  311.795735][   T29] audit: type=1400 audit(1746583322.169:10582): avc:  denied  { read } for  pid=11282 comm="syz.3.2714" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  311.832156][   T29] audit: type=1400 audit(1746583322.199:10583): avc:  denied  { open } for  pid=11282 comm="syz.3.2714" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  311.867111][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.877673][   T29] audit: type=1326 audit(1746583322.249:10584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11282 comm="syz.3.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  311.901364][   T29] audit: type=1326 audit(1746583322.249:10585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11282 comm="syz.3.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  311.925206][   T29] audit: type=1326 audit(1746583322.249:10586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11282 comm="syz.3.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  312.026340][T11290] loop4: detected capacity change from 0 to 2048
[  312.131405][T11290] Alternate GPT is invalid, using primary GPT.
[  312.137858][T11290]  loop4: p2 p3 p7
[  312.215002][T11304] netlink: 'syz.3.2721': attribute type 30 has an invalid length.
[  312.602374][T11321] wireguard0: entered promiscuous mode
[  312.608316][T11321] wireguard0: entered allmulticast mode
[  312.959400][T11342] loop2: detected capacity change from 0 to 2048
[  312.970465][T11344] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2733'.
[  313.009125][T11342] Alternate GPT is invalid, using primary GPT.
[  313.015627][T11342]  loop2: p2 p3 p7
[  313.114275][T11351] loop0: detected capacity change from 0 to 512
[  313.158016][T11351] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.170636][T11351] ext4 filesystem being mounted at /549/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  313.232513][T11357] loop1: detected capacity change from 0 to 512
[  313.271670][T11357] EXT4-fs (loop1): too many log groups per flexible block group
[  313.279460][T11357] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  313.300512][T11357] EXT4-fs (loop1): mount failed
[  313.447983][T11374] loop1: detected capacity change from 0 to 512
[  313.483473][T11374] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.516138][T11374] ext4 filesystem being mounted at /529/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  313.611837][T11383] loop3: detected capacity change from 0 to 512
[  313.688191][T11383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.700812][T11383] ext4 filesystem being mounted at /517/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  313.976842][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.557346][T11387] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2747'.
[  314.836163][T11395] loop0: detected capacity change from 0 to 512
[  314.903990][T11395] EXT4-fs (loop0): too many log groups per flexible block group
[  314.911855][T11395] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  314.946264][T11395] EXT4-fs (loop0): mount failed
[  314.956725][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.973509][T11399] FAULT_INJECTION: forcing a failure.
[  314.973509][T11399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.986745][T11399] CPU: 1 UID: 0 PID: 11399 Comm: syz.2.2752 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  314.986794][T11399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  314.986809][T11399] Call Trace:
[  314.986817][T11399]  <TASK>
[  314.986826][T11399]  __dump_stack+0x1d/0x30
[  314.986851][T11399]  dump_stack_lvl+0xe8/0x140
[  314.986931][T11399]  dump_stack+0x15/0x1b
[  314.986951][T11399]  should_fail_ex+0x265/0x280
[  314.987017][T11399]  should_fail+0xb/0x20
[  314.987081][T11399]  should_fail_usercopy+0x1a/0x20
[  314.987102][T11399]  _copy_to_user+0x20/0xa0
[  314.987136][T11399]  simple_read_from_buffer+0xb5/0x130
[  314.987164][T11399]  proc_fail_nth_read+0x100/0x140
[  314.987196][T11399]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  314.987290][T11399]  vfs_read+0x19d/0x6f0
[  314.987386][T11399]  ? __rcu_read_unlock+0x4f/0x70
[  314.987411][T11399]  ? __fget_files+0x184/0x1c0
[  314.987446][T11399]  ksys_read+0xda/0x1a0
[  314.987473][T11399]  __x64_sys_read+0x40/0x50
[  314.987562][T11399]  x64_sys_call+0x2d77/0x2fb0
[  314.987594][T11399]  do_syscall_64+0xd0/0x1a0
[  314.987620][T11399]  ? clear_bhb_loop+0x25/0x80
[  314.987643][T11399]  ? clear_bhb_loop+0x25/0x80
[  314.987702][T11399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.987785][T11399] RIP: 0033:0x7efc6a9cd37c
[  314.987799][T11399] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  314.987820][T11399] RSP: 002b:00007efc69037030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  314.987842][T11399] RAX: ffffffffffffffda RBX: 00007efc6abf5fa0 RCX: 00007efc6a9cd37c
[  314.987856][T11399] RDX: 000000000000000f RSI: 00007efc690370a0 RDI: 0000000000000007
[  314.987886][T11399] RBP: 00007efc69037090 R08: 0000000000000000 R09: 0000000000000000
[  314.987901][T11399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.987921][T11399] R13: 0000000000000000 R14: 00007efc6abf5fa0 R15: 00007ffdcb063e58
[  314.987945][T11399]  </TASK>
[  315.395217][T11404] loop3: detected capacity change from 0 to 8192
[  315.448594][T11414] loop2: detected capacity change from 0 to 512
[  315.456818][T11404]  loop3: p1 p2 p3
[  315.465537][T11404] loop3: p2 start 3506442254 is beyond EOD, truncated
[  315.472429][T11404] loop3: p3 size 49412 extends beyond EOD, truncated
[  315.481297][T11414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.493859][T11414] ext4 filesystem being mounted at /574/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  315.570730][T11421] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2760'.
[  316.231388][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.500024][T11438] loop2: detected capacity change from 0 to 512
[  316.517630][T11442] loop3: detected capacity change from 0 to 512
[  316.538147][T11442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.550914][T11442] ext4 filesystem being mounted at /522/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  316.573126][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.591585][T11438] EXT4-fs (loop2): too many log groups per flexible block group
[  316.599398][T11438] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  316.617507][T11438] EXT4-fs (loop2): mount failed
[  316.684583][   T29] kauditd_printk_skb: 139 callbacks suppressed
[  316.684640][   T29] audit: type=1400 audit(1746583327.059:10726): avc:  denied  { create } for  pid=11452 comm="syz.0.2772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  316.713601][T11454] ieee802154 phy0 wpan0: encryption failed: -22
[  316.720819][T11454] netlink: 'kfree': attribute type 10 has an invalid length.
[  316.728328][T11454] netlink: 40 bytes leftover after parsing attributes in process `kfree'.
[  316.738068][   T29] audit: type=1400 audit(1746583327.089:10727): avc:  denied  { connect } for  pid=11452 comm="syz.0.2772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  316.758058][   T29] audit: type=1400 audit(1746583327.089:10728): avc:  denied  { write } for  pid=11452 comm="kfree" path="socket:[32170]" dev="sockfs" ino=32170 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  316.770903][T11454] dummy0: entered promiscuous mode
[  316.781461][   T29] audit: type=1400 audit(1746583327.089:10729): avc:  denied  { setopt } for  pid=11457 comm="syz.2.2773" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  316.806012][   T29] audit: type=1400 audit(1746583327.089:10730): avc:  denied  { create } for  pid=11452 comm="kfree" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  316.825808][   T29] audit: type=1400 audit(1746583327.089:10731): avc:  denied  { write } for  pid=11452 comm="kfree" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  316.857362][T11454] bridge0: port 3(dummy0) entered blocking state
[  316.860148][T11464] loop4: detected capacity change from 0 to 512
[  316.863762][T11454] bridge0: port 3(dummy0) entered disabled state
[  316.878845][T11454] dummy0: entered allmulticast mode
[  316.884866][T11454] bridge0: port 3(dummy0) entered blocking state
[  316.891263][T11454] bridge0: port 3(dummy0) entered forwarding state
[  316.900336][T11465] IPv6: Can't replace route, no match found
[  316.908196][T11465] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2775'.
[  316.921116][T11465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2775'.
[  316.945268][   T29] audit: type=1400 audit(1746583327.289:10732): avc:  denied  { create } for  pid=11462 comm="syz.2.2775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  316.950499][T11470] loop2: detected capacity change from 0 to 512
[  316.965201][   T29] audit: type=1400 audit(1746583327.289:10733): avc:  denied  { connect } for  pid=11462 comm="syz.2.2775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  316.982878][T11463] loop3: detected capacity change from 0 to 512
[  316.991552][   T29] audit: type=1400 audit(1746583327.359:10734): avc:  denied  { connect } for  pid=11452 comm="syz.0.2772" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  317.038687][T11470] loop2: detected capacity change from 0 to 512
[  317.056640][T11463] EXT4-fs: Ignoring removed orlov option
[  317.086632][T11464] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.116860][T11463] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.2774: corrupted in-inode xattr: invalid ea_ino
[  317.152731][T11463] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2774: couldn't read orphan inode 15 (err -117)
[  317.165790][T11478] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2779'.
[  317.174913][T11464] ext4 filesystem being mounted at /580/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  317.176158][   T29] audit: type=1326 audit(1746583327.549:10735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11475 comm="syz.2.2778" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc6a9ce969 code=0x0
[  317.195853][T11463] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.254299][T11460] FAULT_INJECTION: forcing a failure.
[  317.254299][T11460] name failslab, interval 1, probability 0, space 0, times 0
[  317.267005][T11460] CPU: 0 UID: 0 PID: 11460 Comm: syz.3.2774 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  317.267040][T11460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  317.267077][T11460] Call Trace:
[  317.267092][T11460]  <TASK>
[  317.267102][T11460]  __dump_stack+0x1d/0x30
[  317.267129][T11460]  dump_stack_lvl+0xe8/0x140
[  317.267154][T11460]  dump_stack+0x15/0x1b
[  317.267173][T11460]  should_fail_ex+0x265/0x280
[  317.267203][T11460]  ? sctp_add_bind_addr+0x71/0x1e0
[  317.267229][T11460]  should_failslab+0x8c/0xb0
[  317.267346][T11460]  __kmalloc_cache_noprof+0x4c/0x320
[  317.267372][T11460]  sctp_add_bind_addr+0x71/0x1e0
[  317.267403][T11460]  sctp_copy_local_addr_list+0x199/0x220
[  317.267502][T11460]  sctp_copy_one_addr+0x7f/0x280
[  317.267535][T11460]  sctp_bind_addr_copy+0x79/0x290
[  317.267567][T11460]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[  317.267590][T11460]  sctp_connect_new_asoc+0x1c3/0x3a0
[  317.267636][T11460]  sctp_sendmsg+0xf10/0x18d0
[  317.267754][T11460]  ? __pfx_sctp_sendmsg+0x10/0x10
[  317.267858][T11460]  inet_sendmsg+0xc2/0xd0
[  317.267901][T11460]  __sock_sendmsg+0x102/0x180
[  317.268001][T11460]  ____sys_sendmsg+0x31e/0x4e0
[  317.268023][T11460]  ___sys_sendmsg+0x17b/0x1d0
[  317.268056][T11460]  __x64_sys_sendmsg+0xd4/0x160
[  317.268117][T11460]  x64_sys_call+0x2999/0x2fb0
[  317.268144][T11460]  do_syscall_64+0xd0/0x1a0
[  317.268172][T11460]  ? clear_bhb_loop+0x25/0x80
[  317.268229][T11460]  ? clear_bhb_loop+0x25/0x80
[  317.268255][T11460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.268342][T11460] RIP: 0033:0x7f01b912e969
[  317.268358][T11460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.268380][T11460] RSP: 002b:00007f01b7797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.268404][T11460] RAX: ffffffffffffffda RBX: 00007f01b9355fa0 RCX: 00007f01b912e969
[  317.268493][T11460] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000005
[  317.268504][T11460] RBP: 00007f01b7797090 R08: 0000000000000000 R09: 0000000000000000
[  317.268515][T11460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  317.268530][T11460] R13: 0000000000000000 R14: 00007f01b9355fa0 R15: 00007ffcd995c9c8
[  317.268554][T11460]  </TASK>
[  317.577918][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.674691][T11487] FAULT_INJECTION: forcing a failure.
[  317.674691][T11487] name failslab, interval 1, probability 0, space 0, times 0
[  317.687516][T11487] CPU: 1 UID: 0 PID: 11487 Comm: syz.0.2783 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  317.687546][T11487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  317.687562][T11487] Call Trace:
[  317.687569][T11487]  <TASK>
[  317.687578][T11487]  __dump_stack+0x1d/0x30
[  317.687661][T11487]  dump_stack_lvl+0xe8/0x140
[  317.687758][T11487]  dump_stack+0x15/0x1b
[  317.687779][T11487]  should_fail_ex+0x265/0x280
[  317.687852][T11487]  should_failslab+0x8c/0xb0
[  317.687881][T11487]  kmem_cache_alloc_noprof+0x50/0x310
[  317.687990][T11487]  ? audit_log_start+0x365/0x6c0
[  317.688024][T11487]  audit_log_start+0x365/0x6c0
[  317.688056][T11487]  audit_seccomp+0x48/0x100
[  317.688107][T11487]  ? __seccomp_filter+0x68c/0x10d0
[  317.688132][T11487]  __seccomp_filter+0x69d/0x10d0
[  317.688200][T11487]  __secure_computing+0x82/0x150
[  317.688226][T11487]  syscall_trace_enter+0xcf/0x1e0
[  317.688253][T11487]  do_syscall_64+0xaa/0x1a0
[  317.688315][T11487]  ? clear_bhb_loop+0x25/0x80
[  317.688341][T11487]  ? clear_bhb_loop+0x25/0x80
[  317.688362][T11487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.688381][T11487] RIP: 0033:0x7fdc47ead37c
[  317.688442][T11487] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  317.688459][T11487] RSP: 002b:00007fdc46517030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  317.688481][T11487] RAX: ffffffffffffffda RBX: 00007fdc480d5fa0 RCX: 00007fdc47ead37c
[  317.688497][T11487] RDX: 000000000000000f RSI: 00007fdc465170a0 RDI: 0000000000000006
[  317.688513][T11487] RBP: 00007fdc46517090 R08: 0000000000000000 R09: 0000000000000000
[  317.688528][T11487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.688543][T11487] R13: 0000000000000000 R14: 00007fdc480d5fa0 R15: 00007ffd73cbc528
[  317.688592][T11487]  </TASK>
[  317.884875][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.248897][T11505] netlink: 'syz.2.2791': attribute type 1 has an invalid length.
[  318.296374][T11511] dccp_invalid_packet: P.Data Offset(100) too large
[  318.340261][T11515] loop1: detected capacity change from 0 to 2048
[  318.404289][T11515] Alternate GPT is invalid, using primary GPT.
[  318.410796][T11515]  loop1: p2 p3 p7
[  318.418743][T11517] loop2: detected capacity change from 0 to 512
[  318.449857][T11517] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.464843][T11517] ext4 filesystem being mounted at /583/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  318.573868][T11521] loop1: detected capacity change from 0 to 512
[  318.609375][T11521] EXT4-fs (loop1): orphan cleanup on readonly fs
[  318.639576][T11521] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.2796: bad orphan inode 13
[  318.676637][T11521] ext4_test_bit(bit=12, block=18) = 1
[  318.682065][T11521] is_bad_inode(inode)=0
[  318.686283][T11521] NEXT_ORPHAN(inode)=2130706432
[  318.691141][T11521] max_ino=32
[  318.694352][T11521] i_nlink=1
[  318.760917][T11521] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  318.842034][T11521] EXT4-fs error (device loop1): ext4_lookup:1793: inode #2: comm syz.1.2796: deleted inode referenced: 12
[  318.854418][T11521] EXT4-fs error (device loop1): ext4_lookup:1793: inode #2: comm syz.1.2796: deleted inode referenced: 12
[  319.381068][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.402563][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.449978][T11538] netlink: 'syz.4.2803': attribute type 1 has an invalid length.
[  319.503049][T11544] dccp_invalid_packet: P.Data Offset(100) too large
[  319.568692][T11548] loop0: detected capacity change from 0 to 2048
[  319.628927][T11548] Alternate GPT is invalid, using primary GPT.
[  319.635249][T11548]  loop0: p2 p3 p7
[  319.727103][T11552] loop3: detected capacity change from 0 to 512
[  319.848179][T11562] loop1: detected capacity change from 0 to 512
[  319.867232][T11562] EXT4-fs (loop1): orphan cleanup on readonly fs
[  319.873980][T11562] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.2812: bad orphan inode 13
[  319.904625][T11562] ext4_test_bit(bit=12, block=18) = 1
[  319.910222][T11562] is_bad_inode(inode)=0
[  319.914444][T11562] NEXT_ORPHAN(inode)=2130706432
[  319.919422][T11562] max_ino=32
[  319.922711][T11562] i_nlink=1
[  319.926312][T11562] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  319.947043][T11562] EXT4-fs error (device loop1): ext4_lookup:1793: inode #2: comm syz.1.2812: deleted inode referenced: 12
[  319.988248][T11562] EXT4-fs error (device loop1): ext4_lookup:1793: inode #2: comm syz.1.2812: deleted inode referenced: 12
[  320.193289][T11570] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2814'.
[  320.370158][T11570] team0 (unregistering): Port device team_slave_0 removed
[  320.396448][T11570] team0 (unregistering): Failed to send options change via netlink (err -105)
[  320.410080][T11570] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  320.423416][T11570] team0 (unregistering): Port device team_slave_1 removed
[  320.448439][T11570] team0 (unregistering): Failed to send options change via netlink (err -105)
[  320.466508][T11570] team0 (unregistering): Failed to send port change of device geneve1 via netlink (err -105)
[  320.479363][T11570] team0 (unregistering): Port device geneve1 removed
[  320.538344][T11543] loop4: detected capacity change from 0 to 512
[  320.568207][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.607766][T11577] netlink: 'syz.3.2816': attribute type 1 has an invalid length.
[  320.687356][T11585] dccp_invalid_packet: P.Data Offset(100) too large
[  320.710906][T11587] FAULT_INJECTION: forcing a failure.
[  320.710906][T11587] name failslab, interval 1, probability 0, space 0, times 0
[  320.723615][T11587] CPU: 0 UID: 0 PID: 11587 Comm: syz.3.2821 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  320.723646][T11587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  320.723658][T11587] Call Trace:
[  320.723665][T11587]  <TASK>
[  320.723672][T11587]  __dump_stack+0x1d/0x30
[  320.723694][T11587]  dump_stack_lvl+0xe8/0x140
[  320.723713][T11587]  dump_stack+0x15/0x1b
[  320.723740][T11587]  should_fail_ex+0x265/0x280
[  320.723781][T11587]  should_failslab+0x8c/0xb0
[  320.723813][T11587]  kmem_cache_alloc_noprof+0x50/0x310
[  320.723844][T11587]  ? vm_area_alloc+0x2c/0xb0
[  320.723872][T11587]  vm_area_alloc+0x2c/0xb0
[  320.723892][T11587]  mmap_region+0x81f/0x1470
[  320.723948][T11587]  do_mmap+0x9de/0xc20
[  320.723974][T11587]  vm_mmap_pgoff+0x17a/0x2e0
[  320.724005][T11587]  ksys_mmap_pgoff+0xc2/0x310
[  320.724035][T11587]  ? __x64_sys_mmap+0x49/0x70
[  320.724061][T11587]  x64_sys_call+0x1602/0x2fb0
[  320.724088][T11587]  do_syscall_64+0xd0/0x1a0
[  320.724109][T11587]  ? clear_bhb_loop+0x25/0x80
[  320.724135][T11587]  ? clear_bhb_loop+0x25/0x80
[  320.724160][T11587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.724179][T11587] RIP: 0033:0x7f01b912e9a3
[  320.724193][T11587] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  320.724210][T11587] RSP: 002b:00007f01b7796e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  320.724227][T11587] RAX: ffffffffffffffda RBX: 0000000000000467 RCX: 00007f01b912e9a3
[  320.724243][T11587] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  320.724255][T11587] RBP: 0000200000000102 R08: 00000000ffffffff R09: 0000000000000000
[  320.724266][T11587] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000007
[  320.724277][T11587] R13: 00007f01b7796ef0 R14: 00007f01b7796eb0 R15: 0000200000000000
[  320.724296][T11587]  </TASK>
[  320.747535][T11589] loop3: detected capacity change from 0 to 512
[  320.827118][T11591] FAULT_INJECTION: forcing a failure.
[  320.827118][T11591] name failslab, interval 1, probability 0, space 0, times 0
[  320.827151][T11591] CPU: 1 UID: 0 PID: 11591 Comm: syz.3.2823 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  320.827177][T11591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  320.827192][T11591] Call Trace:
[  320.827253][T11591]  <TASK>
[  320.827262][T11591]  __dump_stack+0x1d/0x30
[  320.827292][T11591]  dump_stack_lvl+0xe8/0x140
[  320.827310][T11591]  dump_stack+0x15/0x1b
[  320.827329][T11591]  should_fail_ex+0x265/0x280
[  320.827369][T11591]  ? audit_log_d_path+0x8d/0x150
[  320.827423][T11591]  should_failslab+0x8c/0xb0
[  320.827468][T11591]  __kmalloc_cache_noprof+0x4c/0x320
[  320.827497][T11591]  audit_log_d_path+0x8d/0x150
[  320.827534][T11591]  audit_log_d_path_exe+0x42/0x70
[  320.827631][T11591]  audit_log_task+0x1e9/0x250
[  320.827658][T11591]  audit_seccomp+0x61/0x100
[  320.827680][T11591]  ? __seccomp_filter+0x68c/0x10d0
[  320.827746][T11591]  __seccomp_filter+0x69d/0x10d0
[  320.827775][T11591]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  320.827854][T11591]  ? vfs_write+0x75e/0x8d0
[  320.827879][T11591]  ? __rcu_read_unlock+0x4f/0x70
[  320.827919][T11591]  ? __fget_files+0x184/0x1c0
[  320.827957][T11591]  __secure_computing+0x82/0x150
[  320.827983][T11591]  syscall_trace_enter+0xcf/0x1e0
[  320.828076][T11591]  do_syscall_64+0xaa/0x1a0
[  320.828103][T11591]  ? clear_bhb_loop+0x25/0x80
[  320.828127][T11591]  ? clear_bhb_loop+0x25/0x80
[  320.828147][T11591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.828230][T11591] RIP: 0033:0x7f01b912e969
[  320.828243][T11591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.828263][T11591] RSP: 002b:00007f01b7797038 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[  320.828284][T11591] RAX: ffffffffffffffda RBX: 00007f01b9355fa0 RCX: 00007f01b912e969
[  320.828296][T11591] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  320.828307][T11591] RBP: 00007f01b7797090 R08: 0000000000000000 R09: 0000000000000000
[  320.828319][T11591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.828367][T11591] R13: 0000000000000000 R14: 00007f01b9355fa0 R15: 00007ffcd995c9c8
[  320.828392][T11591]  </TASK>
[  321.354004][T11597] loop4: detected capacity change from 0 to 512
[  321.613169][T11597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.626530][T11601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2826'.
[  321.635621][T11597] ext4 filesystem being mounted at /583/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  321.649035][T11597] EXT4-fs error (device loop4): ext4_search_dir:1476: inode #2: block 3: comm syz.4.2825: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[  321.688473][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.704198][   T29] kauditd_printk_skb: 73 callbacks suppressed
[  321.704215][   T29] audit: type=1400 audit(1746583332.079:10807): avc:  denied  { read } for  pid=11596 comm="syz.4.2825" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  321.790644][   T29] audit: type=1326 audit(1746583332.169:10808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  321.815183][   T29] audit: type=1326 audit(1746583332.189:10809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  321.838967][   T29] audit: type=1326 audit(1746583332.209:10810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  321.862601][   T29] audit: type=1326 audit(1746583332.209:10811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  321.886230][   T29] audit: type=1326 audit(1746583332.209:10812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  321.909816][   T29] audit: type=1326 audit(1746583332.209:10813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  321.933477][   T29] audit: type=1326 audit(1746583332.209:10814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  321.957207][   T29] audit: type=1326 audit(1746583332.219:10815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  321.981287][   T29] audit: type=1326 audit(1746583332.219:10816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11609 comm="syz.3.2830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01b912e969 code=0x7ffc0000
[  322.016120][T11619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2832'.
[  322.069122][T11619] loop1: detected capacity change from 0 to 512
[  322.095944][T11619] EXT4-fs: Invalid want_extra_isize 2
[  322.101779][T11627] loop2: detected capacity change from 0 to 512
[  322.139972][T11627] EXT4-fs (loop2): too many log groups per flexible block group
[  322.147712][T11627] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  322.173406][T11627] EXT4-fs (loop2): mount failed
[  322.182352][T11615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2834'.
[  322.219667][T11633] loop2: detected capacity change from 0 to 512
[  322.282062][T11638] sd 0:0:1:0: device reset
[  322.286759][T11637] loop0: detected capacity change from 0 to 512
[  322.356927][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.427641][T11648] loop2: detected capacity change from 0 to 512
[  322.448198][T11648] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.462030][T11648] ext4 filesystem being mounted at /588/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  322.611692][T11647] FAULT_INJECTION: forcing a failure.
[  322.611692][T11647] name failslab, interval 1, probability 0, space 0, times 0
[  322.624376][T11647] CPU: 1 UID: 0 PID: 11647 Comm: syz.0.2842 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  322.624433][T11647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  322.624448][T11647] Call Trace:
[  322.624455][T11647]  <TASK>
[  322.624464][T11647]  __dump_stack+0x1d/0x30
[  322.624487][T11647]  dump_stack_lvl+0xe8/0x140
[  322.624512][T11647]  dump_stack+0x15/0x1b
[  322.624534][T11647]  should_fail_ex+0x265/0x280
[  322.624587][T11647]  should_failslab+0x8c/0xb0
[  322.624624][T11647]  __kmalloc_noprof+0xa5/0x3e0
[  322.624647][T11647]  ? sk_prot_alloc+0xa8/0x190
[  322.624684][T11647]  sk_prot_alloc+0xa8/0x190
[  322.624763][T11647]  sk_alloc+0x34/0x360
[  322.624801][T11647]  bt_sock_alloc+0x3a/0x210
[  322.624828][T11647]  l2cap_sock_create+0x107/0x210
[  322.624875][T11647]  bt_sock_create+0xf6/0x240
[  322.624905][T11647]  __sock_create+0x2e9/0x5b0
[  322.624933][T11647]  __sys_socket+0xb0/0x180
[  322.625037][T11647]  __x64_sys_socket+0x3f/0x50
[  322.625070][T11647]  x64_sys_call+0x285a/0x2fb0
[  322.625097][T11647]  do_syscall_64+0xd0/0x1a0
[  322.625125][T11647]  ? clear_bhb_loop+0x25/0x80
[  322.625146][T11647]  ? clear_bhb_loop+0x25/0x80
[  322.625230][T11647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.625250][T11647] RIP: 0033:0x7fdc47eae969
[  322.625264][T11647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.625293][T11647] RSP: 002b:00007fdc46516fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  322.625310][T11647] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fdc47eae969
[  322.625322][T11647] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000001f
[  322.625398][T11647] RBP: 00007fdc46517090 R08: 0000000000000000 R09: 0000000000000000
[  322.625410][T11647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  322.625425][T11647] R13: 0000000000000000 R14: 00007fdc480d5fa0 R15: 00007ffd73cbc528
[  322.625446][T11647]  </TASK>
[  323.011410][T11662] loop3: detected capacity change from 0 to 2048
[  323.035706][T11664] loop0: detected capacity change from 0 to 512
[  323.061305][T11662] Alternate GPT is invalid, using primary GPT.
[  323.067721][T11662]  loop3: p2 p3 p7
[  323.087006][T11664] EXT4-fs (loop0): orphan cleanup on readonly fs
[  323.117753][T11664] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2846: bad orphan inode 13
[  323.152283][T11664] ext4_test_bit(bit=12, block=18) = 1
[  323.157839][T11664] is_bad_inode(inode)=0
[  323.162063][T11664] NEXT_ORPHAN(inode)=2130706432
[  323.167041][T11664] max_ino=32
[  323.170263][T11664] i_nlink=1
[  323.175268][T11664] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  323.196316][T11664] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  323.214751][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.275636][T11676] dccp_invalid_packet: P.Data Offset(100) too large
[  323.415578][T11683] loop4: detected capacity change from 0 to 512
[  323.440583][T11685] loop0: detected capacity change from 0 to 512
[  323.447876][T11683] EXT4-fs (loop4): too many log groups per flexible block group
[  323.455752][T11683] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  323.474144][T11683] EXT4-fs (loop4): mount failed
[  324.432745][T11707] loop4: detected capacity change from 0 to 512
[  324.459218][T11707] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.477491][T11707] ext4 filesystem being mounted at /589/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  325.076663][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.147781][T11718] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2868'.
[  325.156856][T11718] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2868'.
[  325.165820][T11718] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2868'.
[  325.184132][T11718] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2868'.
[  325.224798][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.331444][T11736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  325.378429][T11736] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  325.412043][T11736] ªªªªªª: renamed from vlan0 (while UP)
[  326.071356][T11775] Invalid ELF header magic: != ELF
[  326.115688][T11766] loop0: detected capacity change from 0 to 2048
[  326.124716][T11785] loop2: detected capacity change from 0 to 128
[  326.145827][T11789] loop3: detected capacity change from 0 to 1024
[  326.154545][T11789] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  326.165547][T11789] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  326.177508][T11789] JBD2: no valid journal superblock found
[  326.183434][T11789] EXT4-fs (loop3): Could not load journal inode
[  326.220857][T11789] FAULT_INJECTION: forcing a failure.
[  326.220857][T11789] name failslab, interval 1, probability 0, space 0, times 0
[  326.233580][T11789] CPU: 1 UID: 0 PID: 11789 Comm: syz.3.2898 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  326.233695][T11789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  326.233712][T11789] Call Trace:
[  326.233720][T11789]  <TASK>
[  326.233729][T11789]  __dump_stack+0x1d/0x30
[  326.233750][T11789]  dump_stack_lvl+0xe8/0x140
[  326.233776][T11789]  dump_stack+0x15/0x1b
[  326.233802][T11789]  should_fail_ex+0x265/0x280
[  326.233843][T11789]  should_failslab+0x8c/0xb0
[  326.233871][T11789]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  326.233900][T11789]  ? security_context_to_sid_core+0x69/0x3b0
[  326.234006][T11789]  kmemdup_nul+0x36/0xc0
[  326.234045][T11789]  security_context_to_sid_core+0x69/0x3b0
[  326.234103][T11789]  security_context_str_to_sid+0x33/0x40
[  326.234136][T11789]  selinux_add_opt+0x1de/0x270
[  326.234170][T11789]  selinux_fs_context_parse_param+0x7d/0xb0
[  326.234280][T11789]  security_fs_context_parse_param+0x65/0x130
[  326.234318][T11789]  vfs_parse_fs_param+0x103/0x2a0
[  326.234347][T11789]  vfs_parse_fs_string+0x98/0xe0
[  326.234433][T11789]  nfs_fs_context_parse_monolithic+0xcd1/0x1280
[  326.234477][T11789]  parse_monolithic_mount_data+0x43/0x60
[  326.234510][T11789]  do_new_mount+0x1da/0x680
[  326.234581][T11789]  path_mount+0x4a4/0xb20
[  326.234648][T11789]  ? user_path_at+0x109/0x130
[  326.234673][T11789]  __se_sys_mount+0x28f/0x2e0
[  326.234703][T11789]  ? fput+0x8f/0xc0
[  326.234725][T11789]  __x64_sys_mount+0x67/0x80
[  326.234785][T11789]  x64_sys_call+0xd36/0x2fb0
[  326.234813][T11789]  do_syscall_64+0xd0/0x1a0
[  326.234841][T11789]  ? clear_bhb_loop+0x25/0x80
[  326.234902][T11789]  ? clear_bhb_loop+0x25/0x80
[  326.234930][T11789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.234987][T11789] RIP: 0033:0x7f01b912e969
[  326.235007][T11789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.235089][T11789] RSP: 002b:00007f01b7797038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  326.235107][T11789] RAX: ffffffffffffffda RBX: 00007f01b9355fa0 RCX: 00007f01b912e969
[  326.235122][T11789] RDX: 00002000000000c0 RSI: 0000200000000240 RDI: 0000000000000000
[  326.235138][T11789] RBP: 00007f01b7797090 R08: 0000200000000000 R09: 0000000000000000
[  326.235154][T11789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  326.235241][T11789] R13: 0000000000000000 R14: 00007f01b9355fa0 R15: 00007ffcd995c9c8
[  326.235263][T11789]  </TASK>
[  326.235277][T11789] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-12
[  326.318921][T11766] Alternate GPT is invalid, using primary GPT.
[  326.368226][T11793] loop4: detected capacity change from 0 to 8192
[  326.372494][T11766]  loop0: p2 p3 p7
[  326.506953][T11793] FAULT_INJECTION: forcing a failure.
[  326.506953][T11793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.520601][T11793] CPU: 1 UID: 0 PID: 11793 Comm: syz.4.2900 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  326.520642][T11793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  326.520658][T11793] Call Trace:
[  326.520667][T11793]  <TASK>
[  326.520695][T11793]  __dump_stack+0x1d/0x30
[  326.520730][T11793]  dump_stack_lvl+0xe8/0x140
[  326.520754][T11793]  dump_stack+0x15/0x1b
[  326.520775][T11793]  should_fail_ex+0x265/0x280
[  326.520841][T11793]  should_fail+0xb/0x20
[  326.520877][T11793]  should_fail_usercopy+0x1a/0x20
[  326.520896][T11793]  strncpy_from_user+0x25/0x230
[  326.520920][T11793]  ? kmem_cache_alloc_noprof+0x28f/0x310
[  326.520955][T11793]  ? getname_flags+0x80/0x3b0
[  326.520997][T11793]  getname_flags+0xae/0x3b0
[  326.521034][T11793]  user_path_at+0x28/0x130
[  326.521058][T11793]  do_sys_truncate+0x5c/0x130
[  326.521148][T11793]  __x64_sys_truncate+0x31/0x40
[  326.521225][T11793]  x64_sys_call+0x2920/0x2fb0
[  326.521329][T11793]  do_syscall_64+0xd0/0x1a0
[  326.521356][T11793]  ? clear_bhb_loop+0x25/0x80
[  326.521382][T11793]  ? clear_bhb_loop+0x25/0x80
[  326.521401][T11793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.521419][T11793] RIP: 0033:0x7fe9b4a7e969
[  326.521438][T11793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.521454][T11793] RSP: 002b:00007fe9b30e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  326.521470][T11793] RAX: ffffffffffffffda RBX: 00007fe9b4ca5fa0 RCX: 00007fe9b4a7e969
[  326.521481][T11793] RDX: 0000000000000000 RSI: 0000000000005c00 RDI: 0000200000000140
[  326.521491][T11793] RBP: 00007fe9b30e7090 R08: 0000000000000000 R09: 0000000000000000
[  326.521503][T11793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.521541][T11793] R13: 0000000000000000 R14: 00007fe9b4ca5fa0 R15: 00007ffe99d0ec28
[  326.521558][T11793]  </TASK>
[  326.721742][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  326.721755][   T29] audit: type=1400 audit(1746583337.099:10936): avc:  denied  { read } for  pid=2987 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  326.750438][   T29] audit: type=1400 audit(1746583337.099:10937): avc:  denied  { search } for  pid=2987 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  326.772254][   T29] audit: type=1400 audit(1746583337.099:10938): avc:  denied  { append } for  pid=2987 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  326.794753][   T29] audit: type=1400 audit(1746583337.099:10939): avc:  denied  { open } for  pid=2987 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  326.817537][   T29] audit: type=1400 audit(1746583337.099:10940): avc:  denied  { getattr } for  pid=2987 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  326.941409][   T29] audit: type=1400 audit(1746583337.319:10941): avc:  denied  { mounton } for  pid=11802 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  327.050230][T11817] loop3: detected capacity change from 0 to 512
[  327.101243][T11815] loop1: detected capacity change from 0 to 8192
[  327.107939][T11817] EXT4-fs (loop3): too many log groups per flexible block group
[  327.115624][T11817] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  327.122581][T11817] EXT4-fs (loop3): mount failed
[  327.169210][T11815] syz.1.2910: attempt to access beyond end of device
[  327.169210][T11815] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  327.202006][T11815] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  327.209992][T11815] FAT-fs (loop1): Filesystem has been set read-only
[  327.245179][T11815] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  327.256975][T11815] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  327.306890][T11802] chnl_net:caif_netlink_parms(): no params data found
[  327.411714][T11802] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.418878][T11802] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.426245][T11802] bridge_slave_0: entered allmulticast mode
[  327.432970][T11802] bridge_slave_0: entered promiscuous mode
[  327.440062][T11802] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.447176][T11802] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.454534][T11802] bridge_slave_1: entered allmulticast mode
[  327.461366][T11802] bridge_slave_1: entered promiscuous mode
[  327.480801][T11802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  327.491773][T11802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  327.503745][T11850] FAULT_INJECTION: forcing a failure.
[  327.503745][T11850] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  327.516868][T11850] CPU: 1 UID: 0 PID: 11850 Comm: syz.1.2918 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  327.516905][T11850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  327.516918][T11850] Call Trace:
[  327.516924][T11850]  <TASK>
[  327.516931][T11850]  __dump_stack+0x1d/0x30
[  327.516985][T11850]  dump_stack_lvl+0xe8/0x140
[  327.517006][T11850]  dump_stack+0x15/0x1b
[  327.517026][T11850]  should_fail_ex+0x265/0x280
[  327.517067][T11850]  should_fail+0xb/0x20
[  327.517136][T11850]  should_fail_usercopy+0x1a/0x20
[  327.517159][T11850]  _copy_from_user+0x1c/0xb0
[  327.517178][T11850]  __copy_msghdr+0x244/0x300
[  327.517202][T11850]  ___sys_sendmsg+0x109/0x1d0
[  327.517286][T11850]  __x64_sys_sendmsg+0xd4/0x160
[  327.517316][T11850]  x64_sys_call+0x2999/0x2fb0
[  327.517339][T11850]  do_syscall_64+0xd0/0x1a0
[  327.517363][T11850]  ? clear_bhb_loop+0x25/0x80
[  327.517447][T11850]  ? clear_bhb_loop+0x25/0x80
[  327.517514][T11850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.517538][T11850] RIP: 0033:0x7f2acdcee969
[  327.517554][T11850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.517572][T11850] RSP: 002b:00007f2acc357038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  327.517649][T11850] RAX: ffffffffffffffda RBX: 00007f2acdf15fa0 RCX: 00007f2acdcee969
[  327.517661][T11850] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[  327.517672][T11850] RBP: 00007f2acc357090 R08: 0000000000000000 R09: 0000000000000000
[  327.517683][T11850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.517695][T11850] R13: 0000000000000000 R14: 00007f2acdf15fa0 R15: 00007ffdf731e0e8
[  327.517716][T11850]  </TASK>
[  327.705955][T11802] team0: Port device team_slave_0 added
[  327.713036][T11802] team0: Port device team_slave_1 added
[  327.734746][T11802] batman_adv: batadv0: Adding interface: batadv_slave_0
[  327.741813][T11802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.767894][T11802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  327.814703][T11802] batman_adv: batadv0: Adding interface: batadv_slave_1
[  327.817141][T11859] loop1: detected capacity change from 0 to 512
[  327.821731][T11802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.854020][T11802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  327.882852][T11802] hsr_slave_0: entered promiscuous mode
[  327.889033][T11802] hsr_slave_1: entered promiscuous mode
[  327.895012][T11802] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  327.902750][T11802] Cannot create hsr debugfs directory
[  327.925306][T11863] loop4: detected capacity change from 0 to 512
[  327.976820][T11863] EXT4-fs (loop4): too many log groups per flexible block group
[  327.984534][T11863] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  328.018396][T11863] EXT4-fs (loop4): mount failed
[  328.019509][T11802] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.097988][T11802] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.139049][T11802] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.182583][T11888] loop1: detected capacity change from 0 to 512
[  328.235891][T11802] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.244177][T11893] FAULT_INJECTION: forcing a failure.
[  328.244177][T11893] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.259004][T11893] CPU: 1 UID: 0 PID: 11893 Comm: syz.3.2935 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  328.259037][T11893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  328.259126][T11893] Call Trace:
[  328.259135][T11893]  <TASK>
[  328.259145][T11893]  __dump_stack+0x1d/0x30
[  328.259170][T11893]  dump_stack_lvl+0xe8/0x140
[  328.259195][T11893]  dump_stack+0x15/0x1b
[  328.259216][T11893]  should_fail_ex+0x265/0x280
[  328.259317][T11893]  should_fail+0xb/0x20
[  328.259358][T11893]  should_fail_usercopy+0x1a/0x20
[  328.259383][T11893]  _copy_from_user+0x1c/0xb0
[  328.259444][T11893]  rds_rdma_extra_size+0xe2/0x270
[  328.259462][T11893]  ? krealloc_noprof+0x133/0x2c0
[  328.259483][T11893]  rds_rm_size+0x326/0x490
[  328.259512][T11893]  rds_sendmsg+0x842/0x14a0
[  328.259562][T11893]  ? __pfx_rds_sendmsg+0x10/0x10
[  328.259589][T11893]  __sock_sendmsg+0x142/0x180
[  328.259622][T11893]  ____sys_sendmsg+0x31e/0x4e0
[  328.259677][T11893]  ___sys_sendmsg+0x17b/0x1d0
[  328.259706][T11893]  __x64_sys_sendmsg+0xd4/0x160
[  328.259728][T11893]  x64_sys_call+0x2999/0x2fb0
[  328.259755][T11893]  do_syscall_64+0xd0/0x1a0
[  328.259789][T11893]  ? clear_bhb_loop+0x25/0x80
[  328.259817][T11893]  ? clear_bhb_loop+0x25/0x80
[  328.259841][T11893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.259890][T11893] RIP: 0033:0x7f01b912e969
[  328.259909][T11893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.259931][T11893] RSP: 002b:00007f01b7797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  328.260019][T11893] RAX: ffffffffffffffda RBX: 00007f01b9355fa0 RCX: 00007f01b912e969
[  328.260031][T11893] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000008
[  328.260043][T11893] RBP: 00007f01b7797090 R08: 0000000000000000 R09: 0000000000000000
[  328.260055][T11893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.260066][T11893] R13: 0000000000000000 R14: 00007f01b9355fa0 R15: 00007ffcd995c9c8
[  328.260084][T11893]  </TASK>
[  328.495117][T11888] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.535618][T11888] ext4 filesystem being mounted at /560/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  328.557273][T11802] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  328.574342][T11802] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  328.586647][T11802] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  328.596508][T11802] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  328.649827][T11802] 8021q: adding VLAN 0 to HW filter on device bond0
[  328.660023][ T7063] bridge_slave_1: left allmulticast mode
[  328.665737][ T7063] bridge_slave_1: left promiscuous mode
[  328.671606][ T7063] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.699189][ T7063] bridge_slave_0: left allmulticast mode
[  328.704901][ T7063] bridge_slave_0: left promiscuous mode
[  328.710863][ T7063] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.752202][ T7063] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  328.799195][   T29] audit: type=1400 audit(1746583339.179:10942): avc:  denied  { recv } for  pid=7063 comm="kworker/u8:9" saddr=10.128.0.163 src=37434 daddr=10.128.0.97 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  328.815172][T11907] FAULT_INJECTION: forcing a failure.
[  328.815172][T11907] name failslab, interval 1, probability 0, space 0, times 0
[  328.837509][T11907] CPU: 1 UID: 0 PID: 11907 Comm: syz.0.2939 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  328.837541][T11907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  328.837557][T11907] Call Trace:
[  328.837564][T11907]  <TASK>
[  328.837571][T11907]  __dump_stack+0x1d/0x30
[  328.837595][T11907]  dump_stack_lvl+0xe8/0x140
[  328.837618][T11907]  dump_stack+0x15/0x1b
[  328.837638][T11907]  should_fail_ex+0x265/0x280
[  328.837671][T11907]  ? hugetlb_reserve_pages+0x3e4/0xb70
[  328.837703][T11907]  should_failslab+0x8c/0xb0
[  328.837736][T11907]  __kmalloc_cache_noprof+0x4c/0x320
[  328.837757][T11907]  hugetlb_reserve_pages+0x3e4/0xb70
[  328.837782][T11907]  ? touch_atime+0x106/0x330
[  328.837811][T11907]  hugetlbfs_file_mmap+0x27e/0x330
[  328.837839][T11907]  mmap_region+0xc80/0x1470
[  328.837896][T11907]  do_mmap+0x9de/0xc20
[  328.837921][T11907]  __se_sys_remap_file_pages+0x55e/0x600
[  328.837952][T11907]  ? fput+0x8f/0xc0
[  328.837975][T11907]  __x64_sys_remap_file_pages+0x67/0x80
[  328.838006][T11907]  x64_sys_call+0x2c64/0x2fb0
[  328.838025][T11907]  do_syscall_64+0xd0/0x1a0
[  328.838046][T11907]  ? clear_bhb_loop+0x25/0x80
[  328.838071][T11907]  ? clear_bhb_loop+0x25/0x80
[  328.838096][T11907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.838122][T11907] RIP: 0033:0x7fdc47eae969
[  328.838140][T11907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.838158][T11907] RSP: 002b:00007fdc46517038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  328.838194][T11907] RAX: ffffffffffffffda RBX: 00007fdc480d5fa0 RCX: 00007fdc47eae969
[  328.838209][T11907] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000800000
[  328.838225][T11907] RBP: 00007fdc46517090 R08: 0000000000000000 R09: 0000000000000000
[  328.838241][T11907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.838256][T11907] R13: 0000000000000000 R14: 00007fdc480d5fa0 R15: 00007ffd73cbc528
[  328.838280][T11907]  </TASK>
[  328.838294][T11907] HugeTLB: unable to allocate vma specific lock
[  329.052208][ T7063] batman_adv: batadv0: Removing interface: ip6gretap1
[  329.080318][T11909] loop0: detected capacity change from 0 to 512
[  329.103472][T11909] EXT4-fs (loop0): too many log groups per flexible block group
[  329.111424][T11909] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  329.116423][ T7063] team0: Port device geneve1 removed
[  329.120417][T11909] EXT4-fs (loop0): mount failed
[  329.179444][T11918] loop0: detected capacity change from 0 to 164
[  329.189186][T11918] Cannot find del_set index 1 as target
[  329.191123][   T29] audit: type=1400 audit(1746583339.569:10943): avc:  denied  { mount } for  pid=11916 comm="syz.0.2943" name="/" dev="loop0" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  329.351827][T11925] iso9660: Corrupted directory entry in block 4 of inode 1792
[  329.487105][T11931] netlink: 'syz.3.2948': attribute type 1 has an invalid length.
[  329.508109][ T2273] smc: removing ib device syz0
[  329.515525][ T7063] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.525886][ T7063] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.540907][ T7063] bond0 (unregistering): Released all slaves
[  329.576236][   T29] audit: type=1400 audit(1746583339.949:10944): avc:  denied  { unmount } for  pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  329.598537][T11802] 8021q: adding VLAN 0 to HW filter on device team0
[  329.622625][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.629739][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  329.668131][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.675291][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.686297][T11935] loop0: detected capacity change from 0 to 512
[  329.692782][T11939] loop3: detected capacity change from 0 to 512
[  329.717765][T11939] EXT4-fs (loop3): too many log groups per flexible block group
[  329.725608][T11939] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  329.742507][T11802] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  329.752932][T11802] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  329.763928][T11935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.778530][T11939] EXT4-fs (loop3): mount failed
[  329.793254][T11935] ext4 filesystem being mounted at /596/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  329.822215][   T29] audit: type=1400 audit(1746583340.189:10945): avc:  denied  { write } for  pid=11934 comm="syz.0.2950" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  329.875860][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.934264][T11802] 8021q: adding VLAN 0 to HW filter on device batadv0
[  330.074192][ T7063] hsr_slave_0: left promiscuous mode
[  330.083277][ T7063] hsr_slave_1: left promiscuous mode
[  330.089280][ T7063] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.096875][ T7063] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.097964][T11973] loop0: detected capacity change from 0 to 2048
[  330.111002][ T7063] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.118630][ T7063] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.130689][ T7063] veth1_macvtap: left promiscuous mode
[  330.136306][ T7063] veth0_macvtap: left promiscuous mode
[  330.142203][ T7063] veth1_vlan: left promiscuous mode
[  330.149063][ T7063] veth0_vlan: left promiscuous mode
[  330.170319][T11973] Alternate GPT is invalid, using primary GPT.
[  330.176709][T11973]  loop0: p2 p3 p7
[  330.240801][ T7063] team0 (unregistering): Port device team_slave_1 removed
[  330.254455][ T7063] team0 (unregistering): Port device team_slave_0 removed
[  330.301486][T11802] veth0_vlan: entered promiscuous mode
[  330.312447][T11802] veth1_vlan: entered promiscuous mode
[  330.337573][T11802] veth0_macvtap: entered promiscuous mode
[  330.353581][T11802] veth1_macvtap: entered promiscuous mode
[  330.367885][T11802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.378516][T11802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.388387][T11802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.398993][T11802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.408929][T11802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.419481][T11802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.429317][T11802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.439789][T11802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.452426][T11802] batman_adv: batadv0: Interface activated: batadv_slave_0
[  330.463626][T11802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.474220][T11802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.474237][T11802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.474255][T11802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.474267][T11802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.474281][T11802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.474293][T11802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.474360][T11802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.475099][T11802] batman_adv: batadv0: Interface activated: batadv_slave_1
[  330.477665][T11802] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  330.563056][T11802] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  330.571828][T11802] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.580695][T11802] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.638254][T11987] netlink: 'syz.0.2966': attribute type 1 has an invalid length.
[  330.723038][ T7063] IPVS: stop unused estimator thread 0...
[  330.930710][T12007] loop4: detected capacity change from 0 to 512
[  330.990284][T12007] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.017241][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.038947][T12007] ext4 filesystem being mounted at /611/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  331.039528][T11994] chnl_net:caif_netlink_parms(): no params data found
[  331.070185][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.123806][T12020] netlink: 'syz.3.2975': attribute type 7 has an invalid length.
[  331.123819][T11994] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.123850][T11994] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.124010][T11994] bridge_slave_0: entered allmulticast mode
[  331.131762][T12020] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2975'.
[  331.165610][T11994] bridge_slave_0: entered promiscuous mode
[  331.177274][T11994] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.184522][T11994] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.202264][T11994] bridge_slave_1: entered allmulticast mode
[  331.209079][T11994] bridge_slave_1: entered promiscuous mode
[  331.226830][T12028] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1001 sclass=netlink_route_socket pid=12028 comm=syz.3.2975
[  331.320562][T12033] loop4: detected capacity change from 0 to 512
[  331.337370][T11994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.378561][T11994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.391791][T12033] EXT4-fs (loop4): too many log groups per flexible block group
[  331.399527][T12033] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  331.411622][T12033] EXT4-fs (loop4): mount failed
[  331.423572][T11994] team0: Port device team_slave_0 added
[  331.461286][T11994] team0: Port device team_slave_1 added
[  331.494689][T11994] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.501790][T11994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.527746][T11994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.551020][T11994] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.558126][T11994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.584127][T11994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  331.670128][T12050] loop4: detected capacity change from 0 to 512
[  331.680548][T11994] hsr_slave_0: entered promiscuous mode
[  331.690296][T11994] hsr_slave_1: entered promiscuous mode
[  331.705309][T11994] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  331.719250][T11994] Cannot create hsr debugfs directory
[  331.734287][T12050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.786378][T12050] ext4 filesystem being mounted at /615/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  331.828037][T11994] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.867832][T11994] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.907928][T11994] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.968554][T11994] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.076010][T11994] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  332.101553][T11994] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  332.122851][T11994] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  332.152201][T11994] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  332.222322][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  332.222341][   T29] audit: type=1400 audit(1746583342.599:10952): avc:  denied  { listen } for  pid=12061 comm="syz.3.2986" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  332.291359][T11994] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.315951][T12064] loop3: detected capacity change from 0 to 512
[  332.327363][T12064] EXT4-fs: Ignoring removed mblk_io_submit option
[  332.337043][   T29] audit: type=1400 audit(1746583342.719:10953): avc:  denied  { block_suspend } for  pid=12065 comm="syz.1.2988" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  332.339398][T12064] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  332.361867][T11994] 8021q: adding VLAN 0 to HW filter on device team0
[  332.408929][ T7204] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.416073][ T7204] bridge0: port 1(bridge_slave_0) entered forwarding state
[  332.427706][ T7204] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.434858][ T7204] bridge0: port 2(bridge_slave_1) entered forwarding state
[  332.444933][T12064] EXT4-fs (loop3): 1 truncate cleaned up
[  332.451652][T12064] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.520742][T12071] loop1: detected capacity change from 0 to 512
[  332.568134][T12071] EXT4-fs warning (device loop1): dx_probe:863: inode #2: comm syz.1.2990: dx entry: limit 1024 != root limit 124
[  332.580300][T12071] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.2990: Corrupt directory, running e2fsck is recommended
[  332.588771][T12073] netlink: 'syz.3.2987': attribute type 13 has an invalid length.
[  332.601705][T12071] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  332.611490][T12071] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.2990: corrupted in-inode xattr: invalid ea_ino
[  332.625148][T12071] EXT4-fs (loop1): Remounting filesystem read-only
[  332.633643][T12071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.647379][T12071] EXT4-fs warning (device loop1): dx_probe:863: inode #2: comm syz.1.2990: dx entry: limit 1024 != root limit 124
[  332.659515][T12071] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.2990: Corrupt directory, running e2fsck is recommended
[  332.674999][   T29] audit: type=1400 audit(1746583343.049:10954): avc:  denied  { read } for  pid=12070 comm="syz.1.2990" path="socket:[35229]" dev="sockfs" ino=35229 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  332.735050][T12073] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.742245][T12073] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.781412][T12073] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  332.792682][T12073] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  332.828130][T12073] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  332.836766][T12073] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  332.845155][T12073] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  332.853733][T12073] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  332.865861][T12073] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  332.889342][T11994] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.957609][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.991019][T11994] veth0_vlan: entered promiscuous mode
[  333.008192][T11994] veth1_vlan: entered promiscuous mode
[  333.014548][T12087] loop3: detected capacity change from 0 to 512
[  333.029148][T12089] FAULT_INJECTION: forcing a failure.
[  333.029148][T12089] name failslab, interval 1, probability 0, space 0, times 0
[  333.041887][T12089] CPU: 1 UID: 0 PID: 12089 Comm: syz.2.2992 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  333.041919][T12089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  333.041934][T12089] Call Trace:
[  333.041941][T12089]  <TASK>
[  333.041950][T12089]  __dump_stack+0x1d/0x30
[  333.041976][T12089]  dump_stack_lvl+0xe8/0x140
[  333.041998][T12089]  dump_stack+0x15/0x1b
[  333.042018][T12089]  should_fail_ex+0x265/0x280
[  333.042096][T12089]  should_failslab+0x8c/0xb0
[  333.042272][T12089]  kmem_cache_alloc_noprof+0x50/0x310
[  333.042306][T12089]  ? skb_clone+0x151/0x1f0
[  333.042351][T12089]  skb_clone+0x151/0x1f0
[  333.042375][T12089]  nfnetlink_rcv+0x305/0x1690
[  333.042404][T12089]  ? __kfree_skb+0x109/0x150
[  333.042434][T12089]  ? nlmon_xmit+0x4f/0x60
[  333.042532][T12089]  ? nlmon_xmit+0x4f/0x60
[  333.042556][T12089]  ? dev_hard_start_xmit+0x39e/0x3d0
[  333.042596][T12089]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  333.042612][T12089]  ? __dev_queue_xmit+0x182/0x1fb0
[  333.042631][T12089]  ? ref_tracker_free+0x37d/0x3e0
[  333.042729][T12089]  netlink_unicast+0x59e/0x670
[  333.042773][T12089]  netlink_sendmsg+0x58b/0x6b0
[  333.042815][T12089]  ? __pfx_netlink_sendmsg+0x10/0x10
[  333.042929][T12089]  __sock_sendmsg+0x142/0x180
[  333.042960][T12089]  ____sys_sendmsg+0x31e/0x4e0
[  333.043018][T12089]  ___sys_sendmsg+0x17b/0x1d0
[  333.043052][T12089]  __x64_sys_sendmsg+0xd4/0x160
[  333.043073][T12089]  x64_sys_call+0x2999/0x2fb0
[  333.043170][T12089]  do_syscall_64+0xd0/0x1a0
[  333.043222][T12089]  ? clear_bhb_loop+0x25/0x80
[  333.043242][T12089]  ? clear_bhb_loop+0x25/0x80
[  333.043282][T12089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.043360][T12089] RIP: 0033:0x7f232050e969
[  333.043453][T12089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.043470][T12089] RSP: 002b:00007f231eb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  333.043489][T12089] RAX: ffffffffffffffda RBX: 00007f2320735fa0 RCX: 00007f232050e969
[  333.043510][T12089] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  333.043525][T12089] RBP: 00007f231eb77090 R08: 0000000000000000 R09: 0000000000000000
[  333.043552][T12089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.043580][T12089] R13: 0000000000000000 R14: 00007f2320735fa0 R15: 00007ffe47e2da28
[  333.043597][T12089]  </TASK>
[  333.287592][T11994] veth0_macvtap: entered promiscuous mode
[  333.298385][T11994] veth1_macvtap: entered promiscuous mode
[  333.315170][T11994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.325684][T11994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.335626][T11994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.346178][T11994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.356123][T11994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.366683][T11994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.376540][T11994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.387010][T11994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.426368][T12087] EXT4-fs (loop3): too many log groups per flexible block group
[  333.434090][T12087] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  333.441126][T12087] EXT4-fs (loop3): mount failed
[  333.464871][T12094] loop2: detected capacity change from 0 to 2048
[  333.467091][T11994] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.492369][T11994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.502887][T11994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.512777][T11994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.523251][T11994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.533105][T11994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.543593][T11994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.553464][T11994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.563946][T11994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.574586][T11994] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.583209][T11994] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  333.591995][T11994] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.600874][T11994] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.609603][T11994] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  333.644049][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.655113][T12094] Alternate GPT is invalid, using primary GPT.
[  333.661502][T12094]  loop2: p2 p3 p7
[  333.729099][T12102] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2997'.
[  333.772178][T12105] loop0: detected capacity change from 0 to 128
[  333.815102][T12105] TCP: TCP_TX_DELAY enabled
[  333.820152][   T29] audit: type=1400 audit(1746583344.189:10955): avc:  denied  { write } for  pid=12104 comm="syz.0.2967" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  333.843149][   T29] audit: type=1400 audit(1746583344.189:10956): avc:  denied  { open } for  pid=12104 comm="syz.0.2967" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  333.943250][T12109] loop2: detected capacity change from 0 to 1024
[  334.002697][T12109] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.025114][T12109] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2998: bg 0: block 88: padding at end of block bitmap is not set
[  334.115980][T11802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.181923][   T29] audit: type=1400 audit(1746583344.559:10957): avc:  denied  { read } for  pid=12129 comm="syz.2.3001" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  334.185455][T12130] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  334.226257][T12130] batman_adv: batadv0: Adding interface: gretap1
[  334.232812][T12130] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.258256][T12130] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  334.268597][   T29] audit: type=1400 audit(1746583344.559:10958): avc:  denied  { open } for  pid=12129 comm="syz.2.3001" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  334.351771][   T29] audit: type=1400 audit(1746583344.729:10959): avc:  denied  { bind } for  pid=12136 comm="syz.2.3003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  334.423703][T12143] loop2: detected capacity change from 0 to 128
[  334.436806][T12141] loop0: detected capacity change from 0 to 512
[  334.453694][T12143] 9pnet_fd: Insufficient options for proto=fd
[  334.460003][   T29] audit: type=1400 audit(1746583344.829:10960): avc:  denied  { mounton } for  pid=12142 comm="syz.2.3005" path="/7/file2/file0" dev="loop2" ino=72 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  334.484836][T12143] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  334.492781][T12143] FAT-fs (loop2): Filesystem has been set read-only
[  334.509633][T12143] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  334.521865][T12119] chnl_net:caif_netlink_parms(): no params data found
[  334.529323][T12141] EXT4-fs (loop0): too many log groups per flexible block group
[  334.537075][T12141] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  334.568614][T12141] EXT4-fs (loop0): mount failed
[  334.574695][T12143] syz.2.3005: attempt to access beyond end of device
[  334.574695][T12143] loop2: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  334.602994][T12148] loop1: detected capacity change from 0 to 512
[  334.622015][T12148] loop1: detected capacity change from 0 to 512
[  334.638414][T12143] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3005'.
[  334.657180][T12119] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.664373][T12119] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.683455][T12143] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3005'.
[  334.694219][T12119] bridge_slave_0: entered allmulticast mode
[  334.776288][T12119] bridge_slave_0: entered promiscuous mode
[  334.786109][T12119] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.793303][T12119] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.802816][T12119] bridge_slave_1: entered allmulticast mode
[  334.819672][T12119] bridge_slave_1: entered promiscuous mode
[  334.832219][T12160] loop2: detected capacity change from 0 to 512
[  334.853806][T12119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.858958][   T29] audit: type=1400 audit(1746583345.239:10961): avc:  denied  { bind } for  pid=12163 comm="syz.1.3011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  334.866686][T12119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  334.887028][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.895088][T12160] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.913295][T12160] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  334.949622][T12168] loop4: detected capacity change from 0 to 512
[  334.961032][T12119] team0: Port device team_slave_0 added
[  334.968672][T12168] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  334.984294][T12119] team0: Port device team_slave_1 added
[  334.991511][T12172] loop0: detected capacity change from 0 to 512
[  334.999622][T12172] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  335.022890][T12168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.039109][T12119] batman_adv: batadv0: Adding interface: batadv_slave_0
[  335.046120][T12119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.046962][T12178] loop0: detected capacity change from 0 to 1024
[  335.072082][T12119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  335.075052][T12119] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.079359][T12168] ext4 filesystem being mounted at /616/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  335.089123][T12119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.107134][T12178] EXT4-fs: Ignoring removed nomblk_io_submit option
[  335.132423][T12119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.151850][T12178] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  335.164742][T12119] hsr_slave_0: entered promiscuous mode
[  335.175326][T12178] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.196876][T12119] hsr_slave_1: entered promiscuous mode
[  335.204165][T12183] ==================================================================
[  335.212262][T12183] BUG: KCSAN: data-race in mas_state_walk / mas_wr_store_entry
[  335.219808][T12183] 
[  335.222128][T12183] write to 0xffff8881043cbd10 of 8 bytes by task 12177 on cpu 1:
[  335.229839][T12183]  mas_wr_store_entry+0x15cc/0x2b60
[  335.235036][T12183]  mas_store_prealloc+0x74d/0x9e0
[  335.240064][T12183]  commit_merge+0x66e/0x6f0
[  335.244586][T12183]  vma_expand+0x1d0/0x370
[  335.248930][T12183]  vma_merge_new_range+0x296/0x310
[  335.254058][T12183]  mmap_region+0x7e6/0x1470
[  335.258668][T12183]  do_mmap+0x9de/0xc20
[  335.262750][T12183]  vm_mmap_pgoff+0x17a/0x2e0
[  335.267366][T12183]  ksys_mmap_pgoff+0xc2/0x310
[  335.272060][T12183]  x64_sys_call+0x1602/0x2fb0
[  335.276748][T12183]  do_syscall_64+0xd0/0x1a0
[  335.281258][T12183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.287245][T12183] 
[  335.289571][T12183] read to 0xffff8881043cbd10 of 8 bytes by task 12183 on cpu 0:
[  335.297203][T12183]  mas_state_walk+0x2f5/0x650
[  335.301884][T12183]  mas_walk+0x30/0x120
[  335.305953][T12183]  lock_vma_under_rcu+0xa2/0x2f0
[  335.310915][T12183]  do_user_addr_fault+0x233/0x1090
[  335.316042][T12183]  exc_page_fault+0x54/0xc0
[  335.320564][T12183]  asm_exc_page_fault+0x26/0x30
[  335.325426][T12183] 
[  335.327753][T12183] value changed: 0x00007f1e47a15fff -> 0xffffffff855c9c30
[  335.334872][T12183] 
[  335.337207][T12183] Reported by Kernel Concurrency Sanitizer on:
[  335.343390][T12183] CPU: 0 UID: 0 PID: 12183 Comm: syz.0.3016 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(voluntary) 
[  335.355948][T12183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  335.366016][T12183] ==================================================================
[  335.374484][T12119] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  335.382411][T12119] Cannot create hsr debugfs directory
[  335.397706][T12182] loop1: detected capacity change from 0 to 512
[  335.419075][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.429073][T11994] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.439064][T12182] EXT4-fs (loop1): too many log groups per flexible block group
[  335.446868][T12182] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  335.453997][T12182] EXT4-fs (loop1): mount failed
[  335.615784][T11802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.650598][T12119] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  335.659320][T12119] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  335.668146][T12119] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  335.676857][T12119] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  335.716111][T12119] 8021q: adding VLAN 0 to HW filter on device bond0
[  335.728110][T12119] 8021q: adding VLAN 0 to HW filter on device team0
[  335.741710][ T2273] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.748794][ T2273] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.760445][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.767530][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.794467][ T2273] bridge_slave_1: left allmulticast mode
[  335.800242][ T2273] bridge_slave_1: left promiscuous mode
[  335.805971][ T2273] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.815336][ T2273] bridge_slave_0: left allmulticast mode
[  335.821135][ T2273] bridge_slave_0: left promiscuous mode
[  335.827038][ T2273] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.839847][ T2273] batman_adv: batadv0: Removing interface: ip6gretap1
[  336.107793][ T2273]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  336.116655][ T2273]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  336.125325][ T2273]  (unregistering): Released all slaves
[  336.133373][ T2273] bond0 (unregistering): Released all slaves
[  336.176539][T12119] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.248664][ T2273] hsr_slave_0: left promiscuous mode
[  336.254286][ T2273] hsr_slave_1: left promiscuous mode
[  336.260551][ T2273] batman_adv: batadv0: Removing interface: batadv_slave_0
[  336.268097][ T2273] batman_adv: batadv0: Removing interface: batadv_slave_1
[  336.343315][T12119] veth0_vlan: entered promiscuous mode
[  336.352067][T12119] veth1_vlan: entered promiscuous mode
[  336.369871][T12119] veth0_macvtap: entered promiscuous mode
[  336.377353][T12119] veth1_macvtap: entered promiscuous mode
[  336.388052][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.398585][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.408504][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.419065][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.428943][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.439443][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.449318][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.459788][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.469642][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.480154][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.490900][T12119] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.502283][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.512744][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.522560][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.532984][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.542791][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.553265][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.563085][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.573522][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.583495][T12119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.593935][T12119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.606675][T12119] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.616459][T12119] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.625235][T12119] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.634027][T12119] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.642747][T12119] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0