last executing test programs:

4m11.909936025s ago: executing program 4 (id=263):
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)={[{@gid}, {@dmode={'dmode', 0x3d, 0x6}}, {@check_strict}, {@unhide}, {@nocompress}, {@overriderock}, {@showassoc}, {@session={'session', 0x3d, 0x2c}}]}, 0x1, 0x6a1, &(0x7f00000029c0)="$eJzs3dFuFNf5APBvwSaW8xf6q6kQQoRMoFWNRMzuOhhZudqux/Yk653VzDqCqwgFEyFM0kIqFa6CKqWt1D5EbvsIvWhvKvURelP1DaI+Qqud3QUDtjc1mEXo91vBOd759pzvrFfzaWzPTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUWuv1uuNWnSy7ta1ZH/t1SLfPGD7eLy/PtUcMG9EbfAv5ubi9PCp0z9+svnU4L/zcXb41dmYGzRz8fDtU///0Tszx8avPyChV+L+g4d3buzsbN+bdiJTsp52szLPNlvraZKVebKyvFy/vLFWJmtZJy2vl/10M2kXaaufF8lC+2LSWFlZStLF6/lWd3211UnHT179oFmvLycfL/bSVlHm3csfL5btjazTybrrVcxg8yDm6uCD+EnWT/ppazNJbt3e2V6alOQgqPFDgpr7b/7HWxFJ0qw3m41Gs9lYvrJy5Wq9PvPcE/VnxHMR0//QMk0nkpe8B4fDOzaq/9GJLLqxFdci2fPRjtUoIo/NfbaPjOv/Ty+nEX+ei/hm73l31/9xlT/9ZPOZqOr/ueFX5/ap/38/Pty+d0ZH/ZiNJO7Hg3gYd+JG7MRObMe9KeUyrcd6pNGNLMrII4vNaFXPJKNnkliJ5ViOenwWG7EWZSSxFll0Io0yrkcZ/UirT1Q7ikhjNvqRRxFJLEQ7LkYSjViJlViKJNJYjOuRx1Z0Yz1Wo1WNcituV+/70gE5Pg5qRBInJgU1DxhJ/efFHc2OHA7hP+P6DwAAALyxatVP3wfH/7PxbtVbyzppfdppAQAAAC9R9Zv/s4NmdtB7N2qO/wEAAOBNU6vOsatFxHy8N+yNz4TyQwAAAAB4Q1S//z83aOYHvfei5vgfAAAA3jS/m3iN/bL3Vu0v/46imK096l37Se1uaxDXuju69u7xZ0fsr52pnRwNUjXLw+ad9O30bG109cvHF8GcHTbf33qcx7/2zqP24gnMxB/i/WHM+zeH7c3xluEs82tZJ11s552PGtFqnTzWT6/1f/Xl7V9HtfzfdzdP1uLW7Z3txc+/2rlZ5fJoMMqju6MLKD53HcU9chlv+rq63kJ1zsWeK56tTsQYzTs/nLe+e/3Hhi8/9j+s/9s4P4w5Pz9s559e/9xgzsbifqsfZdE45MqfZHFhGHNh4cKw2SOL5qQsmruzONR7McoiDshiaVIWSy+YBcC03JpQhWrPF/5D7OUeV/ff/PMIq/u3sTCMWThT7VhnzuyxR69P2qPXX7C6/SkuDmMujoP3q7GDef/4TFX9bvCC7/adt+w0a4Nv1PGv7/4iTt1/8PCD23dvfLH9xfaXzebScv3Dev1KM2arZYwatQeAPUy8x87kiNqHE46qf/S4kC3G5/FV7MTNuFSdbVD9xcGeo87v+jOESxOOWud33eHl0rPHljETsSs2Ir4Z3+jludiF/cZdOupvAwC8Uucn1OEfUv8vTTjufrqWH3x0vLuWAwBHIy2+r833f1sriqz3WWNlpdHqb6RJkbc/SYpsdT1Nsm4/Ldobre56mvSKvJ+3886g82m2mpZJudXr5UU/WcuLpJeX2bXqzu/J6NbvZbrZ6vazdtnrpK0yTdp5t99q95PVrGwnva2fd7JyIy2qF5e9tJ2tZe1WP8u7SZlvFe10MUnKNN0VmK2m3X62lg263aRXZJut4nryad7Z2kyT1bRsF1mvnw8HHM+VddfyYrMadnHabzYAvCbuP3h458bOzva9I+xMe40AwNNUaQAAAAAAAAAAAAAAeP29ivP/jrrzf4dbxc/+dvhJf/mGvHWvrDMTr0UaU+6M7nYRRzHFiZc84JR3TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwh/8GAAD//4NVULU=")
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4) (async)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x6, 0x0, 0x3}, 0x1c) (async, rerun: 32)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) (async, rerun: 32)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94) (async, rerun: 32)
r3 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x401, 0xe, 0x5, 0x100}, {0x9, 0x4, 0xd, 0xb}, {0x4, 0xe, 0x7, 0x4}, {0xd, 0x6, 0x81}]}, 0x10) (async, rerun: 32)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (rerun: 32)

4m11.662024797s ago: executing program 4 (id=268):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x97a3}, 0x18)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x46201, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x7, 0x80000)
ioctl$BLKDISCARDZEROES(r1, 0x127c, &(0x7f0000000180))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@noblock_validity}, {}, {@sysvgroups}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@grpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
fsetxattr(r2, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)='@\x00', 0x3c8, 0x0)

4m11.493334983s ago: executing program 4 (id=271):
r0 = socket$kcm(0x29, 0x6ba23c3826b0341d, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
lseek(r1, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000001c0)={r1, r2})
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffbfffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x13, 0x2, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x5, 0x3, 0x0, 0x0, 0x7fff}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x8)
r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000016c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x840e, &(0x7f0000001080)={[{@discard}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@bsdgroups}, {@quota}]}, 0x3, 0x43a, &(0x7f0000001100)="$eJzs28tvG1UXAPAzfrRfX19CVR59AIGCqHgkTVpKF2xAILEACQkWZRmStCp1G9QEiVYRBITKCqFK7BFLJP4CVrBBwAqJLexRpQpl08LKaOyZxHYcNzFOnOLfT5r23plr3XM8c+07c+MABtZI+k8SsTcifouIoXq1ucFI/b/bSwtTfy0tTCVRrb7xZ1Jrd2tpYSpvmr9uT14pRRQ+SeJwm37nrly9MFmpzFzO6mPzF98dm7ty9ZnzFyfPzZybuTRx+vTJE+PPnZp4tid5pnndOvTB7JGDr7x1/bWpM9ff/umbJM+/JY8eGel08PFqtcfd9de+hnJS6mMgbEixPkyjXBv/Q1GMlZM3FC9/3NfggE1VrVar9619eLEK/Icl0e8IgP7Iv+jT+99826Kpx7Zw84X6DVCa9+1sqx8pRSFrU265v+2lkYg4s/j3l+kWm/McAgCgyXfp/OfpdvO/QjQ+F/p/toYyHBH3RMT+iDgVEQci4t6IWtv7I+KBDfbfukiyev5TuNFVYuuUzv+ez9a2mud/+ewvhotZbV8t/3Jy9nxl5nj2nhyL8s60Pt6hj+9f+vXztY41zv/SLe0/nwtmcdwo7Wx+zfTk/GRziN27+VHEoVK7/JPllYAkIg5GxKEu+zj/5NdH1jp25/w76ME6U/WriCfq538xWvLPJZ3XJ8f+F5WZ42P5VbHaz79ce32t/v9V/j2Qnv/dba//5fyHk8b12rmN93Ht90/XvKfp9vrfkbzZtO/9yfn5y+MRO5JX60E37p9oaTex0j7N/9jR9uN/f6y8E4cjIr2IH4yIhyLi4Sz2RyLi0Yg42iH/H1987J3u899caf7TGzr/K4Ud0bqnfaF44Ydvmzod3kj+6fk/WSsdy/Ysf/51sJ64uruaAQAA4O5TiIi9kRRGl8uFwuho/W/4D8TuQmV2bv6ps7PvXZqu/0ZgOMqF/EnXUMPz0PHstj6vT7TUT2TPjb8o7qrVR6dmK9P9Th4G3J4otR3/qT+K/Y4O2HR+rwWDy/iHwWX8w+Ay/mFwtRn/u/oRB7D12n3/f9iHOICt1zL+LfvBAHH/D4PL+IfBZfzDQJrbFXf+kbyCwqpCFLZFGOssfFbeFmHcRYV+fzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//3g65pw=")
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRESOCT=r3, @ANYBLOB="f8cdb50ebf48d1f9c09fadba9dd8817f94fc9d9ff08699244124a1c27a28ee022c592a0461", @ANYRESDEC=r3, @ANYRESOCT=r3], 0x48)
r5 = timerfd_create(0x8, 0x80800)
ioctl$TFD_IOC_SET_TICKS(r5, 0x40085400, &(0x7f0000000000)=0x4be)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000003"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x9001)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6001, 0x1)
r8 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r9 = dup2(r8, r8)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$BLKTRACESETUP(r9, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10})
ioctl$BLKTRACETEARDOWN(r9, 0x1276, 0x0)
renameat2(r7, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1233, &(0x7f0000002000)="$eJzs3M9rHGUYB/AnaZqkqfmh1moL4ote9DI0OXjRS5AUpAtK2witIGzMRJeMuyGzBFbE6Mmrf4cIIngTxJtecvHmUfCWi8cK4sjuxqSxG2ja1ZXy+VzywPN+h/fJsAszzOz+q59/sLlRZhv1doyPjcX4VkS6kyLFePztk3jplR9+fPbGrdvXlmu1lespXV2+ufhySmnuue/e/ujL579vn3/rm7lvp2Jv4Z3935Z+3bu4d2n/z5vvN8rUKFOz1U71tNZqtetrRZ7WG+VmltKbRX62zFOjWebbx/obRWtrq5PqzfXZma3tvCxTvdlJm3kntVupvd1J9ffqjWbKsizNzgRHpu9z3cRhtfrFnaqqIqrqbExGVVXVuZiJ8/FYzMZczMdCPB5PxJNxIZ6Ki/F0PBNf//JVp5sAAAAAAAAAAAAAAAAAAAAAhue07/9f6q0a9a4BAAAAAAAAAAAAAAAAAADg0XLj1u1ry7XayvWUpiOKz3ZWd1b7f/v95Y1oRBF5XIn5+CN6b//39eurr9dWrqSehfi02D3I7+6snjmeX+z9nMDA/GI/n47np2Lm7vxSzMeFwfmlgfnpePGFu/JZzMdP70YriliPbvYo//FiSq+9UftH/nJvHQAAADwKsnRo4PV7lk3E4H4/f8L9gd2Ie+4PHLu+7vYvT4xycrrKzoeb9aLIt4dUTB0c99Tx8aFtYzJOaK39HCe1Tl2cOZjzoffc/Yfd5+LJ4Z2mByl+r6pqGMc5FxGjm+IBi5M/KVMPM85YRPw/BrynGOGXEv+Zo5M+6p0AAAAAAAAAAABwGofPf038e48TjnpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8FQAA//+CT8Oa")
r11 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r11, &(0x7f0000000300)=[{&(0x7f0000000080)="aefdda9d240103005a90f57f02703aeff0f64eb9ee07962c220852f426072a00"/42, 0x2a}], 0x1)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000180)={'tunl0\x00', &(0x7f0000000580)={'syztnl2\x00', <r12=>0x0, 0x10, 0x1, 0x1, 0x9, {{0x35, 0x4, 0x0, 0x6, 0xd4, 0x65, 0x0, 0xe, 0x4, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x41}, {[@end, @timestamp={0x44, 0x8, 0x95, 0x0, 0x7, [0xfffffe01]}, @timestamp_addr={0x44, 0x2c, 0xd4, 0x1, 0x7, [{@rand_addr=0x64010100, 0x4}, {@rand_addr=0x64010100, 0x1}, {@remote, 0x5}, {@rand_addr=0x64010100, 0x7fff}, {@empty, 0x4}]}, @timestamp_addr={0x44, 0xc, 0xae, 0x1, 0x2, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7}]}, @cipso={0x86, 0x3a, 0xfffffffffffffffc, [{0x0, 0x12, "78d0df305d450bb618ef521ed83aadae"}, {0x1, 0x9, "08bcf9cb01b3d1"}, {0x1, 0x4, "e723"}, {0x0, 0xf, "cbb44a42df412e35980e86a3be"}, {0x5, 0x6, "e0ef2515"}]}, @ssrr={0x89, 0x17, 0xcf, [@loopback, @multicast2, @empty, @local, @multicast1]}, @timestamp_prespec={0x44, 0x2c, 0x47, 0x3, 0x1, [{@dev={0xac, 0x14, 0x14, 0x18}, 0x8ee2}, {@multicast1, 0x3}, {@broadcast, 0x7}, {@loopback, 0x2}, {@dev={0xac, 0x14, 0x14, 0x25}, 0xca8}]}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000001f80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r12, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

4m9.961693103s ago: executing program 4 (id=282):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
munlockall()
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000c12, &(0x7f0000000300)={[{@utf8}, {@showassoc}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@check_relaxed}, {@overriderock}, {@hide}, {@session={'session', 0x3d, 0x32}}, {}, {@map_acorn}, {@mode={'mode', 0x3d, 0xb2eb}}, {@check_relaxed}, {@map_off}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@overriderock}]}, 0x4, 0xa07, &(0x7f0000001f80)="$eJzs3UtsXOXZB/D/8SUxBiUB8vHxISCT8CUYcB3bKUkjFjSxJ4mpL5XtSERdEEqcKo1bWtJKgCoRpKqrolZq1UW7Q6zaDRKbsqnYtbt21UWlilX3qKt05erMjOPbjMc2jh3C7xeN51ye877Pub6Z8fF5wxfLwv4VYwsLtdcWxy/+fgcy5i52dvTT9z98r3y9ezN70pnniz8mPUkqSVeSR5PukdHpqYk2BV1PLif5JCmS7E39fUMup/hFHlga/yTF78p6W9qz0ZJpZ4Evtd0+/gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4G5UjIwODg4VezI2efHlSl1SWWNkdHqqyMLC2jmLy9R9XOv1u/i4bb1JUb7S07PY1fejB5dmP5KkciSP18cer3VInp68ff8jB154uKtjcflW2Xwuezde7I233r7+6vz83ButQxbeqa/D9uR2lzlfnRybmRqbOHO+WhmbmaqcPnly8PiFczOVc2Pj1ZlLM7PVicrIdPXM7NR0pW/kmcrQ6dMnKtWBS1MXJ8+PDoxXFyee+srw4ODJyksD36yemZ6Zmjz+0sDMyIWx8fGxyfO1mHJ2GXOqPBC/MTZbma2emahUrl6bnzuxKqfO1Ru7DBpqtyZl0HC7oOHB4eGhoeHhoXcbvWffnnDy+dPPnxoc7BpcJWsi7tBBy93lvta7eZuv4LB1HfX2P98dz1gmczEvp9L030hGM52pTLSY37DY/h89Xl233uXtf6OV71o2+7Hyx5E82RjtadH+t8hl5/7dyFt5O9fzauYzn7m8sesZ7ey/86lmMmOZyVTGMpEztSmVxpRKTudkTmYwr+RCDmUmlZzLWMZTzUwuZSazqdaOqJFMp5ozmc1UplNJX0byTCoZyumczolUUs1ALmUqFzOZ8xnNmVopV3Ottt1PrJPj7aChjQQNrxO0ujEvj/XNtf/Ve/V/gmzY9l/EYYsWGu3/nvahfSM7kRAAAACw7f7vL9l38KE//zMp8kTte/lzY+PVF3c7LQAAAGAb1W7Xe7x86y6Hnuipff4f3O20AAAAgG1U1P7GrkjSm0P1ocW/hPIlAAAAANwjar//fzLFoaUJPv8DAADAPaaz7TP22z6Fv+hffPxv5Ur9/Uojoj5W9J4bG68OjEyNvzCUY7WnDCR5Ym1pnUnRXfvzg2dzuB51uLf+3rtUYllnTxk1NPDCUJ7NkXrEkb6nyren+ppEDtcjn65HPr08sjMrIk+UkQBwrzuyTnu80fb/2fTXI/ofqzX5XY81aYMHtawAcLe43cfOfxpdmjVp/xsRT7Zq/7+6zuf/MuKhXD1Uv6VgIK/l9cznSvrTuOPgULNSF3sjqN+G0N/m24Dexi0LfzvVkf413wf03F7X5bFzGU5/028ElpVbLOZwoh7XeWf2AQDstCPrtsMba//723z+73VLIQDcVW73YL+JgXc2Ezz3xo3dXkcAYCWtNAAAAAAAAAAAAAAAAAAAAAAAAAAAAGy/DT3A/6/Hkvn5uWQLnQVseaBnMxmuP9CRHcp51wc6k+xW7S9m00uV+/hzVPqH+xqL/2v3t/w9N7DLFyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB2RJF0NpvekexNMpjk+M5ndefc3O0Etktlz5YWK27lVt7Mvm3PBwAAAAAAAAAAAAAAAAAAAAAAAAAAAADgS67x/P+O1N/vr09KV0dyNMnlJN/a7Ry3063dTuDOKNqHfK8euPT8/46kOwtFuuq7PUX3yOj01ERZVLG3nP/p+x++V77al722V4WygLKGFZ1LNGpYNqV75VIP1pbqHZ27cf1Hr/+gMnq2dmCenT03PjpxfvrrS4GPFB8lldRfixbz/cnRP/1y2eRGRwnFR+WaNre63nO1ekfX1vu/zZZuUe8GXJufGy5rmq2+PPvj7197c9msh3I4eaov6VtZ03fKV4uaDq/enisVnxU/K/blN7lc2//l1igWinIX7a+t/31Xr83PDbz2+vyV2zm9syKnAzmU5ErSs/GcDrU+NmtHXUd3WetgLaj8cbBNeetaVuJQi+36YO2Q6d3UOlTanF9ttns+6CozOtE0o1/98OEc2/SePtamxqaKz4p/FBfy9/x0Wf8fHeX+P5qmZ2eTImqRy46U5fNWnF4d9cjavhhePuOV1WW2PCu5A36eb+drt/d/x7Lrf2Nf7cz1aFmNzc+LZPPnxQf717QoS2ot0sFVLVLj6tNqmUaeB+tRLfL8nzxXL3MTV5Tn2rXYd+j8/23Rl3/npv5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu1+RdDab3pEcTXIgyf5yvJIsrI65uYX6OnqLraS5bbaS8xdP0XJFi1u5lTezb6czAgAAAAAAAODOODv66fsfvle+ar+P78z/dzTmVJKuJAeKX3ePjE5PTbQpqDu5vPgr/Z7N5XC5/PHA0vgn5dijbRba3dsHAOAL7b8BAAD///69bw8=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000002000000)
capset(&(0x7f00000000c0)={0x19980330}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x2, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000200)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000008000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414aa000000000000000000000000000000003c00000002000000ffffffff0000000000000000000000000600000004"], 0xfc}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x27, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
fspick(0xffffffffffffff9c, 0x0, 0x0)
r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$binfmt_register(r4, &(0x7f0000000cc0)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, 'Z\x03\xec\xc3\xa7u\xcf0;\xd1\\\x1b\xfaz\xc0\xef\x88\x99\xa6_\xb3\xcb\xca\x16\xb7\x02\x81\xd6\xd2W\xcd\xd8}\xf7\x9az\x8e\x9a\x8d\x8c\x0f\xa1\xacEH`\xbfkj\xf3q\x16\xd7\xcaQ\x14\xfb\xe1\xefr\xfb-0s\xc9\x19t\' \xdf\n\x10\x9b\xf7e9aH\x97\xf8\xabQ\r\x92(q!$s\x8d\x92\xb8\xf1\t\x88\x1a\xd9L\xaf\x04g\xe4b\x8e^\xdf\xc4I\x15\xde\x1b\xfa\xab\ac\xb3\xac\x0e#\x93A\tR!\x8fBiY\x87\xae\xe6r\xc7!\xa4\xc8@#\ag]\x9a?xl/\xbe\xffd\\}\xdc\xce\x15\t\xcc\x11\xe2c', 0x3a, './file2', 0x3a, [0x46]}, 0xd1)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r7, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="5800000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000008440000300012800b000100676505e5b15003196e65766500002000028005000c000000000014000700c60000000000000000000000000000000108000a", @ANYRES32=r7, @ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x80)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000016000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x18)

4m9.868545591s ago: executing program 4 (id=285):
r0 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000000c0)={[], [{@measure}]}, 0x1, 0x4ca, &(0x7f0000000a00)="$eJzs3d9rXFkdAPDvvfm52bhJdcEfqFvX1SplZ5Lpblj2aX1RZFkQF5986MZkGkJmMiEzqU3sQ/o/CBZ80j/BB0FB6JPvvumbCPVBqFqURvBh5N65SdNkJg02yS2ZzwcO9557OvP9nrb3nNvTzJwAhtbViNiNiPGI+CQiZorrSVHig17Jft2Tx3eX9h7fXUqi2/34H0nenl2LQ6/JvFq852REfP87ET9Kjsdtb++sLTYa9c2iXu00N6rt7Z2/rDYXV+or9fVabWF+Ye69G+/WzqyvbzR/9ejbqx/+4He/+dLDP+x+8ydZWtNF2+F+nKVe18cO4mRGI+LD8whWgpGiP+NlJ8L/JY2IT0fEm9n93y07GwDgInS7M9GdOVwHAC67NF8DS9JKsRYwHWlaqfTW8F6PqbTRaneu32ptrS/31spmYyy9tdqozxVrhbMxlmT1+fz8ab12pH4jIq5ExE8nXsnrlaVWY7nMBx8AGGKvHpn//z3Rm/8BgEtusuwEAIALZ/4HgOFj/geA4WP+B4DhY/4HgOFj/geA4WP+B4Ch8r2PPspKd6/4/uvl29tba63bby/X22uV5tZSZam1uVFZabVW8u/saT7v/Rqt1sb8O7F1p9qptzvV9vbOzWZra71zM/9e75v1sQvpFQBwkitvPPhTEhG777+Slzi0l4O5Gi63tOwEgNKMlJ0AUJrRshMASuPf+ECfLXqfMfBHhO4PfImhBV5y1z5v/R+GlfV/GF7W/2F4HVv/H/FhIBgW3W5iz38AGDLW+IFz+P9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuPSm85KklWIv8OlI00olxrO22RhLbq026nMR8VpE/HFibCKrz5edNADwgtK/JcX+X9dm3po+2jqe/GciP0bEj3/+8c/uLHY6m/PZ9X8eXO/cL67XTgxkq0EAKMn+PL0/j+978vju0n65yHwefau3uWgWd68ovZbRGM2Pk/mDw9S/kqLekz2vjJxB/N17EfG5fv1P8rWR2WLn06Pxs9ifutD46TPx07ytd8x+Lz5zBrnAsHmQjT8f9Lv/0riaH/vf/5P5CPXi9se/vWPjX3ow/o0MGP+unjbGO7//7sC2exFfGO0XPzmInwyI/9Yp4//5i19+c1Bb9xcR16J//MOxqp3mRrW9vfP2anNxpb5SX6/VFuYX5t678W6tmq9RV/dXqo/7+/vXXzup/1MD4k8+p/9fO2X/f/nfT374lRPif+Or/f/8Xz8hfjYnfv2U8Renfj1w++4s/nL//hevGdz/66eIfSUiHv51Z/mUqQIAF6C9vbO22GjUN51c2En27PYSpOGktJPsb8BZvM9nzzHVskcm4Lw9venLzgQAAAAAAAAAAAAAABjk+Z8H+u0Lf0aw7D4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwef0vAAD//wiz12M=")
r1 = socket$key(0xf, 0x3, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
open$dir(&(0x7f00000002c0)='./control/file0\x00', 0x60043, 0x0)
r3 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f0000000100)='./control\x00', 0x0)
getdents64(r3, &(0x7f0000fc4fbe)=""/80, 0x50)
unlink(&(0x7f00000001c0)='./control/file0\x00')
unlinkat(r3, &(0x7f0000000140)='./control\x00', 0x200)
rmdir(&(0x7f0000000040)='./control\x00')
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=@newtaction={0x8c, 0x30, 0xb, 0x5, 0x0, {}, [{0x78, 0x1, [@m_ct={0x74, 0x1, 0x0, 0x0, {{0x7}, {0x4c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x14, 0x0, 0x0, 0x0, 0x2400}}, @TCA_CT_ZONE={0x6, 0x4, 0x4}, @TCA_CT_LABELS={0x14, 0x7, "e142a1dc6b3a3dd0aaeb9317676b63d2"}, @TCA_CT_LABELS_MASK={0x14, 0x8, "ea32d9c3eada5bb4feefd4bf8818faba"}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8890}, 0x8050)
bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000080)={[{@init_itable}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
copy_file_range(r4, 0x0, r4, &(0x7f00000000c0)=0xf000, 0x863, 0x0)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="020300030f0000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e22ac1414bb000000000000000002000100000000000000070c01000000030005000000000002004e21ac1e010100000000000021000200130003"], 0x78}, 0x1, 0x7}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x80)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000040)='./file2\x00', 0x0, 0x10, r0}, 0x18)
pwritev2(r0, &(0x7f0000000100), 0x0, 0x5405, 0x4, 0x0)
sendfile(r5, r5, 0x0, 0x7a680000)
acct(&(0x7f0000000100)='./file1\x00')

4m9.646069712s ago: executing program 4 (id=287):
socket(0x1e, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x101042, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
add_key$keyring(&(0x7f0000000340), &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r3, 0x2275, &(0x7f0000000080)=0x2e9aa845)
r4 = io_uring_setup(0x71b9, &(0x7f00000000c0)={0x0, 0xc63c})
io_uring_enter(r4, 0x0, 0x2, 0x4d, 0x0, 0x0)
fallocate(r0, 0x81, 0x13, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r5, &(0x7f0000000940), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x10007ffffffff}, 0x18)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa041, 0xd)
fcntl$setlease(r7, 0x400, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, 0x0, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

4m9.633148433s ago: executing program 32 (id=287):
socket(0x1e, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x101042, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
add_key$keyring(&(0x7f0000000340), &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r3, 0x2275, &(0x7f0000000080)=0x2e9aa845)
r4 = io_uring_setup(0x71b9, &(0x7f00000000c0)={0x0, 0xc63c})
io_uring_enter(r4, 0x0, 0x2, 0x4d, 0x0, 0x0)
fallocate(r0, 0x81, 0x13, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r5, &(0x7f0000000940), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x10007ffffffff}, 0x18)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa041, 0xd)
fcntl$setlease(r7, 0x400, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, 0x0, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

3m21.082584145s ago: executing program 1 (id=1086):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000180), 0xfa, 0x58f, &(0x7f0000002d00)="$eJzs3U1rXFUfAPD/nUzSNu3zNIVS1IUUurBSO2kSXyoI1pWIFgu6r0MyDSWTTslMShMLtgu7cSNFELEgfgD3LotfwE9R0EKREnQhQuRO7qTTZCavE2fS+f3gtufMuTfn/nPuOTln7gw3gL51Mv0nF/FiRHydRBxtKstHVnhyZb+lJ7cm0y2J5eVP/kgiyV5r7J9k/x/OMi9ExC9fRpzJra+3urA4UyyXS3NZfrQ2e320urB49upscbo0Xbo2PjFx/o2J8bfferNjsb566a/vPn7wwfmvTi19+9OjY/eSuBBHsrLmOHbhdnPmZPGfLDUYF9bsONaBynpJ0u0TYEcGsn4+GOkYcDQGsl4PPP++iIhloE8l+j/0qcY8oLG279A6eN94/N7KAqge+1Bz/PmV90biYH1tNLyUPLMySte7Ix2oP63j59/v30u32Ph9iEOb5AG25fadiDiXz68f/5Ns/Nu5c/U3jze2to5++/sD3fQgnf+81mr+l1ud/0SL+c/hFn13Jzbv/7lHHaimrXT+907L+e/q0DUykOX+V5/zDSZXrpZL5yLi/xFxOgYPpPmN7uecX3q43K6sef6Xbmn9jblgdh6P8geePWaqWCtGxNBu4m54fCfipXyr+JPV9k9atH/6+7i0xTpOlO6/3K5s8/j31vKPEa+0bP+nd7SSje9Pjtavh9HGVbHen3dP/Nqu/m7Hn7b/8MbxjyTN92ur26/jh4N/l9qVpfEP7+D6H0o+racbneBmsVabG4sYSj5a//r402Mb+cb+afynT63E/+xkJbfh9Z8uvj7bYvx3j99tu2svtP/Uttp/+4mHH37+fbv6tzb+vV5Pnc5eyca/1rJrZasnuNvfHwAAAAAAAPSSXEQciSRXWE3ncoXCyuc7jsdwrlyp1s5cqcxfm4r6d2VHYjDXuNN9tOnzEGPZ52Eb+fE1+YmIOBYR3wwcqucLk5XyVLeDBwAAAAAAAAAAAAAAAAAAgB5xuM33/1O/DXT77IA9V3+wwYFunwXQDZs+8r8TT3oCetKm/R94bun/0L/0f+hfa/t/R54sDOwL/v5D/9L/oX/p/9C/9H8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqEsXL6bb8tKTW5NpfurGwvxM5cbZqVJ1pjA7P1mYrMxdL0xXKtPlUmGyMrvZzytXKtfHxmP+5mitVK2NVhcWL89W5q/VLl+dLU6XLpcG/5OoAAAAAAAAAAAAAAAAAAAAYH+pLizOFMvl0txqIp+VzK0v6tPEu9ETp7GXAa7Y0eH5XolibxLvD/TEaewmcSdr3u0d1aUBCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa+DcAAP//Rm0oPg==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='kfree\x00', r1}, 0x18)
r2 = signalfd(r0, &(0x7f0000000080)={[0x2]}, 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r4, 0x0, 0x3}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="f9ffffff00e41ca58a59bb90bd4aff8fe01de4ab2649d1f9e25421f754d090ec5135a81a1f6da22b4048af2942ebc27f127698043de7be5228e257588adf61b9a938494d81d5dae53f8517b5da012153e811ce8d01c22ac207687dbe75941fe250c9afbd35462df1043e4e10eef0c7d909f435bb38a191172588164523568f400d1ccab780d99b", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x80000, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r5], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08d1ca4eb6b8b4889cdd4e786eb807e04eb88b935d785f3d3201c580"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=r7, 0x0, 0x1, 0x6, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], <r8=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001500)=ANY=[@ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="5435f423282000000000000084fb70747cf5c769fc989154e933b436fed7ee20b4a905ad066054fba07ac734ca6214ddb6f6391209f8ffffffffffffff12ad6cb6e86969f8a13db710da31104e2018b532333a6a8e3b19903884de6155d19bb100252b92894a2c", @ANYRES32, @ANYBLOB, @ANYRES64=r8], 0x20)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000280)={0x4, <r9=>0x0}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000240)={@cgroup, r4, 0x1c, 0x22, r4, @void, @void, @void, @value=r9, r8}, 0x20)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/cgroups\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff}, 0x0)
r13 = dup(r12)
getresuid(&(0x7f0000000500)=<r14=>0x0, &(0x7f0000000580), &(0x7f00000005c0))
mount$9p_fd(0x0, &(0x7f00000004c0)='./file1\x00', &(0x7f0000000180), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r11}, 0x2c, {'wfdno', 0x3d, r13}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}], [{@appraise}, {@obj_user={'obj_user', 0x3d, '+!('}}, {@euid_eq={'euid', 0x3d, r14}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@dont_hash}, {@fsname={'fsname', 0x3d, 'ext4\x00'}}, {@flag='silent'}], 0x6b}})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup=r10, r1, 0x28, 0x8, r2, @void, @value=r13, @void, @void, r8}, 0x20)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], &(0x7f00000002c0)=""/203, 0xcb)

3m20.944826457s ago: executing program 1 (id=1089):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = socket(0xa, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000000340)={0x0, {{0xa, 0x2, 0x0, @mcast1}}}, 0x88)

3m20.80057899s ago: executing program 1 (id=1091):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x20}, 0x18)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0)
write$selinux_load(r2, 0x0, 0x190da)

3m20.677356162s ago: executing program 1 (id=1093):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r4 = socket$tipc(0x1e, 0x5, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000100)={0x21f6, 0x112, 0xfffe})
bind$tipc(r4, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0xfffffffc}}, 0x10)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000200)=[{r6}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, &(0x7f0000000040)="5766b1020affff20c311df259149e300", 0x10)
prctl$PR_MCE_KILL(0x21, 0x1, 0x0)
prctl$PR_MCE_KILL_GET(0x22)
listen(r6, 0x0)
r7 = syz_io_uring_setup(0x239, &(0x7f0000000540)={0x0, 0x405e3, 0x8000, 0x3, 0x2e0}, &(0x7f0000000180)=<r8=>0x0, &(0x7f00000002c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000500)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x31a0}})
io_uring_enter(r7, 0x663e, 0x0, 0x2, 0x0, 0x0)
r10 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r10, 0x10e, 0xc, &(0x7f0000000080)={0x209d, 0x0, 0x4, 0x1f}, 0x10)
write(r10, &(0x7f00000000c0)="1800000016005f0214fffffffffffff80700000001000000", 0x18)
shutdown(r4, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r3, 0xf501, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11}, 0x18)
r12 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r12, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}}, 0x24)
sendmsg$inet(r12, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@ip_tos_int={{0x14, 0x110}}], 0x18, 0x4c00}, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)

3m18.155293772s ago: executing program 1 (id=1143):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x140, 0x0)
write$tun(r1, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

3m18.024616294s ago: executing program 1 (id=1144):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), 0x0}, 0x20)
ftruncate(0xffffffffffffffff, 0xc17a)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c002000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006203300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x40000)

3m2.979692007s ago: executing program 33 (id=1144):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), 0x0}, 0x20)
ftruncate(0xffffffffffffffff, 0xc17a)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c002000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006203300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x40000)

3.470080574s ago: executing program 3 (id=4080):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002cc0)=[{{&(0x7f0000001600)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000002940)=[{&(0x7f0000001640)='f', 0x1}, {0x0}], 0x2}}], 0x1, 0x8800)

3.469955324s ago: executing program 3 (id=4081):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r4 = socket$inet6(0xa, 0x2, 0x0)
socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010102}}}], 0x20}}], 0x1, 0x0)

3.427524428s ago: executing program 3 (id=4082):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x75}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x17}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xe, 0x0, &(0x7f00000001c0)="0101000871a7832e6b7303c3cd59", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, 0x50)

3.40531573s ago: executing program 3 (id=4083):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000e50000020000002c0004802800018011000100666c6f775f6f66666c6f616400000000100002800900010073797a30190000000900010073797a30000000000900020073797a32"], 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)

3.389481181s ago: executing program 3 (id=4084):
socket(0x840000000002, 0x3, 0xfa)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169b82, 0x189)
socket$pppoe(0x18, 0x1, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb000000010902"], 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x2a, 0x2, 0x0)
fsopen(&(0x7f00000007c0)='erofs\x00', 0x1)
socket$kcm(0x2, 0x200000000000001, 0x106)
socket$inet6(0xa, 0x800000000000002, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
r4 = syz_io_uring_setup(0x10d2, &(0x7f0000000540)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f0000000600)=<r5=>0x0, &(0x7f00000005c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x4, 0x1cd83f7c25e05491, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x100, 0x1, {0x3}})
io_uring_enter(r4, 0x47bc, 0x3, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

3.324945417s ago: executing program 5 (id=4087):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x84}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f00000007c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', r1}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371c00000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0)

3.324584887s ago: executing program 5 (id=4089):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0d030000000000000000130000001c000980080002"], 0x30}}, 0x800)

3.050647842s ago: executing program 0 (id=4094):
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x2e, &(0x7f0000000000)=r1, 0x4)
recvmsg(r1, &(0x7f0000000f40)={0x0, 0x0, 0x0}, 0xd95f00c02350af82)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})

2.358133255s ago: executing program 5 (id=4104):
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaa"], 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)

2.330093128s ago: executing program 5 (id=4105):
socket$nl_route(0x10, 0x3, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
syz_open_procfs(0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000d40)=@nat={'nat\x00', 0x2, 0x5, 0x4b0, 0x0, 0xf0, 0xffffffff, 0x0, 0x310, 0x3e0, 0x3e0, 0xffffffff, 0x3e0, 0x3e0, 0x5, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @remote, [], [], 'batadv0\x00', 'veth0_to_batadv\x00'}, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@empty, @ipv6=@remote}}}, {{@ipv6={@dev, @loopback, [], [], 'batadv0\x00', 'veth1_vlan\x00'}, 0x0, 0xe8, 0x130, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@loopback, @ipv6=@private0, @icmp_id, @icmp_id}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @gre_key, @gre_key}}}, {{@ipv6={@remote, @mcast1, [], [], 'ipvlan0\x00', 'pim6reg\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x510)

2.186069201s ago: executing program 2 (id=4107):
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB], 0x2c}}, 0x26008890)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000080)=0x10000)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)

2.044656204s ago: executing program 2 (id=4108):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x5, 0x3032, 0xffffffffffffffff, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r3}, 0x80, 0x0}}], 0x1, 0x20000802)

1.993842629s ago: executing program 0 (id=4109):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000640)='S', 0x1)
getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000100)=""/19, &(0x7f0000000380)=0x13)

1.899764207s ago: executing program 0 (id=4110):
r0 = io_uring_setup(0x57e, &(0x7f0000000300)={0x0, 0x375, 0x10, 0x2, 0x2c4})
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141b42, 0x8)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x1000, 0x800000000000000)

1.820352584s ago: executing program 2 (id=4111):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000003c0)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x200000000300, 0x200000000330, 0x200000000360], 0x0, 0x0, &(0x7f0000000300)=ANY=[]}, 0x78)

1.734275542s ago: executing program 2 (id=4112):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
msgsnd(0x0, &(0x7f00000017c0)={0x3, "ccc038e6c1811bb93fb0fff199a17ff1d35bea8fa76c6fb3427a59f08c72c3d8cca2e18a4322791fd8b85da1b744a3b55718a0995c42fd13e67a6bf56d90dd0b93965cfd2bf2a9f519a4976f97bffd5620c77df50c8e16f43c130be1d141e8669e0c5fec20b09de2820969f0c1c8fd56a287183a431cbe0f236e2ab0b31298f44fe6a4f3b00a423134db5401084cf825e1712beb998c2766ff4e94f62daea89091093343b684154185d8751a8b0408b7b3b67a7ca64f0b17f0d11d60c8d6160948f09a7c39ae17e580edbe71ac500bf1585ae80eecd86c334e551756ad8a1a6588e9ed315a3cd88380effc5751ed448dda7ffd426a7fcbe488f57fc900e5c50cbaf36df64e943a9b2d17643b8bce34f730d06bc3c6603ccf13d4053a9127058433514b081f6d7e7b2dd20d653f3ac64f8da442b0f8e3e69791400ab667153ac6279663070aad353e5fb0b1d5006f41d78dc2d9646420cef9e55080112538004eb10975677cab1d56bfaeed2ee9680cd8edc9be87b14cf5014c46ec33b6e279e7d16132d396648f2fce87e42b072bab826351605885e05542c787d65c9e1bf66a31e3c796fdf4f48a7b05b5f66be510f7cdd8a35ee84219f3c9f338205c2588ac6e91df1a38896a8dddb2a4f9f665e94c94f7b01dbe1ed7063dd2b565c0f63e6029faa1b5074b49f26b68685a4a6268292a01c7989f9b790a538f18fd1f14d30554161f540aeebb1767e3cc68de35d3e024b4d07a382a42bd81d5d3278947fe13244fcd087f6ebab0f9ae22cf090480279b8bc5b112994a54625add85b947e96dfe42e4ea3834350efa5e3548c9b5240a11484cf84ce175483c8bd78fb47c050e97c6a89ae67fda0da9e54219b3a52ad4a99b991cd4eb5e5fd0199f79a1ac40d97bce5402a92a6bcdb9a9e7a3775a97d1ff71fb8f15937775a9397d51bbe5363f18c04f8c4a2ed56fe75ef76d1b9c721631aed9d42513e9319e87e78738544bae042cc4c40e86249cfc32e4fae85a7b2b3486cc2337f6998efc0762570c8e59383339eb6127014f0ce192d4beb2b81b20d155e53b412fb24941005e9609f2f2fa335e457e1db4ddffe2c9aaa30227cb87bccf92c6a41505ace98544953ff43f1bd0be3109284f0fc3aa3f4680779439576d0c5eb9e0eca109061004cf592369091188bd1fedea1dcb435eb12e72fed5c4ecfb854e690319be047928352d8fc1dffd7f3e9b8d877da260a0c7625de97436de03896efb234feee1af20d341b8295d25f4a4b88a52668c32de7edfb368fccd7dbe7e4de590c2fd0dc45f4fb9b221bf676379053d4ad1d6265b0f7dc1fdbcc402f124b3ad1828bbc067701da51bea2320a716557f4269a8df8bb6d0ef452d3878c3b47610048771e2e8659bdd62414c8d67596288c7266816e1326a83b711bd89949270417c441694b7ee72d9a8234d0399ebe33036ba2e4ef6f7ca7b19eac0d2d6bd2dc037a8a6f21be906c98ad43a199be9cb500ea3e25e8d7f3afa2841d41381dcef2700554d9560a50676b5f463510fc166052ade0d716e6b4f32c14d940ad8215cbb67f5715a5c5bd14346042ada0c4f8f3d251b81a2d1e2066b016fe694cef976c5cf44fe7733c850aa5bfd9886ab0b08ddb5d3499c047e29d7c2e0c5e9eaa6b651d4a6c9e60f6338279dd5fa1062a8b6811b9fbc5c430d2904debc3307b45bc6e7b2930e62fdeac4fac60b548aaa8c0b338825d2a0028123c2cff093beb9c3ea40dea23ac17f04577d2f1fa907ccc55ea17bd2411aca8cddf6753340be88f66ff6ff3cd0a29332ee4fb9f7297dd820dc9f16eb2b758c25090f4bbf55fcdd6e11f6196758b6367d2f1fc7c8eeed969accb3e5d4a4d9d715d26045b609c1e5bf21c1e99d9fe9c1e58bc95461740efee204f1770c37df6a1e57bf92d6c6b8374b0295b8731f0dd004744225bb80f250573f119866d83b04005df80fcdc0f96dd2f3a542d10407e66621fbab1d40a5c5d721c6d493ee3ebeb43fe5e4b26aa4e465ecf57fbeda5aa1d3d84d41cbf14da60a93a16f9fea27983dd637fd61c2f596b111ba9bdaa33584793bb8c6bdbab3454fe84d6555f3af296047ae6efde9581419872e83760781c1d6c2dcec2d158863714d3da76ad519405fb8bf7afd9c678619abee6378e0057a19468f18349ba3388d33bac8d6632bb111f3eb0c7ef91ba28ccef5c7d2ab93e5a9ca25f96ee0fc1232ed5460c247e36c076c744c0040b1a10daad03b56b78d3e73f335a29243701b4747e8e752b3801c2c6843da12ea08a06f2380358ea1efcdddf700e2dfda60a41a7b394fe7c215059a808e2ce58e57af7e1776b93e59f3240bc9e8cd49e65ce2382202482530918621614a3c8030c281b5ff211b21294ee3c52af5da48047a654a6b17d38c2f49c5f006999bd5d6ca6f02c5fb96e0f9478369811c3c273bce4525ee36d51d7c74188be53c28ac5288acbc14b89164cd27777a0ba2ab068395641df63d02cc120c00ebad84bcb116002e19c322e47051e47c79865595740eff0f3d9bc68e1fd42313a31e254c4b3c4ffffe75e64dd6396115760bbaf66108a3a7adc0561b9a73ae14096b9a158c2d99c0fd73ccf69b83c7e8c4859c94f6070c77ffae26a27c70811a1c696869e251cb678a3e4725b8f446b30b7b223a038fc3297d0e3a6c61032d14d6ec43c038dbb7ceb61194a0a89df89235ba47561bd224f17b32fc4a5e173109f76c0f9fd60bcb1c04fa0c9fe80ff17612eab6abb08e2fa485a7762e5300936c3a84bccba1003cc568e0238bf39a004d3a322b551bc72621ae135d616e1bfe47e16290e9fc20a9a139cb3008d92463db3a86905a68511760ce82e94c7fa28bdbb65fef5516aa"}, 0x7f8, 0x1000000)

1.664026579s ago: executing program 6 (id=4113):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x48)
r0 = syz_io_uring_setup(0x496, &(0x7f0000000400)={0x0, 0x7daf, 0x10, 0x8000, 0x8000e1}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x9, 0x6000, @fd, 0x100, 0x0, 0x0, 0x1c})
io_uring_enter(r0, 0x627, 0xc1040000, 0x43, 0x0, 0x0)

1.634033312s ago: executing program 6 (id=4114):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0d030000000000000000130000001c000980080002"], 0x30}}, 0x800)

1.32687352s ago: executing program 5 (id=4115):
r0 = socket$tipc(0x1e, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4], 0x58}}, 0x0)
listen(r0, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x8, 0xfff9}, &(0x7f0000000040)=0x8)
accept4(r0, 0x0, 0x0, 0x400000000000000)
setsockopt(r0, 0x1, 0x7, &(0x7f00000002c0)="8682060f75de4deec8931187e206", 0xe)

441.297831ms ago: executing program 6 (id=4116):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001b40), r0)
sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={&(0x7f0000000340)={0x28, r1, 0xc2b08b51e4ddf9c1, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_AF={0x6}]}]}, 0x28}}, 0x4000)

437.427291ms ago: executing program 2 (id=4117):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x281, 0x7f, 0xfffffffd, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x40007, 0x7ed53619, 0x1, 0x2, 0xa8, 0x4, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000001, 0x10001, 0x791, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0x6, 0x1, 0x3, 0x6deb3fab, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0x80000d, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0x6, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x1, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0x1000, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x4, 0x80000001, 0x8, 0x1d20, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x879, 0xff, 0xff, 0x5, 0x7, 0x6, 0x10007a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x8, 0xf, 0xda54, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xff0, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x7, 0x6, 0x10, 0xab, 0x8, 0x80000001, 0x5, 0x0, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffbfff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x38, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x8000005, 0x8, 0x4, 0x0, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x753d, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x1, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc41a, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x80001, 0x40000005, 0x1, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x2]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x107e, 0x4, 0x235, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0xffffff7f, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x83, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x1000, 0x4, 0x0, 0x3, 0xfffffff7, 0xd, 0x6, 0x0, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x1100, 0xec0, 0x10001, 0x4, 0x2, 0x3ff, 0x3e, 0x1, 0x3, 0x0, 0x10, 0x8, 0x8, 0x19bb, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x800092, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x5, 0xffffff37, 0x3, 0x9, 0xc, 0x3, 0x3, 0x3, 0x400, 0x100000, 0x2, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x1, 0x8, 0xd, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1682, 0xa252, 0x2, 0x203, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0x200e, 0x3, 0x0, 0x81, 0xdff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x2, 0x401, 0x4e8, 0x80, 0x3, 0x40, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0xfff, 0x400012, 0x2, 0xfff, 0x8, 0x6, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1fd, 0x400003, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xfffb, 0xfffffffe, 0x5, 0x3, 0xb9a6, 0xecdf, 0x0, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0x9, 0xc0a1, 0x8, 0x8, 0x7, 0x7fffffff, 0x7, 0x2, 0x101, 0x5, 0x7, 0x0, 0x4, 0x7, 0x80000001, 0x3, 0xffffff9a, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x70d, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x5, 0x8001, 0x9, 0x8, 0xfffffffb, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x6, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x1, 0x21ce83b0, 0x2, 0x6, {0x8, 0x1, 0x1000, 0x4, 0x4, 0x401}, {0xe, 0x0, 0xc, 0x0, 0x9, 0x5}, 0x7, 0x80, 0x8}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010102}}}], 0x20}}], 0x1, 0x0)

366.202277ms ago: executing program 0 (id=4118):
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB], 0x2c}}, 0x26008890)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000080)=0x10000)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)

366.103377ms ago: executing program 6 (id=4119):
r0 = socket$l2tp(0x2, 0x2, 0x73)
sendmmsg$inet(r0, &(0x7f0000002cc0), 0x0, 0x8800)

350.865779ms ago: executing program 6 (id=4120):
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
fgetxattr(r0, &(0x7f0000000000)=ANY=[], 0x0, 0x0)

303.531133ms ago: executing program 6 (id=4121):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x5, 0x3032, 0xffffffffffffffff, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x9}, 0x28)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, 0x0}}], 0x1, 0x20000802)

228.007659ms ago: executing program 2 (id=4122):
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xfc5, 0xb080, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x3, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r0, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e)
connect$pptp(r0, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
writev(r1, &(0x7f0000000640)=[{&(0x7f0000000300)="3b997cb14adc5bc5894a75", 0xb}], 0x1)

227.84535ms ago: executing program 5 (id=4123):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=")
r0 = open(&(0x7f0000000000)='./file1\x00', 0x143142, 0x80)
sendfile(r0, r0, 0x0, 0x1000000201005)
ftruncate(r0, 0x6)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x1c3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)

97.238332ms ago: executing program 0 (id=4124):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r2}, &(0x7f00000003c0), &(0x7f0000000400)=r0}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&\x00'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)

48.787616ms ago: executing program 3 (id=4125):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
get_robust_list(r0, 0x0, 0x0)

0s ago: executing program 0 (id=4126):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f00000000c0)={0x1, 0x4000001, 0x24e, 0x20, 0x2f, 0x0})

kernel console output (not intermixed with test programs):

.5.3221'.
[  237.554927][T13446] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  237.561576][T13446] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  237.569287][T13446] vhci_hcd vhci_hcd.0: Device attached
[  237.593972][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.603711][T13451] loop0: detected capacity change from 0 to 512
[  237.604056][T13452] batadv_slave_1: entered promiscuous mode
[  237.617191][T13452] batadv_slave_1: left promiscuous mode
[  237.628110][T13451] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.660149][T13452] lo speed is unknown, defaulting to 1000
[  237.666303][T13452] lo speed is unknown, defaulting to 1000
[  237.672654][T13452] lo speed is unknown, defaulting to 1000
[  237.680086][T13452] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  237.687612][ T3493] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  237.735570][T13451] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.831770][T13452] lo speed is unknown, defaulting to 1000
[  237.845275][T13446] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13446 comm=syz.0.3220
[  237.867909][T13456] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3223'.
[  237.880342][T13452] lo speed is unknown, defaulting to 1000
[  237.891559][T13452] lo speed is unknown, defaulting to 1000
[  237.921120][T13452] lo speed is unknown, defaulting to 1000
[  237.927207][T13447] vhci_hcd: connection closed
[  237.948078][T13452] lo speed is unknown, defaulting to 1000
[  237.958999][ T9336] vhci_hcd vhci_hcd.0: stop threads
[  237.964239][ T9336] vhci_hcd vhci_hcd.0: release socket
[  237.969682][ T9336] vhci_hcd vhci_hcd.0: disconnect device
[  237.975942][ T3493] usb 1-1: new high-speed USB device number 2 using vhci_hcd
[  237.984459][ T3493] usb 1-1: enqueue for inactive port 0
[  237.991261][ T3493] usb 1-1: enqueue for inactive port 0
[  237.997480][ T3493] usb 1-1: enqueue for inactive port 0
[  238.069823][T13467] loop5: detected capacity change from 0 to 512
[  238.076460][ T3493] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  238.097436][T13467] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.3225: invalid block
[  238.110433][T13467] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3225: invalid indirect mapped block 4294967295 (level 1)
[  238.124965][T13467] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3225: invalid indirect mapped block 4294967295 (level 1)
[  238.139740][T13467] EXT4-fs (loop5): 2 truncates cleaned up
[  238.146614][T13467] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.161370][T13467] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.353275][T13480] hugetlbfs: syz.2.3231 (13480): Using mlock ulimits for SHM_HUGETLB is obsolete
[  238.379586][T13482] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3232'.
[  238.482530][T13486] lo speed is unknown, defaulting to 1000
[  238.495613][ T5929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  238.503839][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  238.568377][T13488] syz_tun: refused to change device tx_queue_len
[  238.577472][T13495] EXT4-fs (loop5): 1 truncate cleaned up
[  238.586868][T13495] netlink: 9 bytes leftover after parsing attributes in process `syz.5.3237'.
[  238.628118][T13491] lo speed is unknown, defaulting to 1000
[  238.726292][ T2968] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  238.876841][T13504] lo speed is unknown, defaulting to 1000
[  239.138119][T13509] Alternate GPT is invalid, using primary GPT.
[  239.144566][T13509]  loop6: p2 p3 p7
[  239.323535][T13513] EXT4-fs: inline encryption not supported
[  239.355579][T13513] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  239.376583][T13513] EXT4-fs (loop5): 1 truncate cleaned up
[  239.442431][T13516] rdma_op ffff8881573fed80 conn xmit_rdma 0000000000000000
[  239.465861][T13524] FAULT_INJECTION: forcing a failure.
[  239.465861][T13524] name failslab, interval 1, probability 0, space 0, times 0
[  239.478667][T13524] CPU: 1 UID: 0 PID: 13524 Comm: syz.3.3244 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  239.478702][T13524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  239.478769][T13524] Call Trace:
[  239.478777][T13524]  <TASK>
[  239.478785][T13524]  __dump_stack+0x1d/0x30
[  239.478813][T13524]  dump_stack_lvl+0x95/0xd0
[  239.478841][T13524]  dump_stack+0x15/0x1b
[  239.478864][T13524]  should_fail_ex+0x265/0x280
[  239.478915][T13524]  should_failslab+0x8c/0xb0
[  239.478941][T13524]  __kmalloc_cache_noprof+0x65/0x4c0
[  239.478973][T13524]  ? bpf_nf_link_attach+0x200/0x460
[  239.479053][T13524]  ? audit_log_end+0x23d/0x250
[  239.479076][T13524]  bpf_nf_link_attach+0x200/0x460
[  239.479102][T13524]  link_create+0x3f0/0x690
[  239.479204][T13524]  __sys_bpf+0x628/0x7c0
[  239.479234][T13524]  __x64_sys_bpf+0x41/0x50
[  239.479273][T13524]  x64_sys_call+0x28e1/0x3000
[  239.479333][T13524]  do_syscall_64+0xca/0x2b0
[  239.479374][T13524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.479455][T13524] RIP: 0033:0x7f83fbe1f749
[  239.479473][T13524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.479496][T13524] RSP: 002b:00007f83fa87f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  239.479526][T13524] RAX: ffffffffffffffda RBX: 00007f83fc075fa0 RCX: 00007f83fbe1f749
[  239.479541][T13524] RDX: 0000000000000020 RSI: 0000200000000080 RDI: 000000000000001c
[  239.479601][T13524] RBP: 00007f83fa87f090 R08: 0000000000000000 R09: 0000000000000000
[  239.479614][T13524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.479626][T13524] R13: 00007f83fc076038 R14: 00007f83fc075fa0 R15: 00007fffaf8c0b88
[  239.479649][T13524]  </TASK>
[  239.741682][T13524] EXT4-fs: Ignoring removed oldalloc option
[  239.765970][ T2968] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.778076][ T3529] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.786352][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.964293][T13536] iso9660: Unknown parameter 'de'
[  240.068574][T13547] ext4: Unknown parameter 'measure'
[  240.118136][T13547] set_capacity_and_notify: 7 callbacks suppressed
[  240.118153][T13547] loop6: detected capacity change from 0 to 2048
[  240.153572][T13547] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  240.209384][T13547] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 30 with max blocks 1 with error 28
[  240.221747][T13547] EXT4-fs (loop6): This should not happen!! Data will be lost
[  240.221747][T13547] 
[  240.231494][T13547] EXT4-fs (loop6): Total free blocks count 0
[  240.237622][T13547] EXT4-fs (loop6): Free/Dirty block details
[  240.243543][T13547] EXT4-fs (loop6): free_blocks=2415919104
[  240.249317][T13547] EXT4-fs (loop6): dirty_blocks=32
[  240.254666][T13547] EXT4-fs (loop6): Block reservation details
[  240.260819][T13547] EXT4-fs (loop6): i_reserved_data_blocks=2
[  240.315585][   T29] kauditd_printk_skb: 490 callbacks suppressed
[  240.315599][   T29] audit: type=1326 audit(1767261338.653:22423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  240.336868][T13551] lo speed is unknown, defaulting to 1000
[  240.346416][   T29] audit: type=1326 audit(1767261338.653:22424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  240.566757][T13574] lo speed is unknown, defaulting to 1000
[  240.771310][T13570] loop0: detected capacity change from 0 to 512
[  240.789287][T13570] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  240.823930][ T3541] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.837941][   T29] audit: type=1326 audit(1767261338.693:22425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  240.861568][   T29] audit: type=1326 audit(1767261338.693:22426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  240.885289][   T29] audit: type=1326 audit(1767261338.693:22427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  240.908945][   T29] audit: type=1326 audit(1767261338.693:22428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  240.932674][   T29] audit: type=1326 audit(1767261338.693:22429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  240.956257][   T29] audit: type=1326 audit(1767261338.693:22430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  240.979956][   T29] audit: type=1326 audit(1767261338.693:22431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13546 comm="syz.6.3252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ff7f749 code=0x7ffc0000
[  241.010722][   T29] audit: type=1326 audit(1767261339.203:22432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13569 comm="syz.0.3257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  241.034726][ T3529] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  241.047240][ T3529] EXT4-fs (loop6): This should not happen!! Data will be lost
[  241.047240][ T3529] 
[  241.095332][T13579] FAULT_INJECTION: forcing a failure.
[  241.095332][T13579] name failslab, interval 1, probability 0, space 0, times 0
[  241.108131][T13579] CPU: 0 UID: 0 PID: 13579 Comm: syz.5.3260 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  241.108164][T13579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  241.108180][T13579] Call Trace:
[  241.108192][T13579]  <TASK>
[  241.108201][T13579]  __dump_stack+0x1d/0x30
[  241.108231][T13579]  dump_stack_lvl+0x95/0xd0
[  241.108277][T13579]  dump_stack+0x15/0x1b
[  241.108305][T13579]  should_fail_ex+0x265/0x280
[  241.108332][T13579]  should_failslab+0x8c/0xb0
[  241.108409][T13579]  kmem_cache_alloc_node_noprof+0x6b/0x4c0
[  241.108434][T13579]  ? __alloc_skb+0x2ff/0x4b0
[  241.108490][T13579]  __alloc_skb+0x2ff/0x4b0
[  241.108525][T13579]  ? __alloc_skb+0x228/0x4b0
[  241.108549][T13579]  netlink_alloc_large_skb+0xbf/0xf0
[  241.108579][T13579]  netlink_sendmsg+0x3cf/0x6b0
[  241.108696][T13579]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.108730][T13579]  __sock_sendmsg+0x145/0x180
[  241.108750][T13579]  ____sys_sendmsg+0x31e/0x4a0
[  241.108782][T13579]  ___sys_sendmsg+0x17b/0x1d0
[  241.108833][T13579]  __x64_sys_sendmsg+0xd4/0x160
[  241.108867][T13579]  x64_sys_call+0x17ba/0x3000
[  241.108892][T13579]  do_syscall_64+0xca/0x2b0
[  241.108981][T13579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.109003][T13579] RIP: 0033:0x7f708bc0f749
[  241.109019][T13579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.109041][T13579] RSP: 002b:00007f708a677038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  241.109078][T13579] RAX: ffffffffffffffda RBX: 00007f708be65fa0 RCX: 00007f708bc0f749
[  241.109090][T13579] RDX: 0000000000040880 RSI: 0000200000000280 RDI: 0000000000000006
[  241.109103][T13579] RBP: 00007f708a677090 R08: 0000000000000000 R09: 0000000000000000
[  241.109115][T13579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.109128][T13579] R13: 00007f708be66038 R14: 00007f708be65fa0 R15: 00007ffce5bea308
[  241.109148][T13579]  </TASK>
[  241.332704][T13584] loop3: detected capacity change from 0 to 1024
[  241.374623][T13584] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  241.392066][T13592] loop0: detected capacity change from 0 to 1024
[  241.405353][T13592] EXT4-fs: Ignoring removed orlov option
[  241.412856][T13584] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.3262: bad orphan inode 134217728
[  241.433053][T13601] loop6: detected capacity change from 0 to 512
[  241.442312][T13601] ext4: Unknown parameter 'measure'
[  241.461912][T13592] program syz.0.3267 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  241.498037][T13604] syz_tun: refused to change device tx_queue_len
[  241.498037][T13601] loop6: detected capacity change from 0 to 2048
[  241.531342][T13601] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  241.558948][T13601] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 30 with max blocks 1 with error 28
[  241.571295][T13601] EXT4-fs (loop6): This should not happen!! Data will be lost
[  241.571295][T13601] 
[  241.581001][T13601] EXT4-fs (loop6): Total free blocks count 0
[  241.587058][T13601] EXT4-fs (loop6): Free/Dirty block details
[  241.592988][T13601] EXT4-fs (loop6): free_blocks=2415919104
[  241.599227][T13601] EXT4-fs (loop6): dirty_blocks=32
[  241.604516][T13601] EXT4-fs (loop6): Block reservation details
[  241.610641][T13601] EXT4-fs (loop6): i_reserved_data_blocks=2
[  241.690553][ T5904] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  241.703021][ T5904] EXT4-fs (loop6): This should not happen!! Data will be lost
[  241.703021][ T5904] 
[  241.845819][T13619] lo speed is unknown, defaulting to 1000
[  241.850102][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.920114][T13622] loop5: detected capacity change from 0 to 2048
[  242.026873][T13622] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.026903][T13631] __nla_validate_parse: 2 callbacks suppressed
[  242.026917][T13631] netlink: 100 bytes leftover after parsing attributes in process `syz.3.3277'.
[  242.072977][T13633] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3278'.
[  242.106486][T13635] veth1_macvtap: left promiscuous mode
[  242.112317][T13635] macsec0: entered allmulticast mode
[  242.140644][T13637] veth1_macvtap: entered promiscuous mode
[  242.146485][T13637] veth1_macvtap: entered allmulticast mode
[  242.164544][T13644] loop5: detected capacity change from 0 to 512
[  242.216806][T13637] macsec0: left allmulticast mode
[  242.221902][T13637] veth1_macvtap: left allmulticast mode
[  242.246415][T13645] syz_tun: refused to change device tx_queue_len
[  242.282221][T13638] lo speed is unknown, defaulting to 1000
[  242.367958][T13652] loop3: detected capacity change from 0 to 2048
[  242.448519][T13644] lo speed is unknown, defaulting to 1000
[  242.468351][T13659] loop2: detected capacity change from 0 to 2048
[  242.480194][T13661] EXT4-fs (loop3): 1 truncate cleaned up
[  242.488807][T13661] netlink: 9 bytes leftover after parsing attributes in process `syz.3.3286'.
[  242.515839][T13659]  loop2: p1 p2
[  242.603479][T13674] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  242.603479][T13674] The task syz.3.3286 (13674) triggered the difference, watch for misbehavior.
[  242.805612][ T3397] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.813867][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.886710][ T3541] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.926830][T13684] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  243.070359][T13685] SELinux:  Context system_u:object_r:getty_etc_t:s0 is not valid (left unmapped).
[  243.127864][T13687] syz_tun: refused to change device tx_queue_len
[  243.209289][T13689]  loop5: p1 < > p4
[  243.213705][T13689] loop5: p4 size 8388608 extends beyond EOD, truncated
[  243.479784][T13706] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  243.493739][T13706] EXT4-fs (loop2): orphan cleanup on readonly fs
[  243.503252][T13718] ext4 filesystem being mounted at /51/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  243.546924][T13706] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.3302: corrupted inode contents
[  243.566657][T13706] EXT4-fs (loop2): Remounting filesystem read-only
[  243.593086][T13706] EXT4-fs (loop2): 1 truncate cleaned up
[  243.599853][ T9328] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  243.610512][ T9328] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  243.621576][T13724] netlink: 'syz.6.3308': attribute type 1 has an invalid length.
[  243.630745][ T9328] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  243.712543][T13730] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3310'.
[  243.723909][T13731] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3309'.
[  243.749522][T13730] /dev/loop5: Can't open blockdev
[  243.855876][T13736] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  243.925948][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  243.951763][ T1599] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.967387][T13742] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3314'.
[  244.001096][ T1599] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.051862][T13745] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3316'.
[  244.064723][ T1599] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.119015][T13748] EXT4-fs: Ignoring removed i_version option
[  244.125142][T13748] EXT4-fs: Ignoring removed bh option
[  244.140652][T13748] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  244.221116][ T1599] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.246807][ T9328] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  244.282227][T13766] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  244.291285][T13766] EXT4-fs (loop3): 1 truncate cleaned up
[  244.308532][ T1599] bridge_slave_1: left allmulticast mode
[  244.314344][ T1599] bridge_slave_1: left promiscuous mode
[  244.320134][ T1599] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.329251][ T1599] bridge_slave_0: left allmulticast mode
[  244.334944][ T1599] bridge_slave_0: left promiscuous mode
[  244.340695][ T1599] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.362533][T13766] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  244.413992][T13774] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  244.424036][T13775] ext4 filesystem being mounted at /345/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.490623][ T1599] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.501483][ T1599] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  244.511140][ T1599] bond0 (unregistering): Released all slaves
[  244.561550][T13778] EXT4-fs: inline encryption not supported
[  244.580633][T13747] lo speed is unknown, defaulting to 1000
[  244.581098][T13778] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  244.616140][ T1599] hsr_slave_0: left promiscuous mode
[  244.619674][T13778] EXT4-fs (loop3): 1 truncate cleaned up
[  244.628476][ T1599] hsr_slave_1: left promiscuous mode
[  244.634367][ T1599] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  244.641826][ T1599] batman_adv: batadv0: Removing interface: batadv_slave_0
[  244.650725][ T1599] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  244.658205][ T1599] batman_adv: batadv0: Removing interface: batadv_slave_1
[  244.675712][ T1599] veth1_macvtap: left promiscuous mode
[  244.686851][ T1599] veth0_macvtap: left promiscuous mode
[  244.686949][ T1599] veth1_vlan: left promiscuous mode
[  244.697838][ T1599] veth0_vlan: left promiscuous mode
[  244.709799][T13781] rdma_op ffff88815ab63d80 conn xmit_rdma 0000000000000000
[  244.858210][ T1599] team0 (unregistering): Port device team_slave_1 removed
[  244.874611][ T1599] team0 (unregistering): Port device team_slave_0 removed
[  244.914278][T13785] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3327'.
[  244.923430][ T3397] lo speed is unknown, defaulting to 1000
[  244.929308][ T3397] infiniband syz2: ib_query_port failed (-19)
[  244.965541][   T36] net_ratelimit: 1 callbacks suppressed
[  244.965557][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.047581][T13747] chnl_net:caif_netlink_parms(): no params data found
[  245.063589][T13803] FAULT_INJECTION: forcing a failure.
[  245.063589][T13803] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.076899][T13803] CPU: 1 UID: 0 PID: 13803 Comm: syz.6.3333 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  245.076931][T13803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  245.076944][T13803] Call Trace:
[  245.077024][T13803]  <TASK>
[  245.077073][T13803]  __dump_stack+0x1d/0x30
[  245.077097][T13803]  dump_stack_lvl+0x95/0xd0
[  245.077119][T13803]  dump_stack+0x15/0x1b
[  245.077281][T13803]  should_fail_ex+0x265/0x280
[  245.077409][T13803]  should_fail+0xb/0x20
[  245.077435][T13803]  should_fail_usercopy+0x1a/0x20
[  245.077467][T13803]  _copy_from_user+0x1c/0xb0
[  245.077495][T13803]  ___sys_recvmsg+0xaa/0x370
[  245.077589][T13803]  ? save_fpregs_to_fpstate+0x100/0x160
[  245.077628][T13803]  do_recvmmsg+0x1ef/0x540
[  245.077672][T13803]  __x64_sys_recvmmsg+0xfb/0x170
[  245.077783][T13803]  x64_sys_call+0x2b75/0x3000
[  245.077850][T13803]  do_syscall_64+0xca/0x2b0
[  245.077892][T13803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.077913][T13803] RIP: 0033:0x7f3d5ff7f749
[  245.077984][T13803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.078008][T13803] RSP: 002b:00007f3d5e9e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  245.078028][T13803] RAX: ffffffffffffffda RBX: 00007f3d601d5fa0 RCX: 00007f3d5ff7f749
[  245.078040][T13803] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  245.078052][T13803] RBP: 00007f3d5e9e7090 R08: 0000200000003700 R09: 0000000000000000
[  245.078105][T13803] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000002
[  245.078186][T13803] R13: 00007f3d601d6038 R14: 00007f3d601d5fa0 R15: 00007ffcb7d8f138
[  245.078211][T13803]  </TASK>
[  245.274116][T13808] sd 0:0:1:0: device reset
[  245.327954][T13747] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.335077][T13747] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.351676][T13747] bridge_slave_0: entered allmulticast mode
[  245.360760][T13747] bridge_slave_0: entered promiscuous mode
[  245.368227][T13747] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.375378][T13747] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.383011][T13747] bridge_slave_1: entered allmulticast mode
[  245.389643][T13747] bridge_slave_1: entered promiscuous mode
[  245.399093][   T29] kauditd_printk_skb: 349 callbacks suppressed
[  245.399110][   T29] audit: type=1400 audit(1767261343.713:22776): avc:  denied  { connect } for  pid=13814 comm="syz.6.3335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  245.426421][T13799] set_capacity_and_notify: 12 callbacks suppressed
[  245.426438][T13799] loop0: detected capacity change from 0 to 32768
[  245.443653][   T29] audit: type=1326 audit(1767261343.733:22777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7efe6899f7d7 code=0x7ffc0000
[  245.467397][   T29] audit: type=1326 audit(1767261343.763:22778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efe6899df90 code=0x7ffc0000
[  245.491188][   T29] audit: type=1326 audit(1767261343.763:22779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efe6899f34b code=0x7ffc0000
[  245.516252][T13808] netlink: 'syz.0.3332': attribute type 4 has an invalid length.
[  245.519873][   T29] audit: type=1326 audit(1767261343.823:22780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7efe6899e3aa code=0x7ffc0000
[  245.547652][   T29] audit: type=1326 audit(1767261343.823:22781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efe6899f34b code=0x7ffc0000
[  245.571454][   T29] audit: type=1326 audit(1767261343.823:22782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efe6899f34b code=0x7ffc0000
[  245.596214][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.604526][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.626748][T13799]  loop0: p1 p2 p3 < p5 p6 >
[  245.632160][T13799] loop0: p2 size 16775168 extends beyond EOD, truncated
[  245.641484][T13799] loop0: p5 start 4294970168 is beyond EOD, truncated
[  245.650903][T13747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.670186][   T29] audit: type=1326 audit(1767261343.983:22783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7efe6899de3a code=0x7ffc0000
[  245.693952][   T29] audit: type=1326 audit(1767261343.983:22784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7efe6899ecc7 code=0x7ffc0000
[  245.717655][   T29] audit: type=1326 audit(1767261343.983:22785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13798 comm="syz.0.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7efe6899de3a code=0x7ffc0000
[  245.721782][T13747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.858930][T13747] team0: Port device team_slave_0 added
[  245.864769][T13834] syz_tun: refused to change device tx_queue_len
[  245.873045][T13747] team0: Port device team_slave_1 added
[  245.887283][T13835] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3340'.
[  245.910629][T13747] batman_adv: batadv0: Adding interface: batadv_slave_0
[  245.910645][T13747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  245.910737][T13747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.911316][T13747] batman_adv: batadv0: Adding interface: batadv_slave_1
[  245.911393][T13747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  245.911419][T13747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  245.972418][T13747] hsr_slave_0: entered promiscuous mode
[  245.972941][T13747] hsr_slave_1: entered promiscuous mode
[  245.973209][T13747] debugfs: 'hsr0' already exists in 'hsr'
[  245.973220][T13747] Cannot create hsr debugfs directory
[  246.005576][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  246.070616][T13839] lo speed is unknown, defaulting to 1000
[  246.070709][T13839] lo speed is unknown, defaulting to 1000
[  246.070923][T13839] lo speed is unknown, defaulting to 1000
[  246.072021][T13839] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  246.075317][T13839] lo speed is unknown, defaulting to 1000
[  246.076189][T13839] lo speed is unknown, defaulting to 1000
[  246.076611][T13839] lo speed is unknown, defaulting to 1000
[  246.076887][T13839] lo speed is unknown, defaulting to 1000
[  246.077230][T13839] lo speed is unknown, defaulting to 1000
[  246.077610][T13839] lo speed is unknown, defaulting to 1000
[  246.330051][T13854] loop2: detected capacity change from 0 to 128
[  246.485721][T13747] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  246.514176][T13858] loop3: detected capacity change from 0 to 512
[  246.528610][T13747] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  246.543987][T13747] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  246.559650][T13747] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  246.567475][T13858] EXT4-fs (loop3): inodes count not valid: 6144 vs 32
[  246.664028][T13871] netlink: 'syz.0.3351': attribute type 2 has an invalid length.
[  246.672006][T13871] netlink: 'syz.0.3351': attribute type 1 has an invalid length.
[  246.681485][T13871] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3351'.
[  246.697431][T13747] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.705071][T13871] netlink: 'syz.0.3351': attribute type 10 has an invalid length.
[  246.719068][T13747] 8021q: adding VLAN 0 to HW filter on device team0
[  246.727328][T13871] batman_adv: batadv0: Adding interface: veth1_vlan
[  246.734032][T13871] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  246.760527][T13871] batman_adv: batadv0: Interface activated: veth1_vlan
[  246.771262][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.778423][ T5928] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.798586][ T9328] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.805733][ T9328] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.856855][ T5897] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.938648][ T5897] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.009153][ T5897] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.056227][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.057769][ T5897] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.140629][T13747] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.183055][T13906] __nla_validate_parse: 2 callbacks suppressed
[  247.183142][T13906] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3358'.
[  247.298293][ T5897] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  247.315301][ T5897] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.336548][ T5897] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  247.358012][ T5897] bond0 (unregistering): Released all slaves
[  247.409036][ T5897] tipc: Left network mode
[  247.538045][T13747] veth0_vlan: entered promiscuous mode
[  247.557840][T13747] veth1_vlan: entered promiscuous mode
[  247.590833][T13747] veth0_macvtap: entered promiscuous mode
[  247.608286][T13747] veth1_macvtap: entered promiscuous mode
[  247.630655][T13747] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.657414][T13747] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.674950][ T9334] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.702374][ T9334] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.719909][ T9334] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.729302][ T9334] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.770728][T13885] lo speed is unknown, defaulting to 1000
[  247.783227][T13876] lo speed is unknown, defaulting to 1000
[  247.796736][T13924] loop0: detected capacity change from 0 to 512
[  247.805702][T13924] EXT4-fs: inline encryption not supported
[  247.825808][T13924] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  247.890830][T13924] EXT4-fs (loop0): 1 truncate cleaned up
[  247.903375][T13928] lo speed is unknown, defaulting to 1000
[  247.939407][T13885] chnl_net:caif_netlink_parms(): no params data found
[  248.043315][ T5897] hsr_slave_0: left promiscuous mode
[  248.062021][ T5897] hsr_slave_1: left promiscuous mode
[  248.108041][ T5897] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  248.115672][ T5897] batman_adv: batadv0: Removing interface: batadv_slave_1
[  248.199532][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.243382][T13924] rdma_op ffff88814089dd80 conn xmit_rdma 0000000000000000
[  248.255353][ T5897] veth1_vlan: left promiscuous mode
[  248.262649][ T5897] veth0_vlan: left promiscuous mode
[  248.378622][ T5897] team0 (unregistering): Port device team_slave_1 removed
[  248.391072][ T5897] team0 (unregistering): Port device team_slave_0 removed
[  248.544338][T13885] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.551541][T13885] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.559022][T13885] bridge_slave_0: entered allmulticast mode
[  248.565660][T13885] bridge_slave_0: entered promiscuous mode
[  248.572232][T13937] lo speed is unknown, defaulting to 1000
[  248.599882][T13885] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.607278][T13885] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.614593][T13885] bridge_slave_1: entered allmulticast mode
[  248.621197][T13885] bridge_slave_1: entered promiscuous mode
[  248.647993][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.656285][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.667549][T13885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.691190][T13885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.714106][T13885] team0: Port device team_slave_0 added
[  248.722879][T13885] team0: Port device team_slave_1 added
[  248.753173][T13953] loop0: detected capacity change from 0 to 128
[  248.761088][T13885] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.768138][T13885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  248.794084][T13885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.809015][T13885] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.816137][T13885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  248.842358][T13885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.888904][T13885] hsr_slave_0: entered promiscuous mode
[  248.895740][T13885] hsr_slave_1: entered promiscuous mode
[  248.905557][T13885] debugfs: 'hsr0' already exists in 'hsr'
[  248.911402][T13885] Cannot create hsr debugfs directory
[  248.934954][ T5897] IPVS: stop unused estimator thread 0...
[  249.074222][T13960] bio_check_eod: 7996 callbacks suppressed
[  249.074240][T13960] syz.0.3367: attempt to access beyond end of device
[  249.074240][T13960] loop0: rw=2049, sector=153, nr_sectors = 8 limit=128
[  249.152451][T13960] syz.0.3367: attempt to access beyond end of device
[  249.152451][T13960] loop0: rw=2049, sector=169, nr_sectors = 8 limit=128
[  249.184116][T13964] loop3: detected capacity change from 0 to 512
[  249.197221][T13960] syz.0.3367: attempt to access beyond end of device
[  249.197221][T13960] loop0: rw=2049, sector=185, nr_sectors = 8 limit=128
[  249.211829][T13960] syz.0.3367: attempt to access beyond end of device
[  249.211829][T13960] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128
[  249.225679][T13960] syz.0.3367: attempt to access beyond end of device
[  249.225679][T13960] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128
[  249.239274][T13964] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  249.249120][T13964] EXT4-fs (loop3): orphan cleanup on readonly fs
[  249.256917][T13964] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.3370: corrupted inode contents
[  249.269216][T13964] EXT4-fs (loop3): Remounting filesystem read-only
[  249.276032][T13964] EXT4-fs (loop3): 1 truncate cleaned up
[  249.281955][T13960] syz.0.3367: attempt to access beyond end of device
[  249.281955][T13960] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128
[  249.295935][ T5925] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  249.306638][ T5925] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  249.319569][T13885] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  249.326831][T13960] syz.0.3367: attempt to access beyond end of device
[  249.326831][T13960] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128
[  249.342173][T13885] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  249.349348][ T5925] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  249.353544][T13885] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  249.366966][T13960] syz.0.3367: attempt to access beyond end of device
[  249.366966][T13960] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128
[  249.382646][T13885] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  249.389630][T13960] syz.0.3367: attempt to access beyond end of device
[  249.389630][T13960] loop0: rw=2049, sector=281, nr_sectors = 8 limit=128
[  249.405984][T13960] syz.0.3367: attempt to access beyond end of device
[  249.405984][T13960] loop0: rw=2049, sector=297, nr_sectors = 8 limit=128
[  249.461833][T13885] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.476344][T13885] 8021q: adding VLAN 0 to HW filter on device team0
[  249.487228][ T9334] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.494407][ T9334] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.548896][ T5925] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.556035][ T5925] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.632410][T13986] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.667011][T13885] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  249.677483][T13885] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  249.767824][T13986] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.819187][T13997] program syz.0.3378 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  249.833302][T13997] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  249.852405][T13997] lo speed is unknown, defaulting to 1000
[  249.868016][T13997] lo speed is unknown, defaulting to 1000
[  249.878296][T13985] loop5: detected capacity change from 0 to 128
[  249.884965][T13997] lo speed is unknown, defaulting to 1000
[  249.902754][T13997] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  249.919196][T13986] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.950190][T13997] lo speed is unknown, defaulting to 1000
[  249.970449][T13997] lo speed is unknown, defaulting to 1000
[  249.977204][T13997] lo speed is unknown, defaulting to 1000
[  249.984654][T13997] lo speed is unknown, defaulting to 1000
[  249.989805][T13885] 8021q: adding VLAN 0 to HW filter on device batadv0
[  249.998078][T13997] lo speed is unknown, defaulting to 1000
[  250.024787][T13986] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.088600][ T5923] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.107173][ T5923] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.119544][ T5923] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.119917][T14002] loop3: detected capacity change from 0 to 512
[  250.127962][ T5923] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.145179][T14002] EXT4-fs: inline encryption not supported
[  250.161865][T14002] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  250.187318][T14002] EXT4-fs (loop3): 1 truncate cleaned up
[  250.219863][T14022] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3382'.
[  250.272747][T13885] veth0_vlan: entered promiscuous mode
[  250.281585][T13885] veth1_vlan: entered promiscuous mode
[  250.299504][T14002] rdma_op ffff888184cea580 conn xmit_rdma 0000000000000000
[  250.308005][T13885] veth0_macvtap: entered promiscuous mode
[  250.316132][T13885] veth1_macvtap: entered promiscuous mode
[  250.327149][T13885] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.336408][T14031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3385'.
[  250.346938][T13885] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.357349][ T5923] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.370262][ T5923] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.384825][ T5923] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.416764][ T5923] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.589061][T14055] lo speed is unknown, defaulting to 1000
[  250.596222][T14055] lo speed is unknown, defaulting to 1000
[  250.657725][   T29] kauditd_printk_skb: 69 callbacks suppressed
[  250.657743][   T29] audit: type=1400 audit(1767261348.993:22849): avc:  denied  { name_bind } for  pid=14057 comm="syz.3.3395" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  250.732247][   T29] audit: type=1326 audit(1767261349.023:22850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.756000][   T29] audit: type=1326 audit(1767261349.023:22851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.779655][   T29] audit: type=1326 audit(1767261349.023:22852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.803356][   T29] audit: type=1326 audit(1767261349.023:22853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.827103][   T29] audit: type=1326 audit(1767261349.023:22854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.850671][   T29] audit: type=1326 audit(1767261349.023:22855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.874273][   T29] audit: type=1326 audit(1767261349.023:22856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.897977][   T29] audit: type=1326 audit(1767261349.033:22857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.921481][   T29] audit: type=1326 audit(1767261349.033:22858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz.3.3395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  250.958650][T14066] loop6: detected capacity change from 0 to 256
[  251.042354][T14070] loop0: detected capacity change from 0 to 512
[  251.116148][T14070] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  251.205285][T14070] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  251.214250][T14070] FAT-fs (loop0): Filesystem has been set read-only
[  251.255567][T14070] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 548)
[  251.257667][T14067] lo speed is unknown, defaulting to 1000
[  251.264378][T14070] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 548)
[  251.270331][T14067] lo speed is unknown, defaulting to 1000
[  251.301763][T14065] lo speed is unknown, defaulting to 1000
[  251.315103][T14070] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3398'.
[  251.331189][T14065] lo speed is unknown, defaulting to 1000
[  251.466425][T14087] loop5: detected capacity change from 0 to 1024
[  251.473266][T14087] EXT4-fs: Ignoring removed orlov option
[  251.484055][T14091] IPv6: NLM_F_CREATE should be specified when creating new route
[  251.501996][T14087] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  251.678219][T14111] loop3: detected capacity change from 0 to 2048
[  251.736329][T14111] syz_tun: refused to change device tx_queue_len
[  251.777537][T14095] loop0: detected capacity change from 0 to 512
[  251.784346][T14095] EXT4-fs: inline encryption not supported
[  251.800501][T14123] syz_tun: refused to change device tx_queue_len
[  251.807987][T14095] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  251.831012][T14126] loop5: detected capacity change from 0 to 512
[  251.839335][T14095] EXT4-fs (loop0): 1 truncate cleaned up
[  251.925876][T14126] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  251.938728][T14095] rdma_op ffff88811a5be180 conn xmit_rdma 0000000000000000
[  251.949208][T14126] EXT4-fs (loop5): 1 truncate cleaned up
[  251.978810][T14126] netlink: 19 bytes leftover after parsing attributes in process `syz.5.3406'.
[  252.018849][T14136] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3408'.
[  252.039299][T12521] EXT4-fs unmount: 48 callbacks suppressed
[  252.039379][T12521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.183663][T14131] loop3: detected capacity change from 0 to 512
[  252.190443][T14131] EXT4-fs: inline encryption not supported
[  252.197282][T14131] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  252.222458][T14131] EXT4-fs (loop3): 1 truncate cleaned up
[  252.232189][T14131] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.259560][T14147] loop6: detected capacity change from 0 to 512
[  252.291180][T14147] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  252.299594][T14147] EXT4-fs (loop6): orphan cleanup on readonly fs
[  252.308751][T14153] xt_connbytes: Forcing CT accounting to be enabled
[  252.325597][T14135] rdma_op ffff8881038a9d80 conn xmit_rdma 0000000000000000
[  252.372245][T14147] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.3411: corrupted inode contents
[  252.385773][T14147] EXT4-fs (loop6): Remounting filesystem read-only
[  252.402580][T14147] EXT4-fs (loop6): 1 truncate cleaned up
[  252.408814][ T5926] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  252.419708][ T5926] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  252.468079][ T5926] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  252.484846][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.487978][T14147] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.524796][T14147] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.797328][T14179] IPVS: dh: FWM 3 0x00000003 - no destination available
[  252.804544][ T3541] IPVS: starting estimator thread 0...
[  252.842746][T14172] loop3: detected capacity change from 0 to 256
[  252.895707][T14180] IPVS: using max 2160 ests per chain, 108000 per kthread
[  252.946032][T14189] veth2: entered promiscuous mode
[  252.951213][T14189] veth2: entered allmulticast mode
[  253.133725][T14206] siw: device registration error -23
[  253.177236][T14216] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3428'.
[  253.221154][T14073] loop2: detected capacity change from 0 to 512
[  253.236379][T14073] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  253.257039][T14073] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  253.273300][T14073] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.3397: corrupted in-inode xattr: e_value size too large
[  253.288398][T14073] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3397: couldn't read orphan inode 15 (err -117)
[  253.317335][T14224] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  253.317424][T14073] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.337652][T14224] EXT4-fs (loop6): orphan cleanup on readonly fs
[  253.345877][T14224] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.3430: corrupted inode contents
[  253.366084][T14224] EXT4-fs (loop6): Remounting filesystem read-only
[  253.382355][T14224] EXT4-fs (loop6): 1 truncate cleaned up
[  253.388722][ T5928] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  253.399311][ T5928] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  253.410041][ T5928] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  253.440645][T14224] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  253.460456][T14224] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.516968][T11564] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.533670][T14240] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  253.551743][T14240] EXT4-fs (loop0): 1 truncate cleaned up
[  253.573620][T14240] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.626694][T14240] netlink: 19 bytes leftover after parsing attributes in process `syz.0.3431'.
[  253.702104][T14257] EXT4-fs: Ignoring removed orlov option
[  253.731802][T12521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.733275][T14257] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.765347][T14260] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  253.778389][T11564] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.802249][T14260] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  253.848573][T14268] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3438'.
[  253.857732][T14271] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  253.936154][T14279] 9p: Bad value for 'wfdno'
[  253.948953][T14281] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3441'.
[  253.967325][T14282] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  253.985923][T14282] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.085971][T14285] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  254.100042][T14285] EXT4-fs (loop3): orphan cleanup on readonly fs
[  254.118101][T14285] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.3444: corrupted inode contents
[  254.131552][T14285] EXT4-fs (loop3): Remounting filesystem read-only
[  254.138431][T14285] EXT4-fs (loop3): 1 truncate cleaned up
[  254.144488][ T9334] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  254.155297][ T9334] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  254.166956][ T9334] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  254.178398][T14285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  254.192297][T14285] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.201948][T14280] EXT4-fs: inline encryption not supported
[  254.211740][T14280] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  254.246609][T14280] EXT4-fs (loop6): 1 truncate cleaned up
[  254.252701][T14280] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.312783][T14280] rdma_op ffff888129bf1580 conn xmit_rdma 0000000000000000
[  254.434133][T13885] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.452491][T14305] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3450'.
[  254.534473][T14305] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.541763][T14305] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.626986][T14305] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.637772][T14305] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.718647][ T9334] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  254.745749][ T9334] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  254.754711][ T9334] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  254.772981][T14313] xt_l2tp: v2 doesn't support IP mode
[  254.797389][ T9334] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  254.809583][T14315] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.876950][T14315] siw: device registration error -23
[  254.900692][T14315] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  254.926047][T13885] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.010837][T14319] EXT4-fs: inline encryption not supported
[  255.022006][T14319] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  255.035218][T14329] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  255.043582][T14329] EXT4-fs (loop6): orphan cleanup on readonly fs
[  255.046544][T13747] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  255.060583][T14319] EXT4-fs (loop3): 1 truncate cleaned up
[  255.067224][T14319] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.080321][T14329] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.3458: corrupted inode contents
[  255.095606][T14329] EXT4-fs (loop6): Remounting filesystem read-only
[  255.102306][T14329] EXT4-fs (loop6): 1 truncate cleaned up
[  255.110831][ T5897] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  255.121577][ T5897] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  255.136259][ T5897] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  255.150076][T14325] rdma_op ffff8881573fd580 conn xmit_rdma 0000000000000000
[  255.158080][T14329] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  255.184145][T14329] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.198397][T14339] pimreg: entered allmulticast mode
[  255.211389][T14339] pimreg: left allmulticast mode
[  255.347273][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.500254][T14354] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.529708][T14354] siw: device registration error -23
[  255.536407][T14354] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  255.559461][T14359] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3467'.
[  255.569235][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.623097][T14363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3469'.
[  255.698825][   T29] kauditd_printk_skb: 402 callbacks suppressed
[  255.698844][   T29] audit: type=1400 audit(1767261354.033:23237): avc:  denied  { lock } for  pid=14366 comm="syz.5.3472" path="socket:[45211]" dev="sockfs" ino=45211 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  255.732801][T14367] netlink: 'syz.5.3472': attribute type 1 has an invalid length.
[  255.740628][T14367] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3472'.
[  255.751877][T14369] syz_tun: refused to change device tx_queue_len
[  255.803286][   T29] audit: type=1326 audit(1767261354.133:23238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7af8d1f749 code=0x7ffc0000
[  255.829108][T14378] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3473'.
[  255.837597][   T29] audit: type=1326 audit(1767261354.163:23239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7af8d1f749 code=0x7ffc0000
[  255.861771][   T29] audit: type=1326 audit(1767261354.163:23240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7af8d1f749 code=0x7ffc0000
[  255.861818][   T29] audit: type=1326 audit(1767261354.163:23241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7af8d1f749 code=0x7ffc0000
[  255.861901][   T29] audit: type=1326 audit(1767261354.163:23242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7af8d1f749 code=0x7ffc0000
[  255.861936][   T29] audit: type=1326 audit(1767261354.163:23243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7af8d1f749 code=0x7ffc0000
[  255.861972][   T29] audit: type=1326 audit(1767261354.163:23244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7af8d1df90 code=0x7ffc0000
[  255.862007][   T29] audit: type=1326 audit(1767261354.163:23245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f7af8d20f77 code=0x7ffc0000
[  255.862062][   T29] audit: type=1326 audit(1767261354.163:23246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14376 comm="syz.5.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7af8d1f749 code=0x7ffc0000
[  255.923102][T14380] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.983812][T14380] siw: device registration error -23
[  255.984881][T14380] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  256.033050][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.112743][T14392] set_capacity_and_notify: 16 callbacks suppressed
[  256.112780][T14392] loop0: detected capacity change from 0 to 512
[  256.146392][T14387] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  256.153045][T14387] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  256.160512][T14387] vhci_hcd vhci_hcd.0: Device attached
[  256.179287][T14398] loop6: detected capacity change from 0 to 2048
[  256.194663][T14395] loop3: detected capacity change from 0 to 128
[  256.201548][T14392] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  256.208308][T14393] vhci_hcd: connection closed
[  256.211000][ T5928] vhci_hcd vhci_hcd.5: stop threads
[  256.220959][ T5928] vhci_hcd vhci_hcd.5: release socket
[  256.226448][ T5928] vhci_hcd vhci_hcd.5: disconnect device
[  256.234624][T14392] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.266524][T14398] Alternate GPT is invalid, using primary GPT.
[  256.272930][T14398]  loop6: p2 p3 p7
[  256.289436][T14392] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.345124][T14392] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.397297][T14408] syz_tun: refused to change device tx_queue_len
[  256.407926][T14405] lo speed is unknown, defaulting to 1000
[  256.414222][T14405] lo speed is unknown, defaulting to 1000
[  256.671433][T14422] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3490'.
[  256.683822][T14424] loop3: detected capacity change from 0 to 1024
[  256.745206][T14425] lo speed is unknown, defaulting to 1000
[  256.751407][T14425] lo speed is unknown, defaulting to 1000
[  256.843199][T14424] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  256.864840][T14424] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.962933][T14432] FAULT_INJECTION: forcing a failure.
[  256.962933][T14432] name failslab, interval 1, probability 0, space 0, times 0
[  256.975658][T14432] CPU: 1 UID: 0 PID: 14432 Comm: syz.3.3491 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  256.975703][T14432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  256.975720][T14432] Call Trace:
[  256.975729][T14432]  <TASK>
[  256.975740][T14432]  __dump_stack+0x1d/0x30
[  256.975772][T14432]  dump_stack_lvl+0x95/0xd0
[  256.975819][T14432]  dump_stack+0x15/0x1b
[  256.975864][T14432]  should_fail_ex+0x265/0x280
[  256.975889][T14432]  should_failslab+0x8c/0xb0
[  256.975911][T14432]  kmem_cache_alloc_noprof+0x69/0x4b0
[  256.975940][T14432]  ? security_file_alloc+0x32/0x100
[  256.976074][T14432]  security_file_alloc+0x32/0x100
[  256.976134][T14432]  init_file+0x5c/0x1c0
[  256.976187][T14432]  alloc_empty_file+0x8b/0x200
[  256.976277][T14432]  path_openat+0x63/0x23b0
[  256.976312][T14432]  ? _parse_integer_limit+0x170/0x190
[  256.976341][T14432]  ? _parse_integer+0x27/0x40
[  256.976366][T14432]  ? kstrtoull+0x111/0x140
[  256.976391][T14432]  ? kstrtouint+0x76/0xc0
[  256.976492][T14432]  do_filp_open+0x109/0x230
[  256.976544][T14432]  do_sys_openat2+0xa6/0x150
[  256.976573][T14432]  __x64_sys_creat+0x65/0x90
[  256.976660][T14432]  x64_sys_call+0x2f1c/0x3000
[  256.976701][T14432]  do_syscall_64+0xca/0x2b0
[  256.976763][T14432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.976793][T14432] RIP: 0033:0x7f83fbe1f749
[  256.976810][T14432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.976828][T14432] RSP: 002b:00007f83fa85e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  256.976903][T14432] RAX: ffffffffffffffda RBX: 00007f83fc076090 RCX: 00007f83fbe1f749
[  256.976920][T14432] RDX: 0000000000000000 RSI: 0dafbe5d6891b6e4 RDI: 00002000000103c0
[  256.976938][T14432] RBP: 00007f83fa85e090 R08: 0000000000000000 R09: 0000000000000000
[  256.976955][T14432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.977019][T14432] R13: 00007f83fc076128 R14: 00007f83fc076090 R15: 00007fffaf8c0b88
[  256.977042][T14432]  </TASK>
[  257.237511][T14434] pimreg: entered allmulticast mode
[  257.242875][T14430] lo speed is unknown, defaulting to 1000
[  257.249356][T14430] lo speed is unknown, defaulting to 1000
[  257.309514][T14434] pimreg: left allmulticast mode
[  257.396463][T14451] syz_tun: refused to change device tx_queue_len
[  257.403128][ T9328] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm kworker/u8:51: lblock 0 mapped to illegal pblock 0 (length 4)
[  257.437147][ T9328] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  257.449550][ T9328] EXT4-fs (loop3): This should not happen!! Data will be lost
[  257.449550][ T9328] 
[  257.489753][ T1599] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:9: bg 0: block 112: padding at end of block bitmap is not set
[  257.519378][ T1599] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 4 with error 117
[  257.532029][ T1599] EXT4-fs (loop3): This should not happen!! Data will be lost
[  257.532029][ T1599] 
[  257.560520][T14459] IPv6: NLM_F_CREATE should be specified when creating new route
[  257.594236][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  257.620785][T14457] loop6: detected capacity change from 0 to 8192
[  257.654066][T14457] xt_l2tp: v2 doesn't support IP mode
[  257.794391][T14485] team0 (unregistering): Port device team_slave_0 removed
[  257.812404][T14485] team0 (unregistering): Port device team_slave_1 removed
[  257.829284][T14489] loop0: detected capacity change from 0 to 1024
[  257.836846][T14489] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  257.847839][T14489] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  257.870090][T14489] JBD2: no valid journal superblock found
[  257.875894][T14489] EXT4-fs (loop0): Could not load journal inode
[  257.889492][T14489] loop0: detected capacity change from 0 to 1024
[  257.896417][T14489] EXT4-fs: Ignoring removed bh option
[  257.907692][T14489] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a856c018, mo2=0102]
[  257.916137][T14489] System zones: 1-12
[  257.926976][T14489] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.974361][T12521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.230702][T14520] loop6: detected capacity change from 0 to 512
[  258.238171][T14520] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  258.256009][T14520] EXT4-fs (loop6): 1 truncate cleaned up
[  258.271080][T14518] lo speed is unknown, defaulting to 1000
[  258.276945][T14520] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.277881][T14518] lo speed is unknown, defaulting to 1000
[  258.388743][T13885] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.411876][T14532] loop6: detected capacity change from 0 to 1024
[  258.419516][T14532] EXT4-fs: Ignoring removed nomblk_io_submit option
[  258.456683][T14532] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.641029][T14542] loop5: detected capacity change from 0 to 764
[  258.873847][T14549] pimreg: entered allmulticast mode
[  258.898694][T14549] pimreg: left allmulticast mode
[  259.003098][T14551] pimreg: entered allmulticast mode
[  259.022192][T14551] pimreg: left allmulticast mode
[  259.129056][T14553] __nla_validate_parse: 6 callbacks suppressed
[  259.129145][T14553] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3530'.
[  259.264569][T14557] EXT4-fs: Ignoring removed orlov option
[  259.278526][T14557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.309609][T13885] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  259.320584][T13885] CPU: 0 UID: 0 PID: 13885 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  259.320688][T13885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  259.320701][T13885] Call Trace:
[  259.320709][T13885]  <TASK>
[  259.320717][T13885]  __dump_stack+0x1d/0x30
[  259.320743][T13885]  dump_stack_lvl+0x95/0xd0
[  259.320772][T13885]  dump_stack+0x15/0x1b
[  259.320853][T13885]  dump_header+0x81/0x240
[  259.320879][T13885]  oom_kill_process+0x295/0x350
[  259.320910][T13885]  out_of_memory+0x97b/0xb80
[  259.320937][T13885]  try_charge_memcg+0x610/0xa10
[  259.321071][T13885]  charge_memcg+0x51/0xc0
[  259.321102][T13885]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  259.321140][T13885]  __read_swap_cache_async+0x17b/0x2d0
[  259.321239][T13885]  swap_cluster_readahead+0x262/0x3c0
[  259.321286][T13885]  swapin_readahead+0xde/0x820
[  259.321322][T13885]  ? bpf_strtol+0xcd/0x130
[  259.321349][T13885]  ? __rcu_read_unlock+0x4f/0x70
[  259.321375][T13885]  ? __rcu_read_unlock+0x4f/0x70
[  259.321399][T13885]  ? swap_cache_get_folio+0x277/0x280
[  259.321592][T13885]  do_swap_page+0x2b4/0x21e0
[  259.321626][T13885]  ? _raw_spin_unlock+0x26/0x50
[  259.321700][T13885]  ? __schedule+0x85f/0xcd0
[  259.321726][T13885]  ? __pfx_default_wake_function+0x10/0x10
[  259.321820][T13885]  handle_mm_fault+0x9d8/0x2c60
[  259.321869][T13885]  do_user_addr_fault+0x630/0x1080
[  259.321939][T13885]  exc_page_fault+0x62/0xa0
[  259.321971][T13885]  asm_exc_page_fault+0x26/0x30
[  259.321991][T13885] RIP: 0033:0x7f574c591fc5
[  259.322075][T13885] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 95 1f 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  259.322093][T13885] RSP: 002b:00007ffc46f935d8 EFLAGS: 00010246
[  259.322108][T13885] RAX: 0000000000000000 RBX: 0000000000000054 RCX: 00007f574c591fc3
[  259.322168][T13885] RDX: 00007ffc46f935f0 RSI: 0000000000000000 RDI: 0000000000000000
[  259.322184][T13885] RBP: 00007ffc46f9365c R08: 000000000c8dff68 R09: 0000000000000000
[  259.322200][T13885] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  259.322217][T13885] R13: 00000000000927c0 R14: 000000000003f353 R15: 00007ffc46f936b0
[  259.322242][T13885]  </TASK>
[  259.322261][T13885] memory: usage 307200kB, limit 307200kB, failcnt 526
[  259.546506][T13885] memory+swap: usage 307892kB, limit 9007199254740988kB, failcnt 0
[  259.554528][T13885] kmem: usage 307152kB, limit 9007199254740988kB, failcnt 0
[  259.561860][T13885] Memory cgroup stats for /syz6:
[  259.562630][T13885] cache 12288
[  259.570904][T13885] rss 0
[  259.573759][T13885] shmem 0
[  259.576767][T13885] mapped_file 0
[  259.580249][T13885] dirty 0
[  259.583201][T13885] writeback 8192
[  259.586865][T13885] workingset_refault_anon 173
[  259.591559][T13885] workingset_refault_file 9
[  259.596110][T13885] swap 708608
[  259.599482][T13885] swapcached 32768
[  259.603248][T13885] pgpgin 215298
[  259.606960][T13885] pgpgout 215286
[  259.610524][T13885] pgfault 206899
[  259.614090][T13885] pgmajfault 17
[  259.617603][T13885] inactive_anon 32768
[  259.621600][T13885] active_anon 0
[  259.625079][T13885] inactive_file 8192
[  259.629025][T13885] active_file 8192
[  259.632793][T13885] unevictable 0
[  259.636360][T13885] hierarchical_memory_limit 314572800
[  259.641748][T13885] hierarchical_memsw_limit 9223372036854771712
[  259.647966][T13885] total_cache 12288
[  259.651783][T13885] total_rss 0
[  259.655088][T13885] total_shmem 0
[  259.658604][T13885] total_mapped_file 0
[  259.662649][T13885] total_dirty 0
[  259.666163][T13885] total_writeback 8192
[  259.670281][T13885] total_workingset_refault_anon 173
[  259.675536][T13885] total_workingset_refault_file 9
[  259.680652][T13885] total_swap 708608
[  259.684474][T13885] total_swapcached 32768
[  259.688863][T13885] total_pgpgin 215298
[  259.692855][T13885] total_pgpgout 215286
[  259.696979][T13885] total_pgfault 206899
[  259.701109][T13885] total_pgmajfault 17
[  259.705106][T13885] total_inactive_anon 32768
[  259.709744][T13885] total_active_anon 0
[  259.713842][T13885] total_inactive_file 8192
[  259.718301][T13885] total_active_file 8192
[  259.722558][T13885] total_unevictable 0
[  259.726621][T13885] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.3524,pid=14530,uid=0
[  259.741463][T13885] Memory cgroup out of memory: Killed process 14530 (syz.6.3524) total-vm:94100kB, anon-rss:1136kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  259.759808][T12521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.851193][T13885] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.881621][T14572] EXT4-fs: Ignoring removed mblk_io_submit option
[  259.888270][T14572] EXT4-fs: Ignoring removed i_version option
[  259.905833][T14572] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  259.924410][T14578] syz_tun: refused to change device tx_queue_len
[  259.932331][T14572] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.3538: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  259.964325][T14560] EXT4-fs: inline encryption not supported
[  259.976271][T14560] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  260.005913][T14572] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3538: couldn't read orphan inode 11 (err -117)
[  260.027747][T14572] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.040575][T14560] EXT4-fs (loop5): 1 truncate cleaned up
[  260.049550][T14560] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.075773][T14572] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.3538: Invalid block bitmap block 0 in block_group 0
[  260.091521][T14572] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.3538: Failed to acquire dquot type 0
[  260.153018][T14572] EXT4-fs error (device loop2): ext4_nfs_get_inode:1542: inode #11: comm syz.2.3538: iget: bad extra_isize 65535 (inode size 256)
[  260.213927][T14560] rdma_op ffff88812fed7180 conn xmit_rdma 0000000000000000
[  260.311674][T13747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.564958][T14614] netlink: 'syz.6.3552': attribute type 12 has an invalid length.
[  260.610714][T14572] Set syz1 is full, maxelem 65536 reached
[  260.691760][T14624] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3557'.
[  260.706668][T11564] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.718229][T14624] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3557'.
[  260.728205][  T935] __quota_error: 213 callbacks suppressed
[  260.728224][  T935] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-8
[  260.743144][  T935] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:8: Failed to release dquot type 0
[  260.801216][T14621] xt_l2tp: v2 doesn't support IP mode
[  261.093419][T14657] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3570'.
[  261.173451][T14663] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.184381][T14663] bridge_slave_0 (unregistering): left allmulticast mode
[  261.191565][T14663] bridge_slave_0 (unregistering): left promiscuous mode
[  261.199432][T14663] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.360957][T14684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.370073][T14684] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.412198][T14686] set_capacity_and_notify: 4 callbacks suppressed
[  261.412278][T14686] loop6: detected capacity change from 0 to 512
[  261.427943][T14686] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.3584: corrupted in-inode xattr: invalid ea_ino
[  261.441696][T14686] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.3584: couldn't read orphan inode 15 (err -117)
[  261.455635][T14686] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.482547][T13885] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.542371][T14694] loop6: detected capacity change from 0 to 512
[  261.549870][T14694] EXT4-fs (loop6): unable to read superblock
[  261.558556][   T29] audit: type=1400 audit(1767261359.893:23458): avc:  denied  { append } for  pid=14693 comm="syz.6.3587" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  261.592665][   T29] audit: type=1400 audit(1767261359.893:23459): avc:  denied  { map } for  pid=14693 comm="syz.6.3587" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  261.646135][   T29] audit: type=1400 audit(1767261359.983:23460): avc:  denied  { connect } for  pid=14699 comm="syz.6.3590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  261.667236][   T29] audit: type=1400 audit(1767261360.003:23461): avc:  denied  { shutdown } for  pid=14699 comm="syz.6.3590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  261.735931][T14706] loop6: detected capacity change from 0 to 1024
[  261.760295][T14706] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.801969][T14710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.813963][T14710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.823846][T14710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.832444][T14710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.994606][T13885] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.015844][T14726] loop0: detected capacity change from 0 to 128
[  262.024564][T14726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.040932][T14726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.058444][T14730] xt_CT: You must specify a L4 protocol and not use inversions on it
[  262.097683][T14734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.106350][T14734] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.239673][   T29] audit: type=1326 audit(4332718290.529:23462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14738 comm="syz.5.3604" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7af8d1f749 code=0x0
[  262.295001][   T29] audit: type=1400 audit(4332718290.585:23463): avc:  denied  { mounton } for  pid=14738 comm="syz.5.3604" path="/proc/123/task/124/net/netfilter" dev="proc" ino=4026532608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  262.652366][T14750] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3609'.
[  262.964593][T14761] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.985216][T14761] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.052237][T14763] loop0: detected capacity change from 0 to 512
[  263.072751][T14763] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.407224][T12521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.776411][T14786] loop5: detected capacity change from 0 to 8192
[  263.788571][T14786] vfat filesystem being mounted at /49/file2 supports timestamps until 2107-12-31 (0x10391447e)
[  263.961616][T14790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  264.038942][T14790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  264.079605][T14795] loop0: detected capacity change from 0 to 128
[  264.121966][T14795] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  264.137417][T14795] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.188249][   T29] audit: type=1400 audit(4332718292.328:23464): avc:  denied  { rename } for  pid=14793 comm="syz.0.3627" name="file1" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  264.302584][T12521] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  264.341244][   T29] audit: type=1400 audit(4332718292.356:23465): avc:  denied  { create } for  pid=14793 comm="syz.0.3627" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  264.384169][   T29] audit: type=1400 audit(4332718292.365:23466): avc:  denied  { link } for  pid=14793 comm="syz.0.3627" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  265.299656][T14809] loop3: detected capacity change from 0 to 1024
[  265.306483][T14809] EXT4-fs: Ignoring removed oldalloc option
[  265.313017][T14809] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  265.346619][T14809] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.563025][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.611703][T14821] loop2: detected capacity change from 0 to 1024
[  265.640496][T14821] EXT4-fs: Ignoring removed orlov option
[  265.685042][T14821] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.309197][T11564] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.341242][T14831] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.350571][T14829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.359526][T14831] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.429888][T14829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.608469][T14840] loop0: detected capacity change from 0 to 512
[  266.700133][T14840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.713108][T14840] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  266.948559][T14844] lo speed is unknown, defaulting to 1000
[  266.955345][T14844] lo speed is unknown, defaulting to 1000
[  271.299420][T12521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.121794][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  273.121814][   T29] audit: type=1326 audit(4332718300.098:23470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14860 comm="syz.0.3645" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x0
[  274.740123][T14877] loop3: detected capacity change from 0 to 2048
[  274.768904][T14877] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.937782][T14877] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  275.288563][T14891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.365285][T14891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.749586][T14899] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.769032][T14899] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.010460][   T29] audit: type=1400 audit(4332718303.244:23471): avc:  denied  { mounton } for  pid=14898 comm="syz.5.3656" path="/proc/145/task" dev="proc" ino=47206 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  276.411435][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.444363][T14911] loop2: detected capacity change from 0 to 512
[  276.471546][T14911] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  276.508462][T14911] EXT4-fs (loop2): 1 truncate cleaned up
[  276.533927][T14911] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.601501][   T29] audit: type=1400 audit(4332718303.779:23472): avc:  denied  { unlink } for  pid=14910 comm="syz.2.3660" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  276.678074][T11564] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.781269][T14922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.803342][T14922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.807636][T14926] syzkaller0: entered promiscuous mode
[  276.817410][T14926] syzkaller0: entered allmulticast mode
[  276.867967][   T29] audit: type=1326 audit(4332718304.028:23473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  276.924402][   T29] audit: type=1326 audit(4332718304.056:23474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  276.948098][   T29] audit: type=1326 audit(4332718304.056:23475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  276.971932][   T29] audit: type=1326 audit(4332718304.056:23476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  276.995566][   T29] audit: type=1400 audit(4332718304.056:23477): avc:  denied  { bind } for  pid=14921 comm="syz.3.3664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  277.015245][   T29] audit: type=1326 audit(4332718304.056:23478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  277.038912][   T29] audit: type=1326 audit(4332718304.056:23479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f83fbe1f749 code=0x7ffc0000
[  277.070326][T14932] netlink: 'syz.6.3669': attribute type 29 has an invalid length.
[  277.081159][T14934] netlink: 'syz.6.3669': attribute type 29 has an invalid length.
[  277.264491][T14950] loop2: detected capacity change from 0 to 128
[  277.272273][T14950] msdos filesystem being mounted at /203/file2 supports timestamps until 2107-12-31 (0x10391447e)
[  277.285426][T14950] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3675'.
[  277.398933][T14950] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3675'.
[  278.899020][T14980] loop2: detected capacity change from 0 to 256
[  279.039251][T14980] FAT-fs (loop2): codepage cp866 not found
[  279.364615][T15002] loop6: detected capacity change from 0 to 1024
[  279.371461][T15002] EXT4-fs: Ignoring removed bh option
[  279.376877][T15002] EXT4-fs: inline encryption not supported
[  279.383526][T15002] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  279.395248][T15002] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  279.404402][T15002] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 2: comm syz.6.3694: lblock 2 mapped to illegal pblock 2 (length 1)
[  279.418577][T15002] __quota_error: 27 callbacks suppressed
[  279.418594][T15002] Quota error (device loop6): qtree_write_dquot: dquota write failed
[  279.433136][T15002] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 48: comm syz.6.3694: lblock 0 mapped to illegal pblock 48 (length 1)
[  279.447410][T15002] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  279.456378][T15002] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.3694: Failed to acquire dquot type 0
[  279.468646][T15002] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  279.478150][T15002] EXT4-fs error (device loop6): ext4_evict_inode:253: inode #11: comm syz.6.3694: mark_inode_dirty error
[  279.489680][T15002] EXT4-fs warning (device loop6): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  279.501033][T15002] EXT4-fs (loop6): 1 orphan inode deleted
[  279.507348][T15002] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.524206][ T5928] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:42: lblock 1 mapped to illegal pblock 1 (length 1)
[  279.544522][T15004] tipc: Started in network mode
[  279.549445][T15004] tipc: Node identity ac1414aa, cluster identity 4711
[  279.556540][ T5928] Quota error (device loop6): remove_tree: Can't read quota data block 1
[  279.565103][ T5928] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:42: Failed to release dquot type 0
[  279.565229][T15002] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 1: comm syz.6.3694: lblock 1 mapped to illegal pblock 1 (length 1)
[  279.565382][T15004] tipc: Enabled bearer <udp:syz2>, priority 10
[  279.565522][T15002] Quota error (device loop6): find_next_id: Can't read quota tree block 1
[  279.663974][T15000] lo speed is unknown, defaulting to 1000
[  279.664465][T15000] lo speed is unknown, defaulting to 1000
[  280.211226][T15032] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3705'.
[  281.044856][   T10] tipc: Node number set to 2886997162
[  281.104493][T13885] EXT4-fs error (device loop6): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[  281.156475][T13885] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  281.191199][T13885] EXT4-fs error (device loop6): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  281.234409][   T29] audit: type=1400 audit(4332718308.051:23507): avc:  denied  { read } for  pid=15044 comm="syz.0.3714" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  281.257287][   T29] audit: type=1400 audit(4332718308.061:23508): avc:  denied  { open } for  pid=15044 comm="syz.0.3714" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  281.292662][T15050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.323013][T15050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.385984][T15053] bridge_slave_0 (unregistering): left allmulticast mode
[  281.393188][T15053] bridge_slave_0 (unregistering): left promiscuous mode
[  281.400290][T15053] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.533505][T15058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.542220][T15058] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.646490][T15063] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3720'.
[  281.730430][T15067] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3722'.
[  281.740034][T15067] netlink: 'syz.6.3722': attribute type 2 has an invalid length.
[  281.747896][T15067] netlink: 'syz.6.3722': attribute type 1 has an invalid length.
[  281.755778][T15067] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3722'.
[  281.877152][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.884757][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.892284][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.899737][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.907385][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.914778][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.922223][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.929689][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.937095][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  281.944598][   T10] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  282.047858][   T29] audit: type=1400 audit(4332718308.780:23509): avc:  denied  { ioctl } for  pid=15064 comm="syz.3.3721" path="socket:[48176]" dev="sockfs" ino=48176 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  282.249035][   T10] hid-generic 0000:0000:0003.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  282.284372][T15081] netlink: 'syz.5.3726': attribute type 3 has an invalid length.
[  282.486801][T15085] loop5: detected capacity change from 0 to 512
[  282.494386][T15085] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  282.797842][T15085] EXT4-fs (loop5): 1 truncate cleaned up
[  283.103782][   T29] audit: type=1400 audit(4332718309.786:23510): avc:  denied  { write } for  pid=15091 comm="syz.5.3729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  283.247040][T15107] loop2: detected capacity change from 0 to 1024
[  283.276619][T15107] EXT4-fs: Ignoring removed bh option
[  283.287204][T15107] EXT4-fs: inline encryption not supported
[  283.407743][T15107] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  283.421122][T15115] loop0: detected capacity change from 0 to 128
[  283.449339][T15118] loop3: detected capacity change from 0 to 128
[  283.510983][T15115] msdos filesystem being mounted at /145/file2 supports timestamps until 2107-12-31 (0x10391447e)
[  283.545835][T15115] syzkaller0: entered promiscuous mode
[  283.551362][T15115] syzkaller0: entered allmulticast mode
[  283.658639][T15124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3743'.
[  283.717272][T15107] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  283.726688][T15118] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.739844][T15107] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 2: comm syz.2.3735: lblock 2 mapped to illegal pblock 2 (length 1)
[  283.781224][T15107] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  283.789426][T15107] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 48: comm syz.2.3735: lblock 0 mapped to illegal pblock 48 (length 1)
[  283.830519][T15107] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  283.831468][T12044] EXT4-fs unmount: 4 callbacks suppressed
[  283.831563][T12044] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  283.839391][T15107] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.3735: Failed to acquire dquot type 0
[  283.866051][T15107] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  283.876499][T15107] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.3735: mark_inode_dirty error
[  283.888146][T15107] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  283.898841][T15107] EXT4-fs (loop2): 1 orphan inode deleted
[  283.906237][T15107] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.985498][T15143] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3748'.
[  283.995479][T15107] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 1: comm syz.2.3735: lblock 1 mapped to illegal pblock 1 (length 1)
[  284.019763][ T5930] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:44: lblock 1 mapped to illegal pblock 1 (length 1)
[  284.052856][ T5930] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:44: Failed to release dquot type 0
[  284.065460][T11564] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.074850][T11564] EXT4-fs error (device loop2): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[  284.088855][T11564] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  284.112156][T11564] EXT4-fs error (device loop2): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  284.141234][T15153] loop5: detected capacity change from 0 to 128
[  284.281361][T15153] msdos filesystem being mounted at /69/file2 supports timestamps until 2107-12-31 (0x10391447e)
[  284.318658][T15153] syzkaller0: entered promiscuous mode
[  284.324291][T15153] syzkaller0: entered allmulticast mode
[  284.787305][T15185] loop5: detected capacity change from 0 to 256
[  284.802949][T15187] loop0: detected capacity change from 0 to 128
[  284.810145][T15187] msdos filesystem being mounted at /149/file2 supports timestamps until 2107-12-31 (0x10391447e)
[  284.826412][T15187] syzkaller0: entered promiscuous mode
[  284.831957][T15187] syzkaller0: entered allmulticast mode
[  284.850144][T15185] FAT-fs (loop5): IO charset macgreek not found
[  285.449784][T15231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3782'.
[  285.496949][T15230] loop6: detected capacity change from 0 to 512
[  285.525263][T15230] EXT4-fs: Ignoring removed bh option
[  285.533779][T15230] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  285.643772][T15230] EXT4-fs (loop6): 1 truncate cleaned up
[  285.678118][T15230] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.697870][T15238] loop3: detected capacity change from 0 to 128
[  285.707011][T15230] EXT4-fs (loop6): shut down requested (1)
[  285.713529][T15230] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=15
[  285.725069][T15238] msdos filesystem being mounted at /166/file2 supports timestamps until 2107-12-31 (0x10391447e)
[  285.736009][T15230] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=15
[  285.745310][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  285.745324][   T29] audit: type=1400 audit(4332718312.222:23516): avc:  denied  { link } for  pid=15229 comm="syz.6.3783" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  285.781323][T15238] syzkaller0: entered promiscuous mode
[  285.787389][T15238] syzkaller0: entered allmulticast mode
[  285.841888][T13885] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.876703][T15241] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.886053][T15241] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.678552][T15258] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3792'.
[  286.687939][T15258] tc_dump_action: action bad kind
[  286.880662][   T29] audit: type=1400 audit(4332718313.265:23517): avc:  denied  { ioctl } for  pid=15273 comm="syz.5.3799" path="ipc:[4026532632]" dev="nsfs" ino=4026532632 ioctlcmd=0x942b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  286.982130][T15279] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.995738][T15279] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.654542][T15295] loop3: detected capacity change from 0 to 512
[  287.676967][T15295] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.690271][T15295] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.737452][T12044] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.349720][T15309] lo speed is unknown, defaulting to 1000
[  288.356038][T15309] lo speed is unknown, defaulting to 1000
[  289.015782][T15328] netlink: 'syz.0.3819': attribute type 1 has an invalid length.
[  289.023615][T15328] netlink: 'syz.0.3819': attribute type 4 has an invalid length.
[  289.031416][T15328] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.3819'.
[  289.138459][T15331] loop2: detected capacity change from 0 to 128
[  289.154794][   T29] audit: type=1326 audit(4332718315.359:23518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15330 comm="syz.6.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574c55f749 code=0x7ffc0000
[  289.364380][T15331] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  289.377394][T15328] netlink: 'syz.0.3819': attribute type 1 has an invalid length.
[  289.385251][T15328] netlink: 'syz.0.3819': attribute type 4 has an invalid length.
[  289.393081][T15328] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.3819'.
[  289.396350][T15331] ext4 filesystem being mounted at /237/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  289.813666][   T29] audit: type=1326 audit(4332718315.396:23519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15330 comm="syz.6.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574c55f749 code=0x7ffc0000
[  289.838308][   T29] audit: type=1326 audit(4332718315.396:23520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15330 comm="syz.6.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f574c55f749 code=0x7ffc0000
[  289.861929][   T29] audit: type=1326 audit(4332718315.396:23521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15330 comm="syz.6.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574c55f749 code=0x7ffc0000
[  289.886354][   T29] audit: type=1326 audit(4332718315.396:23522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15330 comm="syz.6.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574c55f749 code=0x7ffc0000
[  289.910378][   T29] audit: type=1326 audit(4332718315.396:23523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15330 comm="syz.6.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f574c55f749 code=0x7ffc0000
[  289.934113][   T29] audit: type=1326 audit(4332718315.396:23524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15330 comm="syz.6.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574c55f749 code=0x7ffc0000
[  289.959518][   T29] audit: type=1326 audit(4332718315.396:23525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15330 comm="syz.6.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574c55f749 code=0x7ffc0000
[  290.092314][T11564] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  290.261620][T15348] loop5: detected capacity change from 0 to 512
[  290.287330][T15348] EXT4-fs (loop5): 1 orphan inode deleted
[  290.328595][T15348] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.421753][T15348] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.460372][T15356] syzkaller0: entered promiscuous mode
[  290.465920][T15356] syzkaller0: entered allmulticast mode
[  290.596339][T13747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.660214][T15367] loop0: detected capacity change from 0 to 128
[  290.876258][T15373] loop5: detected capacity change from 0 to 512
[  290.882920][T15373] EXT4-fs: test_dummy_encryption option not supported
[  290.890734][T15367] msdos filesystem being mounted at /160/file2 supports timestamps until 2107-12-31 (0x10391447e)
[  290.921282][T15367] syzkaller0: entered promiscuous mode
[  290.926920][T15367] syzkaller0: entered allmulticast mode
[  290.932754][T15378] xt_hashlimit: size too large, truncated to 1048576
[  292.078192][T15389] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.097796][T15389] bridge_slave_0 (unregistering): left allmulticast mode
[  292.105239][T15389] bridge_slave_0 (unregistering): left promiscuous mode
[  292.112318][T15389] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.146534][T15397] program syz.6.3846 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  292.694291][T15421] __vm_enough_memory: pid: 15421, comm: syz.0.3856, bytes: 4115879641088 not enough memory for the allocation
[  292.839181][T15429] loop0: detected capacity change from 0 to 1024
[  292.846212][T15429] EXT4-fs: Ignoring removed mblk_io_submit option
[  292.917310][T15429] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  292.925920][T15429] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  292.968596][T15431] bridge_slave_0 (unregistering): left allmulticast mode
[  292.975792][T15431] bridge_slave_0 (unregistering): left promiscuous mode
[  292.982805][T15431] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.041072][T15429] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.3860: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  293.060822][T15429] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.3860: couldn't read orphan inode 11 (err -117)
[  293.074313][T15429] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.114558][T15429] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3860: Invalid block bitmap block 0 in block_group 0
[  293.130434][T15429] __quota_error: 4 callbacks suppressed
[  293.130451][T15429] Quota error (device loop0): write_blk: dquota write failed
[  293.143483][T15429] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  293.153577][T15429] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.3860: Failed to acquire dquot type 0
[  293.208686][T15441] loop5: detected capacity change from 0 to 128
[  293.216832][T15441] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  293.243814][T15441] ext4 filesystem being mounted at /93/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  293.255945][T12521] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.287502][T15445] xt_cgroup: invalid path, errno=-2
[  293.315354][T13747] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  294.383315][   T29] audit: type=1326 audit(4332718320.194:23530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.0.3876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  294.407230][   T29] audit: type=1326 audit(4332718320.194:23531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.0.3876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  294.459491][   T29] audit: type=1326 audit(4332718320.231:23532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.0.3876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  294.483341][   T29] audit: type=1326 audit(4332718320.231:23533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.0.3876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  294.506990][   T29] audit: type=1326 audit(4332718320.231:23534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.0.3876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  294.532936][   T29] audit: type=1326 audit(4332718320.268:23535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.0.3876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7efe689d2005 code=0x7ffc0000
[  294.576453][T15479] 0: reclassify loop, rule prio 0, protocol 800
[  294.700400][   T29] audit: type=1326 audit(4332718320.462:23536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.0.3876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  294.827203][   T29] audit: type=1400 audit(4332718320.591:23537): avc:  denied  { setopt } for  pid=15493 comm="syz.0.3885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  296.216999][T15538] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3902'.
[  296.868824][T15552] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3909'.
[  297.273750][T15565] loop2: detected capacity change from 0 to 256
[  297.290588][T15567] loop0: detected capacity change from 0 to 512
[  297.300349][T15565] vfat filesystem being mounted at /253/file0 supports timestamps until 2107-12-31 (0x10391447e)
[  297.316523][T15567] EXT4-fs (loop0): inodes count not valid: 3 vs 32
[  297.695260][T15586] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.753664][T15586] bridge_slave_0 (unregistering): left allmulticast mode
[  297.760772][T15586] bridge_slave_0 (unregistering): left promiscuous mode
[  297.767825][T15586] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.844090][T15589] loop5: detected capacity change from 0 to 1024
[  297.853299][T15589] EXT4-fs: dax option not supported
[  297.982349][T15576] loop2: detected capacity change from 0 to 32768
[  298.005564][T15595] syzkaller0: entered promiscuous mode
[  298.011185][T15595] syzkaller0: entered allmulticast mode
[  299.089621][T15614] tipc: Started in network mode
[  299.094607][T15614] tipc: Node identity 1ea3a2c91c3c, cluster identity 4711
[  299.101869][T15614] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  299.110715][T15614] syzkaller0: entered promiscuous mode
[  299.116265][T15614] syzkaller0: entered allmulticast mode
[  299.127478][T15614] tipc: Resetting bearer <eth:syzkaller0>
[  299.140371][T15613] tipc: Resetting bearer <eth:syzkaller0>
[  299.147207][T15613] tipc: Disabling bearer <eth:syzkaller0>
[  299.182868][T15612] program syz.2.3935 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  299.363397][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  299.363418][   T29] audit: type=1400 audit(4332718324.780:23541): avc:  denied  { create } for  pid=15616 comm="syz.6.3938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  299.985937][T15644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.018968][T15644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.360199][T15649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.391906][T15649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.833553][T15661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.842374][T15661] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  301.226306][T15706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  301.235177][T15706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.004211][   T29] audit: type=1326 audit(4332718327.105:23542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  302.028636][   T29] audit: type=1326 audit(4332718327.114:23543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efe6899df90 code=0x7ffc0000
[  302.052397][   T29] audit: type=1326 audit(4332718327.114:23544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7efe689a0f77 code=0x7ffc0000
[  302.076857][   T29] audit: type=1326 audit(4332718327.114:23545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  302.100544][   T29] audit: type=1326 audit(4332718327.114:23546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7efe689a0f77 code=0x7ffc0000
[  302.124919][   T29] audit: type=1326 audit(4332718327.114:23547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7efe6899e3aa code=0x7ffc0000
[  302.148387][   T29] audit: type=1326 audit(4332718327.114:23548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  302.172798][   T29] audit: type=1326 audit(4332718327.114:23549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  302.196376][   T29] audit: type=1326 audit(4332718327.114:23550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15752 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6899f749 code=0x7ffc0000
[  303.349667][T15788] loop6: detected capacity change from 0 to 256
[  303.368408][T15788] FAT-fs (loop6): codepage cp869 not found
[  304.140477][T15804] tipc: Started in network mode
[  304.145542][T15804] tipc: Node identity 1a4c5ce362e2, cluster identity 4711
[  304.152805][T15804] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  304.167877][T15802] netlink: 'syz.3.4016': attribute type 10 has an invalid length.
[  304.193116][T15802] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  304.217592][T15802] team0: Failed to send options change via netlink (err -105)
[  304.225948][T15802] team0: Port device dummy0 added
[  304.233463][T15814] loop6: detected capacity change from 0 to 256
[  304.351594][T15818] loop5: detected capacity change from 0 to 512
[  304.358596][T15814] FAT-fs (loop6): codepage cp949 not found
[  304.366609][T15815] syzkaller0: entered promiscuous mode
[  304.372132][T15815] syzkaller0: entered allmulticast mode
[  304.392100][T15803] tipc: Resetting bearer <eth:syzkaller0>
[  304.435922][T15803] tipc: Disabling bearer <eth:syzkaller0>
[  304.453165][T15825] loop3: detected capacity change from 0 to 128
[  304.537043][T15818] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.4020: Failed to acquire dquot type 1
[  304.612359][T15818] EXT4-fs (loop5): 1 truncate cleaned up
[  304.626030][T15825] msdos filesystem being mounted at /201/file1 supports timestamps until 2107-12-31 (0x10391447e)
[  304.668371][T15818] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.714797][T15836] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  305.085503][T15836] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  305.094384][T15840] xt_hashlimit: size too large, truncated to 1048576
[  305.103116][   T29] kauditd_printk_skb: 60 callbacks suppressed
[  305.103130][   T29] audit: type=1400 audit(4332718330.085:23609): avc:  denied  { accept } for  pid=15835 comm="syz.0.4028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  305.244133][T15818] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.418889][T15810] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  305.429290][T15810] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  305.439235][T15810] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.4020: Failed to acquire dquot type 1
[  305.455605][   T29] audit: type=1400 audit(4332718330.196:23610): avc:  denied  { write } for  pid=15820 comm="syz.3.4024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  305.475448][   T29] audit: type=1400 audit(4332718330.371:23611): avc:  denied  { link } for  pid=15809 comm="syz.5.4020" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  305.567710][T13747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.612304][T15861] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  305.619502][T15861] syzkaller0: entered promiscuous mode
[  305.625043][T15861] syzkaller0: entered allmulticast mode
[  305.725606][T15861] tipc: Resetting bearer <eth:syzkaller0>
[  305.732262][T15860] tipc: Resetting bearer <eth:syzkaller0>
[  305.739763][T15860] tipc: Disabling bearer <eth:syzkaller0>
[  305.823158][   T29] audit: type=1400 audit(4332718330.740:23612): avc:  denied  { listen } for  pid=15874 comm="syz.6.4043" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  305.858304][   T29] audit: type=1400 audit(4332718330.759:23613): avc:  denied  { ioctl } for  pid=15874 comm="syz.6.4043" path="socket:[49813]" dev="sockfs" ino=49813 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  305.914363][T15882] loop3: detected capacity change from 0 to 256
[  305.929706][T15882] FAT-fs (loop3): codepage cp866 not found
[  308.258088][T15906] bond0: option miimon: invalid value (18446744073709551613)
[  308.265574][T15906] bond0: option miimon: allowed values 0 - 2147483647
[  308.380715][T15917] syzkaller0: entered promiscuous mode
[  308.386418][T15917] syzkaller0: entered allmulticast mode
[  308.502094][T15927] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4052'.
[  309.157098][T15957] syzkaller0: entered promiscuous mode
[  309.162653][T15957] syzkaller0: entered allmulticast mode
[  309.336295][T15972] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.345025][T15972] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.617670][T15992] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4089'.
[  310.112415][T16003] syzkaller0: entered promiscuous mode
[  310.117993][T16003] syzkaller0: entered allmulticast mode
[  311.332935][T16048] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4114'.
[  312.224948][   T29] audit: type=1400 audit(4332718336.655:23614): avc:  denied  { listen } for  pid=16049 comm="syz.5.4115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  312.244696][   T29] audit: type=1400 audit(4332718336.655:23615): avc:  denied  { accept } for  pid=16049 comm="syz.5.4115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  312.378055][   T29] audit: type=1400 audit(4332718336.793:23616): avc:  denied  { read } for  pid=16062 comm="syz.6.4120" dev="sockfs" ino=50168 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  312.498263][T16069] loop5: detected capacity change from 0 to 1024
[  312.521037][T16071] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.535787][T16071] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.544214][T16069] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  312.558481][T16069] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.571768][   T29] audit: type=1326 audit(4332718336.959:23617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16070 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7930f4f749 code=0x7ffc0000
[  312.596295][   T29] audit: type=1326 audit(4332718336.978:23618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16070 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7930f4f749 code=0x7ffc0000
[  312.619996][   T29] audit: type=1326 audit(4332718336.978:23619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16070 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7930f4f749 code=0x7ffc0000
[  312.644643][   T29] audit: type=1326 audit(4332718336.978:23620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16070 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f7930f4f749 code=0x7ffc0000
[  312.668505][   T29] audit: type=1326 audit(4332718336.978:23621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16070 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7930f4f749 code=0x7ffc0000
[  312.692989][   T29] audit: type=1326 audit(4332718336.978:23622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16070 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7930f4f749 code=0x7ffc0000
[  312.715031][T16069] EXT4-fs error (device loop5): ext4_map_blocks:825: inode #15: comm syz.5.4123: lblock 0 mapped to illegal pblock 0 (length 1)
[  312.717335][   T29] audit: type=1326 audit(4332718336.978:23623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16070 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f7930f4f749 code=0x7ffc0000
[  312.756638][T16078] ==================================================================
[  312.764780][T16078] BUG: KCSAN: data-race in __percpu_counter_init_many / copy_mm
[  312.772466][T16078] 
[  312.774810][T16078] write to 0xffff888146d29948 of 8 bytes by task 12521 on cpu 1:
[  312.782544][T16078]  __percpu_counter_init_many+0x292/0x310
[  312.788290][T16078]  mm_init+0x506/0x650
[  312.792395][T16078]  copy_mm+0x101/0x370
[  312.796479][T16078]  copy_process+0xcbc/0x1ef0
[  312.801099][T16078]  kernel_clone+0x16c/0x5c0
[  312.805621][T16078]  __x64_sys_clone+0xe6/0x120
[  312.810357][T16078]  x64_sys_call+0x12d0/0x3000
[  312.815147][T16078]  do_syscall_64+0xca/0x2b0
[  312.819685][T16078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.825598][T16078] 
[  312.827938][T16078] read to 0xffff888146d29440 of 1664 bytes by task 16078 on cpu 0:
[  312.835941][T16078]  copy_mm+0xe2/0x370
[  312.839938][T16078]  copy_process+0xcbc/0x1ef0
[  312.844638][T16078]  kernel_clone+0x16c/0x5c0
[  312.849177][T16078]  __x64_sys_clone+0xe6/0x120
[  312.853875][T16078]  x64_sys_call+0x12d0/0x3000
[  312.858576][T16078]  do_syscall_64+0xca/0x2b0
[  312.863119][T16078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.869063][T16078] 
[  312.871487][T16078] Reported by Kernel Concurrency Sanitizer on:
[  312.877826][T16078] CPU: 0 UID: 0 PID: 16078 Comm: syz.3.4125 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  312.887648][T16078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  312.897738][T16078] ==================================================================
[  312.908877][T16069] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  312.922089][T16069] EXT4-fs (loop5): This should not happen!! Data will be lost
[  312.922089][T16069] 
[  312.933518][T16081] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #15: comm syz.5.4123: lblock 0 mapped to illegal pblock 0 (length 1)
[  312.947334][T16081] EXT4-fs error (device loop5): ext4_ext_remove_space:2955: inode #15: comm syz.5.4123: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  312.970352][T16081] EXT4-fs error (device loop5) in ext4_setattr:6035: Corrupt filesystem
[  312.984406][T16069] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #15: comm syz.5.4123: lblock 0 mapped to illegal pblock 0 (length 1)
[  312.999249][T16069] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #15: comm syz.5.4123: lblock 0 mapped to illegal pblock 0 (length 1)
[  313.013734][T16069] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #15: comm syz.5.4123: lblock 0 mapped to illegal pblock 0 (length 1)
[  313.028054][T16069] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #15: comm syz.5.4123: lblock 0 mapped to illegal pblock 0 (length 1)
[  313.041769][T16069] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #15: comm syz.5.4123: lblock 0 mapped to illegal pblock 0 (length 1)
[  313.056093][T16069] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #15: comm syz.5.4123: lblock 0 mapped to illegal pblock 0 (length 1)
[  313.438902][T13747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.