last executing test programs:

53.637612016s ago: executing program 0 (id=37):
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='rseq_update\x00', r1}, 0x18)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000740)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd6745208e00283aff00000000000000000000ffffac1414aaff02000000000000000000007800000000fc0100000000000000000000000000012001000000000000000000000000000100000000000000"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000bc0)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64, @ANYRES64=r1], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000002c0)={'#! ', '', [], 0xa, "d7b8e4385aba24ea438b203dbd5ac17045e69117ea9a4ffc32dac89ca777a03991e192d926ca8dba138a26deb03eaea2cf6f6f9fe169892c0b36a16a7f5f0569d1472162e1d585bea46d976aff0e3a3d41b1f4379721648c45ebb367567558d1bcd570339d80f7d3ffc566ca163789db980bedb241afa100"/133}, 0x89)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
fdatasync(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000946000/0x2000)=nil, 0x2000)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f00000022c0)=ANY=[], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', r5, @fallback=0x7, r2, 0x8, &(0x7f0000000000)={0x9}, 0x8, 0x10, &(0x7f0000000180), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x10000}, 0x50)
unshare(0x6020400)
r7 = socket(0x2, 0x805, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000000100)=[@in={0x2, 0x4e20, @rand_addr=0x64010102}, @in={0x2, 0x4e20, @remote}]}, &(0x7f00000007c0)=0x10)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000900)=ANY=[@ANYBLOB="00c305063be1a65fc1233f941d98989353eecf52e687b4084a821f729b3c4536ce8d1d6adbe893c5905f3d8c34f86c628e912a097510d566642318b37d32948fb0dc882e36efc611bd384332f7f84435f839ea20efb08ccf95bdc6852fa4a629fa9c987a5c0897c7e01bba33699c63878b2ff0534235bbb365d2cf24ed41f13fd105a81218a7c94ad196ca5d26778b6e4ccdab643ef33bed0ca45a9ffcf48d7a31c9c203b98095a1d2873a1ef9064396e9526a71e98ff866ab2732e113a48614730055e1892b3269aa2e8cf400732aec0ca6bbfa9c410089d973879c82fea36a07703865b25644e829bb8b0142caf9e79b468808e2545bca72b08fae5803535c6ab9c3eaa76d4e87a8e4fa7277299d48effb95f66243fdf383a8a1158cfe8ac5b50f52a438ff8ecba588355c91c384817d4e281f114617bc2c8a6950fd97169c5fc13e19870e51d092bc39a5b0dbce6a7b8f3bb501174d1379f9240de42c7b911332833e197edfbebf4b1f0a735f76e1ec0990c6a1c9f80208bf4b09500e4a774624f6a1f386cc0a1474eb5c0b66ce3ada2fa18241584d"], 0xc3, 0x2)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000002000010327bd7000ffdbdf250200000010001bf41e006647a9426fec4047fd0000080017004e204e20"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8)

53.440434282s ago: executing program 0 (id=41):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000010040b7080000000000007b8af8ff00000000b7080000000000107b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r1, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0xff8, &(0x7f0000002e00)=""/4088, 0x0, 0xa}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c206050086dd601823250010"], 0x0)

53.392960966s ago: executing program 0 (id=45):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = memfd_secret(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYRES32=r1], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4005, &(0x7f0000000c00)=0xb, 0x6, 0x2)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000c00)=0xc, 0x6, 0x2)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0xfffd, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
ioperm(0x0, 0xd, 0x4000000000000020)
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffff9)
r4 = openat$rtc(0xffffffffffffff9c, 0x0, 0xc29080, 0x0)
ioctl$RTC_PLL_GET(r4, 0x80207011, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r5, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f00000083c0)={{0x1}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r5, 0x40505412, &(0x7f00000000c0)={0x4, 0x8})
readv(r5, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x20}], 0x1)

53.352971319s ago: executing program 0 (id=47):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f00000002c0)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@usrjquota}, {@acl}, {@grpjquota}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
readahead(r0, 0x3ff, 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000004c0)={'#! ', './mnt', [{0x20, '('}], 0xa, "2799e2d2cb1c5e096d6185d4b53b2bce94c05fd69fd8dc443b02284996f7d120da4474a6c0"}, 0x30)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f00000003c0)={r1, 0x0, 0x1b, 0x0, &(0x7f0000000200)="8018ee84fdbaab21f7f3d37185a47e742763c53edfae37f3294dcf", 0x0, 0x2, 0x0, 0x4, 0x0, &(0x7f0000000440)="7058895c", 0x0, 0x2, 0x0, 0x100}, 0x50)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x2c, &(0x7f0000000100), 0x4)
setsockopt$sock_attach_bpf(r4, 0x1, 0x1b, &(0x7f0000000800), 0x4)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff})
setsockopt$TIPC_MCAST_BROADCAST(r6, 0x10f, 0x85)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0xfd}, 'port1\x00', 0x6a, 0x4f50d8578c18f8eb, 0xfffffffd, 0x8000008, 0x3, 0x400, 0x1, 0x0, 0x2})
readv(r7, &(0x7f0000000380)=[{&(0x7f00000035c0)=""/52, 0x34}], 0x4e)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480))
ioctl$SIOCSIFHWADDR(r8, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x800000, &(0x7f0000006680))
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r9, 0x33, &(0x7f0000000d40)={0x10000, 0xc4, 0xff800002})
r10 = timerfd_create(0x0, 0x0)
timerfd_settime(r10, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
readv(r10, 0x0, 0x0)

52.97392899s ago: executing program 0 (id=50):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ff"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000b000000cc000000e800000000000000", @ANYRES32, @ANYBLOB="000000a58078948c2800"/26, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000880), 0x300, r0}, 0x38)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x6, r0}, 0x38)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b8, &(0x7f00000006c0)="$eJzs3E9rE0EYx/HHpG3SlDYRRFBQH/Sil6WNL0CDtCAGhNoU9SBs7UZDYlJ2QyQiNhfx6usoHr0J6hvoRbx491YEwUsP4kr2T5u0aU3bpKnt9wNlZjPzy0zTtDxbyKzdf/usmHeMvFmVSFwlItKQdZFUsxc4FbQRrz8irRpybezXtwv3Hjy8k8lmp2dVZzJz19OqOnHp4/OX7y5/ro7Nv5/4EJPV1KO1n+nvq2dXz639mXtacLTgaLlSVVMXKpWquVCydLHgFKPBM1taKDuW3TaeL1WWlupqlhfHE0u25ThqlutatOparWjVrqv5xCyU1TAMHU/IyTbUxZzcyuysmdlx2I32dEfovVj75WinObadaXQezK30a18AAODo2r3+92v9nev/7Lzf9rL+N1RFLNOh/u+HRtvVP+p/HAu2nTETwe9vO+p/AAAAAAAAAAAAAAAAAAAAAAD+B+uum3RdNxm24VdMROIiEl4Pep/oj33+/G8MaLvosZYP7sVFSm9quVrOb/3xTF4KUhJLJiUpv733Q8Dvz9zOTk+qZzh4ymZ+uZaLemcTePlQqlP+4ukpP6/yqZmrBflhSbSun5aknOm8fnozHx6HsFzLjcjVKy15Q5Ly5bFUpCSL3vt6M/9qSvXW3eyW9Ue9eQAAAAAAHAeGbki13//6Zz8a3oS4bB/383v4/8CW++shOd/NEZUAAAAAAODAnPqLolkqWfY+OjEROUD8uHai0v7IqIgMfmM3ReRovD6H0omLiP+I7if+YyPeVcrtYs6QiAz8ZdlDZ9B/mQAAAAD0mlfrR5pF/x5CX1/3cUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJw83Z4HFs7fNhQO7BJvWS566N8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcIT8DQAA//9F8hZE")
pipe(&(0x7f0000000240))
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000)
ioctl$TCSETSW2(r1, 0x5453, 0x0)
io_setup(0x4, &(0x7f00000003c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f00000005c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x9, r1, 0x0, 0x0, 0x3b0}])
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYRES64=r3], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="000000008d8c00e8d0030000000300008577950000001b78b244c7ca756f6f00000095a3ab89857c684cf9aa57ca3afb28e815408de210cc4be5"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x18)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r6 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0b82f8938caa52dd8d39af000400006ad59300"}, 0x48, 0xffffffffffffffff)
r7 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000300)={0x0, "6035ae1e0fe721441705322025000000003e2a5b4377f7ad4bcf2b71d17e1ec0ef54e6773fd7264c39ea00c508ba607269613800"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r7, r6, r6, 0x0)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r8, &(0x7f0000000380)={0x1a, 0x5, 0x10, 0xc, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0xffffffffffffff15)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r9 = syz_io_uring_setup(0xbda, &(0x7f0000000500)={0x0, 0x8374, 0x8, 0x3, 0x40000333}, &(0x7f0000000dc0)=<r10=>0x0, &(0x7f00000001c0)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r9, 0x847ba, 0x0, 0xe, 0x0, 0x0)

52.074821082s ago: executing program 0 (id=59):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = socket(0x9, 0x2, 0x2)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000000140)={"03d2d786644bd1757aa19e69a5669d85", <r5=>0x0, 0x0, {0x6}, {0x800, 0x1}, 0x0, [0x0, 0x5c, 0xe2, 0x1, 0xb5b, 0x9, 0x101, 0x64, 0x96f6, 0xf, 0x6, 0x7, 0x4, 0x0, 0x10000, 0x3]})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r2, 0x50009418, &(0x7f00000017c0)={{r4}, r5, 0x14, @unused=[0x88, 0x4, 0x9, 0x4], @devid})
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

52.043888165s ago: executing program 32 (id=59):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = socket(0x9, 0x2, 0x2)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000000140)={"03d2d786644bd1757aa19e69a5669d85", <r5=>0x0, 0x0, {0x6}, {0x800, 0x1}, 0x0, [0x0, 0x5c, 0xe2, 0x1, 0xb5b, 0x9, 0x101, 0x64, 0x96f6, 0xf, 0x6, 0x7, 0x4, 0x0, 0x10000, 0x3]})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r2, 0x50009418, &(0x7f00000017c0)={{r4}, r5, 0x14, @unused=[0x88, 0x4, 0x9, 0x4], @devid})
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

4.420801423s ago: executing program 1 (id=772):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0)

4.376320937s ago: executing program 1 (id=774):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x1f)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000370400000000ffffffff00000000", @ANYRES32=r5, @ANYBLOB="0b12050000000000240012800b00010069703667726500001400028008000100", @ANYRES32=r5], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @multicast1}}}], 0x20}}], 0x1, 0x8000004)

4.269319495s ago: executing program 1 (id=779):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000010040b7080000000000007b8af8ff00000000b7080000000000107b8af0ff00000000bf8100000000000007"], 0x0, 0x8, 0x0, 0x0, 0x0, 0xa}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c206050086dd601823250010"], 0x0)

4.222099239s ago: executing program 1 (id=781):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = timerfd_create(0x8, 0x0)
timerfd_settime(r1, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_settime(r1, 0x2, &(0x7f0000000200)={{0x0, 0x989680}}, 0x0)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x208000, 0x0)

3.72037991s ago: executing program 1 (id=795):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b8, &(0x7f00000006c0)="$eJzs3E9rE0EYx/HHpG3SlDYRRFBQH/Sil6WNL0CDtCAGhNoU9SBs7UZDYlJ2QyQiNhfx6usoHr0J6hvoRbx491YEwUsP4kr2T5u0aU3bpKnt9wNlZjPzy0zTtDxbyKzdf/usmHeMvFmVSFwlItKQdZFUsxc4FbQRrz8irRpybezXtwv3Hjy8k8lmp2dVZzJz19OqOnHp4/OX7y5/ro7Nv5/4EJPV1KO1n+nvq2dXz639mXtacLTgaLlSVVMXKpWquVCydLHgFKPBM1taKDuW3TaeL1WWlupqlhfHE0u25ThqlutatOparWjVrqv5xCyU1TAMHU/IyTbUxZzcyuysmdlx2I32dEfovVj75WinObadaXQezK30a18AAODo2r3+92v9nev/7Lzf9rL+N1RFLNOh/u+HRtvVP+p/HAu2nTETwe9vO+p/AAAAAAAAAAAAAAAAAAAAAAD+B+uum3RdNxm24VdMROIiEl4Pep/oj33+/G8MaLvosZYP7sVFSm9quVrOb/3xTF4KUhJLJiUpv733Q8Dvz9zOTk+qZzh4ymZ+uZaLemcTePlQqlP+4ukpP6/yqZmrBflhSbSun5aknOm8fnozHx6HsFzLjcjVKy15Q5Ly5bFUpCSL3vt6M/9qSvXW3eyW9Ue9eQAAAAAAHAeGbki13//6Zz8a3oS4bB/383v4/8CW++shOd/NEZUAAAAAAODAnPqLolkqWfY+OjEROUD8uHai0v7IqIgMfmM3ReRovD6H0omLiP+I7if+YyPeVcrtYs6QiAz8ZdlDZ9B/mQAAAAD0mlfrR5pF/x5CX1/3cUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJw83Z4HFs7fNhQO7BJvWS566N8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcIT8DQAA//9F8hZE")
ioctl$TCSETSW2(0xffffffffffffffff, 0x5453, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
set_mempolicy(0x6005, 0x0, 0x4)
r0 = syz_io_uring_setup(0xbda, &(0x7f0000000500)={0x0, 0x8374, 0x8, 0x3, 0x40000333}, &(0x7f0000000dc0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

3.105642499s ago: executing program 3 (id=802):
syz_mount_image$ext4(&(0x7f0000000200)='ext2\x00', &(0x7f0000000240)='./bus\x00', 0x200000, &(0x7f00000002c0)={[{@data_ordered}, {@nouser_xattr}, {@init_itable}, {@bsdgroups}]}, 0xfd, 0x50f, &(0x7f0000000a00)="$eJzs3cFvI1cZAPDPTuw42bRJSw+AoF3awoJW6yTeNqp6gHJCCFVC9AjSNiTeKIodR7FTmrAS6ZkrEpU4wZE/gHNP3LkguHEpB6QCEahB4mA04/Guk7U3YZPYafz7SaN5M2/i7714573159gvgLF1MyIOIqIYEe9GxFx2Ppdt8VZnS6779PDB6tHhg9VctNvv/COX1ifnoudnEjeyxyxFxA++E/Hj3ONxm3v7myu1WnUnO15o1bcXmnv7dzbqK+vV9epWpbK8tLz4xt3XKxfW15fqxaz05Y//cPCNnybNmu2cKEZPPy5Sp+uFbpzUZER87zKCjcBE1p/iqBvCU8lHxPMR8XJ6/8/FRPpsAgDXWbs9F+253mMA4LrLpzmwXL6c5QJmI58vlzs5vBdiJl9rNFu37zd2t9Y6ubL5KOTvb9Sqi1mucD4KueR4KS0/Oq6cOL4bEc9FxC+mptPj8mqjtjbK//gAwBi7cWL+//dUZ/4HAK650qgbAAAMnfkfAMaP+R8Axo/5HwDGT2f+nx51MwCAIfL6HwDGj/kfAMbK999+O9naR9n3X6+9t7e72Xjvzlq1uVmu766WVxs72+X1RmM9/c6e+mmPV2s0tpdei93357+53WwtNPf279Ubu1ute+n3et+rFtKrDobQMwBgkOde+ujPuWRGfnM63aJnLYfCSFsGXLb8qBsAjMzEqBsAjIzVvmB8neM1vvQAXBN9lug9ptTvA0Ltdrt9eU0CLtmtL8j/w7jqyf/7K2AYM/L/ML7k/2F8tdu5s675H2e9EAC42uT4gQHv/z+f7X+bvTnwo7WTV3x4ma0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAq627/m85Wwt8NvL5cjnimYiYj0Lu/katuhgRz0bEn6YKU8nx0ojbDACcV/5vuWz9r1tzr84eq3rxxsNiMSJ+8qt3fvn+Squ188eIYu6fU93zrQ+z85Xhtx4AOF13nk73PS/kPz18sNrdhtmeT74dEaVO/KPDYhw9jD8Zk+m+FIWImPlXLibjZw9/LteTuziPgw8i4vP9+p+L2TQH0ln5tBP/kST2M0ONnz8WP5/WdfbJ7+Jz/3fk6QtoPXy2fZSMP2/1u//ycTPd97//S+kIdX7Z+Jc81OpROgY+it8d/yb6xE/u+ZtnjfHa77/bKT1+z3/yQcQXJyO6sY96xp9u/NyA+K+eMf5fvvTiy4Pq2r+OuBX94/fGWmjVtxeae/t3Nuor69X16lalsry0vPjG3dcrC2mOemHwbPD3N28/O6gu6f9MFn8qjscvndL/r3aKpw6kv/nvuz/8yhPif/2Vfv3PxwtPiJ/MiV87LXBmZeZ3pUF1Sfy1Ab//057/22eM//Ff9x9bNhwAGJ3m3v7mSq1W3VFQuPqF5J/sFWhG38K3hhWrGP2rfv5K554+UdVuP1WsQSPGRWTdgKsgu+nT9/L/M+rGAAAAAAAAAAAAAAAAfQ3jE0uj7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//55ZzBM=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0100000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000000000), 0x4)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000fcb000)=0xfffffffc, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$caif_seqpacket(0x25, 0x5, 0x3)
sendmmsg$sock(r3, &(0x7f0000000cc0)=[{{&(0x7f00000003c0)=@ieee802154={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0202}}}, 0x80}}, {{&(0x7f00000009c0)=@vsock={0x28, 0x0, 0xffffffff}, 0x80, &(0x7f0000000b80)=[{0x0}, {0x0}, {&(0x7f0000000b40)}], 0x3}}], 0x2, 0x0)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x700, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@map=0x1, 0x2e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000bc0)=@delchain={0x24, 0x65, 0x2, 0x1070bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3, 0x2}, {0x0, 0x9}, {0x0, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0xc1}, 0x20000080)
r4 = socket$igmp(0x2, 0x3, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='nilfs2_collection_stage_transition\x00', r7, 0x0, 0xffffffffffffffff}, 0x18)
timer_delete(0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4)
setsockopt$MRT_INIT(r4, 0x0, 0xc8, &(0x7f0000000140), 0x4)
r9 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r9, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.037469325s ago: executing program 1 (id=803):
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x240880c0, &(0x7f0000000280)={0xa, 0xe20, 0xfffffffd, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0xfffffffffffffd63)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102)
sendfile(r3, r3, 0x0, 0x800000009)

3.037280955s ago: executing program 33 (id=803):
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x240880c0, &(0x7f0000000280)={0xa, 0xe20, 0xfffffffd, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0xfffffffffffffd63)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102)
sendfile(r3, r3, 0x0, 0x800000009)

3.025885936s ago: executing program 3 (id=806):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x7, 0xfff, 0x7})

2.125322409s ago: executing program 3 (id=818):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x15, 0x5, 0x0)
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00')
getsockopt(r1, 0x200000000114, 0x2710, &(0x7f0000000600)=""/102389, &(0x7f0000000000)=0x18ff5)
r4 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x80)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='kmem_cache_free\x00', r5, 0x0, 0x4}, 0x18)
ioctl$LOOP_SET_FD(r4, 0x4c00, r5)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000240)={@empty, <r8=>0x0}, &(0x7f0000000280)=0x14)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0x3c, r7, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x17, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x0, 0x7, r8}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0xffffffffffffff3c, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x7, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xfffffffd}]})
open_tree(0xffffffffffffffff, 0x0, 0x88800)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x80042, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000080)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r10, 0x40047438, &(0x7f0000000180)=""/246)

1.710427472s ago: executing program 2 (id=822):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)=ANY=[], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000003c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
r4 = dup3(r3, r2, 0x0)
accept4$unix(r4, 0xfffffffffffffffe, 0x0, 0x0)

1.557473935s ago: executing program 4 (id=826):
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
unshare(0x2040400)
fallocate(r0, 0x0, 0x0, 0x1001f0)
copy_file_range(r0, 0x0, r0, &(0x7f00000000c0)=0xc615, 0x716, 0x0)

1.526045777s ago: executing program 4 (id=827):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000000)="aa", 0xffe0, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)

1.499373269s ago: executing program 3 (id=829):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f00001e0000/0x4000)=nil, 0x4000, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xc, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0x34}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x8}, @exit]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x70) (async, rerun: 32)
r0 = socket$netlink(0x10, 0x3, 0xa) (rerun: 32)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000380)={0x14, 0x1014, 0x609, 0x709d2b, 0x0, {0x1e}}, 0x14}}, 0x4008840)

1.450471703s ago: executing program 4 (id=830):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
close(0xffffffffffffffff)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
setgroups(0xfffffffffffffd9e, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000370400000000ffffffff00000000", @ANYRES32=r5, @ANYBLOB="0b12050000000000240012800b00010069703667726500001400028008000100", @ANYRES32=r5], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @multicast1}}}], 0x20}}], 0x1, 0x8000004)

1.298983826s ago: executing program 4 (id=832):
add_key$keyring(0x0, &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xa, 0xc, &(0x7f0000000500)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
socket(0x400000000010, 0x3, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x800000000006}, 0x18)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
stat(&(0x7f0000000c00)='./file0\x00', &(0x7f0000000cc0))
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
pwritev2(r5, 0x0, 0x0, 0x2, 0x1, 0x10)
sendfile(r4, r4, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})

1.286740526s ago: executing program 5 (id=833):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x4, 0x8})
readv(r0, &(0x7f0000000200)=[{0x0}], 0x1)

1.277727787s ago: executing program 3 (id=834):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
syz_io_uring_setup(0x40112, &(0x7f0000000340)={0x0, 0x11, 0x40, 0xffffffff}, 0x0, 0x0)
acct(&(0x7f00000002c0)='./file1\x00')
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_read_part_table(0x60d, &(0x7f0000000a80)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b097ead85847817353d2dbad05dd5", 0x1c, 0xfffffffffffffffd)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)=ANY=[], 0xffa8)
socket$nl_route(0x10, 0x3, 0x0)
inotify_init()
r6 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x1a, &(0x7f00000003c0)=0x6, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x0, @loopback}], 0x1c)
r7 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r7, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)

1.186840395s ago: executing program 5 (id=835):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b8, &(0x7f00000006c0)="$eJzs3E9rE0EYx/HHpG3SlDYRRFBQH/Sil6WNL0CDtCAGhNoU9SBs7UZDYlJ2QyQiNhfx6usoHr0J6hvoRbx491YEwUsP4kr2T5u0aU3bpKnt9wNlZjPzy0zTtDxbyKzdf/usmHeMvFmVSFwlItKQdZFUsxc4FbQRrz8irRpybezXtwv3Hjy8k8lmp2dVZzJz19OqOnHp4/OX7y5/ro7Nv5/4EJPV1KO1n+nvq2dXz639mXtacLTgaLlSVVMXKpWquVCydLHgFKPBM1taKDuW3TaeL1WWlupqlhfHE0u25ThqlutatOparWjVrqv5xCyU1TAMHU/IyTbUxZzcyuysmdlx2I32dEfovVj75WinObadaXQezK30a18AAODo2r3+92v9nev/7Lzf9rL+N1RFLNOh/u+HRtvVP+p/HAu2nTETwe9vO+p/AAAAAAAAAAAAAAAAAAAAAAD+B+uum3RdNxm24VdMROIiEl4Pep/oj33+/G8MaLvosZYP7sVFSm9quVrOb/3xTF4KUhJLJiUpv733Q8Dvz9zOTk+qZzh4ymZ+uZaLemcTePlQqlP+4ukpP6/yqZmrBflhSbSun5aknOm8fnozHx6HsFzLjcjVKy15Q5Ly5bFUpCSL3vt6M/9qSvXW3eyW9Ue9eQAAAAAAHAeGbki13//6Zz8a3oS4bB/383v4/8CW++shOd/NEZUAAAAAAODAnPqLolkqWfY+OjEROUD8uHai0v7IqIgMfmM3ReRovD6H0omLiP+I7if+YyPeVcrtYs6QiAz8ZdlDZ9B/mQAAAAD0mlfrR5pF/x5CX1/3cUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJw83Z4HFs7fNhQO7BJvWS566N8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcIT8DQAA//9F8hZE")
ioctl$TCSETSW2(0xffffffffffffffff, 0x5453, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r0 = syz_io_uring_setup(0xbda, 0x0, &(0x7f0000000dc0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

1.186499285s ago: executing program 5 (id=836):
r0 = socket$xdp(0x2c, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0xff58)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)

988.81451ms ago: executing program 5 (id=837):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

981.375361ms ago: executing program 4 (id=838):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x6}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r5, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x7, 0xfff, 0x7})

938.995065ms ago: executing program 5 (id=839):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r1, 0x0, r3, 0x0, 0x88000cc, 0x0)
write$eventfd(r2, &(0x7f0000000240), 0xffffff14)

846.089602ms ago: executing program 2 (id=840):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xb, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r2, 0x0, 0x100000000}, 0x18)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mq_unlink(0x0)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x1e)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "2d432d74c04f228a", "d71d9a1e03558545115509e1c34caab9", "59f7766d", "5e33931677e0f2d7"}, 0x28)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r4=>0x0})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f00000002c0)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x2, &(0x7f0000000080)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x80000001}], &(0x7f0000000100)='GPL\x00', 0x101, 0x0, 0x0, 0x41000, 0x8, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000340)=[r5], &(0x7f0000000380)=[{0x2, 0x3, 0x8, 0x2}, {0x3, 0x5, 0x5, 0x2}], 0x10, 0x1}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_FREE_MR(r6, 0x114, 0x3, &(0x7f0000000540)={{0xdc0f, 0x1462}, 0x30}, 0x10)
sendto$inet6(r0, &(0x7f0000000280)='S', 0x1, 0x8000, 0x0, 0x0)
close(r0)

662.938907ms ago: executing program 2 (id=841):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
close(0xffffffffffffffff)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
setgroups(0xfffffffffffffd9e, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000370400000000ffffffff00000000", @ANYRES32=r5, @ANYBLOB="0b12050000000000240012800b00010069703667726500001400028008000100", @ANYRES32=r5], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @multicast1}}}], 0x20}}], 0x1, 0x8000004)

178.142676ms ago: executing program 2 (id=842):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300), 0x80, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',aname=a'])

160.303308ms ago: executing program 3 (id=843):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xf5b})
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
fcntl$lock(r0, 0x7, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x10, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@ldst={0x1, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffff8}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001fc0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x6, 0x9, &(0x7f00000002c0)={{0x2, @rand_addr, 0x0, 0x2, 'wlc\x00', 0x29, 0x2, 0x3}, {@dev={0xac, 0x14, 0x14, 0x3f}, 0xffff, 0x2, 0x0, 0x6a, 0x2}}, 0x44)
getsockopt$inet_tcp_int(r1, 0x6, 0x9, 0x0, &(0x7f0000000040))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket(0x40000000015, 0x6, 0x0)
bind$inet(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x18, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) (async)
fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xf5b}) (async)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) (async)
fcntl$lock(r0, 0x7, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x10, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@ldst={0x1, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffff8}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001fc0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x6, 0x9, &(0x7f00000002c0)={{0x2, @rand_addr, 0x0, 0x2, 'wlc\x00', 0x29, 0x2, 0x3}, {@dev={0xac, 0x14, 0x14, 0x3f}, 0xffff, 0x2, 0x0, 0x6a, 0x2}}, 0x44) (async)
getsockopt$inet_tcp_int(r1, 0x6, 0x9, 0x0, &(0x7f0000000040)) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
socket(0x40000000015, 0x6, 0x0) (async)
bind$inet(r5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x18, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async)

55.109186ms ago: executing program 4 (id=844):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="5800000000090101000000000000000000000000100004800800014000030000010002000c000280050001000000000014000280080001000000000008000200ac1414000800054000000000090001"], 0x58}}, 0x0)
r3 = syz_io_uring_setup(0x5272, &(0x7f0000000480)={0x0, 0x1060, 0x80, 0x0, 0x264}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x47f8, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r7}, 0x18)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r9=>r8, {0x4}}, './file0\x00'})
setsockopt$MRT_ADD_VIF(r9, 0x0, 0xca, &(0x7f0000000800)={0xffffffffffffffff, 0x8, 0x1, 0x5, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
bind$inet6(r8, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x9, 0x8}]}, 0x10)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000780), 0x64, 0x50d, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZj06Y3ueqDXvB69V5Ji3Y3aWwbfKgVRJ8Kan2vMdmEkE02ZDdtE4qm+AEEERV80hdfBD+AIAVffBShoM+KiiLa6oMP2rns7iRN091k226zafb3g8mcc2Zm/+dsmNk5M4eZAAbWOxFxLSIep2l6PiLGsvJcNsV2a2qs9+jh3bnGlESa3vhnEklWtvNZSTY/k212KiK+9uWIbybPxq1tbi3PVirl9Sxfqq+slWqbWxeWVmYXy4vl1enpqcszV2YuzUz2pJ1nI+LqF//6g+/+7EtXf/WZ23+6+fdz32pUazRbvrcdzyl/0MJW0wvN72LvBusvGOw4yjdbmBlpt8bQMyX3XnGdAABor3GO/8GI+GREnI+xGDr4dBYAAAB4DaWfH43/JRFpe8MdygEAAIDXSK45BjbJFbOxAKORyxWLrTG8H47TuUq1Vv/0QnVjdb41VnY8CrmFpUp5MhsrPB6FpJGfaqaf5C/uy09HxJsR8f2xkWa+OFetzPf74gcAAAAMiDP7+v//GWv1/wEAAIATZrzfFQAAAABeOf1/AAAAOPn0/wEAAOBE+8r1640p3Xn/9fytzY3l6q0L8+XacnFlY644V11fKy5Wq4vNZ/atHPZ5lWp17bOxunGnVC/X6qXa5tbNlerGav3m0lOvwAYAAACO0Jsfv/+HJCK2PzfSnBqGu9u0y9WA4yq/m0qyeZvd+o9vtOZ/OaJKAUdiqN8VAPom3+8KAH1T6HcFgL5LDlnecfDOb7P5J3pbHwAAoPcmPtr5/n/uwC23D14MHHt2Yhhc7v/D4Gre/+92JK+TBThRCs4AYOC99P3/Q6Xpc1UIAADoudHmlOSK2eW90cjlisWIs83XAhSShaVKeTIi3oiI348VPtDITzW3TA7tMwAAAAAAAAAAAAAAAAAAAAAAAAAALWmaRAoAAACcaBG5vyW/bj3Lf2LsvdH91weGk/+ORfaK0Ns/vvHDO7P1+vpUo/xfu+X1H2XlF/txBQMAAAAGwnO9wH+nn77TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXnr08O7cznSUcf/xhYgYbxc/H6ea81NRiIjT/04iv2e7JCKGehB/pPHnI+3iJ41q7YZsF3+kB/G37x0YP8azb2F//OGIONOD+DDI7jeOP9fa7X+5eKc5b7//5SOeyr+ozse/2D3+DXU4/pztMsZbD35R6hj/XsRb+fbHn534SYf473YZ/xtf39rqtCz9ScRE29+f5KlYpfrKWqm2uXVhaWV2sbxYXp2enro8c2Xm0sxkaWGpUs7+to3xvY/98vFB7T/dIf74Ie1/r8v2///BnYcfaiUL7eKfe7dN/N/8NFvj2fi57LfvU1m6sXxiJ73dSu/19s9/9/ZB7Z/v0P7D/v/numz/+a9+589drgoAHIHa5tbybKVSXj+xiUYv/RhUQ+IYJr7d0w9M0zRt7FMv8TlJHIevpZno95EJAADotScn/f2uCQAAAAAAAAAAAAAAAAAAAAyuo3ic2P6Y27uppBeP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6In3AwAA///d8Nla")

53.460736ms ago: executing program 5 (id=845):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r0, 0x27, 0x14, 0x0, &(0x7f0000000440)="f8ad48cc02cb29dcc8007f5b0800", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000480)=0x7)
ioprio_set$pid(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3da, &(0x7f00000004c0)="$eJzs3N1qHFUcAPD/TPNh0+pGrV5owUgRgx/5aEpssKCCl15ZX2BN0hLdNrZZwZZcKIh9APUBxMv6CF6Id4LgTfHaO6VQJMm1rMxmdjNudmO+ltHu7wcHzpnZ4Zz/zOyek3MOCWBgTUTEpxExEhEfREQlP57kKd7cTtnntjbWF7OURKNx+c+keX5zY30xCtdkTuWFyTQi/TyJZ7vUu3br9ofVWm35Zl6erl/7aHrt1u1XV65Vry5fXb4+N7OwMDN3cX5h/thi/T3u/Hbp3tuVL38+9+uP7787n7X3dH6uGMdxmYiJ9j3pNHXclZXskUI+GSqxIRxIGhEnImKo+f2vxInYeXiV+L5SauMAgL5oNN7oKAMAD79Enw8AA6b1d//mxvpiK5UxD1GWB29tL15t5mubW+34h9orIcMd61vHaSIivvv6teeyFH1ahwQAKPohG/9c7Db+S+Ns4XMnI2Is39t1OiIejYjHCvvFDmuio7x7/JPeP2IVe8rGf5cKe9u2CvHnxk/kpSzm8RhOrqzUlmfy+CdjeDQrz+5Rx9nLT//V61xx/JelrP7WWDBvx/2h0X9es1StV48Sc9GDzyKeGeoWf9Ie/ybNuA/v9Rt3n+p17t/j76/GNxEvdn3+Ozv3kr33J04334fp1lux252XXrjRq/6y48+e/9je8Y8nxf2aawev46cLK7/0OnfY938kea+ZH8mPfVKt12/ORowk7+w+fn7n2la59fks/slz3b//Z2LnTjweEU9ExJMRzeM9X+guXql9+/zh4++vLP6lAz3/g2fGvrh7r1f9+3v+F5q5yfzIfn7/9tvAo9w7AAAA+L9Im/O5STrVzqfp1NT2PO+ZGEtrq2v1l6+sfnx9aXvedzyG09ZMV6UwHzqbzxG2yuc7ynP5HMpXoyeb5anF1dpS2cEDwIA61aP/z/wxWnbrAIC+6dfmdgDgv0v/DwCDR/8PAINH/w8Ag0f/DwCDR/8PAAPlKP/XT0ZG5mHNlP3LBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQrr8DAAD//3JA1T8=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @rand_addr=0x64010101}]}, &(0x7f0000000040)=0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r7 = socket$rds(0x15, 0x5, 0x0)
signalfd4(r2, &(0x7f00000000c0)={[0x5]}, 0x8, 0x80800)
bind$rds(r7, &(0x7f0000000840)={0x2, 0x0, @empty}, 0x10)
shutdown(r6, 0x2)
sendmsg$kcm(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001201", 0x2e}], 0x1}, 0x48000)

42.213687ms ago: executing program 2 (id=846):
r0 = gettid()
timer_create(0x0, &(0x7f00000014c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x8003}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0x9, 0x0, 0x4)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
timer_delete(r1)

0s ago: executing program 2 (id=847):
r0 = socket$xdp(0x2c, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="17000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0xff58)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)

kernel console output (not intermixed with test programs):

bility 0, space 0, times 0
[   57.552598][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.3.354 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.552627][ T5317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   57.552639][ T5317] Call Trace:
[   57.552647][ T5317]  <TASK>
[   57.552655][ T5317]  __dump_stack+0x1d/0x30
[   57.552677][ T5317]  dump_stack_lvl+0xe8/0x140
[   57.552697][ T5317]  dump_stack+0x15/0x1b
[   57.552714][ T5317]  should_fail_ex+0x265/0x280
[   57.552736][ T5317]  should_failslab+0x8c/0xb0
[   57.552768][ T5317]  kmem_cache_alloc_noprof+0x50/0x310
[   57.552856][ T5317]  ? __es_insert_extent+0x508/0xee0
[   57.552880][ T5317]  __es_insert_extent+0x508/0xee0
[   57.552960][ T5317]  ext4_es_insert_extent+0x435/0x1c10
[   57.553036][ T5317]  ext4_map_blocks+0x8cd/0xd00
[   57.553133][ T5317]  ext4_iomap_begin+0x88d/0xe00
[   57.553218][ T5317]  ? __pfx_ext4_iomap_begin+0x10/0x10
[   57.553240][ T5317]  iomap_iter+0x332/0x730
[   57.553264][ T5317]  ? should_failslab+0x8c/0xb0
[   57.553298][ T5317]  __iomap_dio_rw+0x708/0x1250
[   57.553331][ T5317]  ? ext4_journal_check_start+0x11a/0x1b0
[   57.553353][ T5317]  iomap_dio_rw+0x40/0x90
[   57.553375][ T5317]  ext4_file_write_iter+0xad9/0xf00
[   57.553442][ T5317]  do_iter_readv_writev+0x499/0x540
[   57.553466][ T5317]  vfs_writev+0x2df/0x8b0
[   57.553500][ T5317]  __se_sys_pwritev2+0xfc/0x1c0
[   57.553526][ T5317]  __x64_sys_pwritev2+0x67/0x80
[   57.553607][ T5317]  x64_sys_call+0x2c55/0x2ff0
[   57.553706][ T5317]  do_syscall_64+0xd2/0x200
[   57.553733][ T5317]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   57.553759][ T5317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.553831][ T5317] RIP: 0033:0x7fedb17eebe9
[   57.553848][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.553864][ T5317] RSP: 002b:00007fedb024f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   57.553884][ T5317] RAX: ffffffffffffffda RBX: 00007fedb1a25fa0 RCX: 00007fedb17eebe9
[   57.553897][ T5317] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 000000000000000a
[   57.553935][ T5317] RBP: 00007fedb024f090 R08: 0000000000000000 R09: 0000000000000003
[   57.553947][ T5317] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[   57.553959][ T5317] R13: 00007fedb1a26038 R14: 00007fedb1a25fa0 R15: 00007ffcdccebb48
[   57.553977][ T5317]  </TASK>
[   57.796746][ T5327] loop5: detected capacity change from 0 to 1024
[   57.809298][ T5327] EXT4-fs: Ignoring removed nobh option
[   57.815070][ T5327] EXT4-fs: Ignoring removed bh option
[   57.847560][ T5327] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.355: Allocating blocks 257-513 which overlap fs metadata
[   57.950755][ T5353] FAULT_INJECTION: forcing a failure.
[   57.950755][ T5353] name failslab, interval 1, probability 0, space 0, times 0
[   57.963470][ T5353] CPU: 1 UID: 0 PID: 5353 Comm: syz.2.361 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.963569][ T5353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   57.963580][ T5353] Call Trace:
[   57.963587][ T5353]  <TASK>
[   57.963601][ T5353]  __dump_stack+0x1d/0x30
[   57.963636][ T5353]  dump_stack_lvl+0xe8/0x140
[   57.963653][ T5353]  dump_stack+0x15/0x1b
[   57.963672][ T5353]  should_fail_ex+0x265/0x280
[   57.963765][ T5353]  should_failslab+0x8c/0xb0
[   57.963784][ T5353]  __kmalloc_noprof+0xa5/0x3e0
[   57.963805][ T5353]  ? bio_kmalloc+0x41/0x50
[   57.963834][ T5353]  bio_kmalloc+0x41/0x50
[   57.963890][ T5353]  blk_rq_map_user_iov+0x58a/0x14a0
[   57.963913][ T5353]  ? blk_mq_get_tag+0x4f9/0x570
[   57.963968][ T5353]  ? __blk_mq_alloc_requests+0xd86/0xe30
[   57.963995][ T5353]  blk_rq_map_user_io+0x18f/0x260
[   57.964019][ T5353]  ? __rcu_read_unlock+0x4f/0x70
[   57.964085][ T5353]  ? sg_link_reserve+0x117/0x140
[   57.964145][ T5353]  sg_common_write+0xb06/0xc30
[   57.964185][ T5353]  sg_write+0x6b5/0x750
[   57.964216][ T5353]  vfs_writev+0x406/0x8b0
[   57.964369][ T5353]  ? __pfx_sg_write+0x10/0x10
[   57.964398][ T5353]  do_writev+0xe7/0x210
[   57.964500][ T5353]  __x64_sys_writev+0x45/0x50
[   57.964521][ T5353]  x64_sys_call+0x1e9a/0x2ff0
[   57.964610][ T5353]  do_syscall_64+0xd2/0x200
[   57.964714][ T5353]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.964737][ T5353]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   57.964763][ T5353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.964809][ T5353] RIP: 0033:0x7f93afb0ebe9
[   57.964825][ T5353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.964838][ T5353] RSP: 002b:00007f93ae577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   57.964855][ T5353] RAX: ffffffffffffffda RBX: 00007f93afd45fa0 RCX: 00007f93afb0ebe9
[   57.964929][ T5353] RDX: 0000000000000002 RSI: 0000200000000400 RDI: 0000000000000003
[   57.964942][ T5353] RBP: 00007f93ae577090 R08: 0000000000000000 R09: 0000000000000000
[   57.964954][ T5353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.964988][ T5353] R13: 00007f93afd46038 R14: 00007f93afd45fa0 R15: 00007ffdfb26b778
[   57.965007][ T5353]  </TASK>
[   58.419160][ T5385] loop3: detected capacity change from 0 to 512
[   58.701124][ T5394] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   58.713296][ T5393] IPVS: stopping master sync thread 5394 ...
[   58.753380][ T5393] loop2: detected capacity change from 0 to 2048
[   58.795599][   T29] kauditd_printk_skb: 221 callbacks suppressed
[   58.795612][   T29] audit: type=1400 audit(1756543516.475:2246): avc:  denied  { nlmsg_write } for  pid=5404 comm="syz.5.367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   58.827868][ T5393]  loop2: unable to read partition table
[   58.834234][ T5393] loop2: partition table beyond EOD, truncated
[   58.840442][ T5393] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[   58.873941][ T5406] bridge0: port 3(veth0_to_team) entered blocking state
[   58.881078][ T5406] bridge0: port 3(veth0_to_team) entered disabled state
[   58.890207][ T5406] veth0_to_team: entered allmulticast mode
[   58.896810][ T5406] veth0_to_team: entered promiscuous mode
[   58.904488][ T5406] bridge0: port 3(veth0_to_team) entered blocking state
[   58.911481][ T5406] bridge0: port 3(veth0_to_team) entered forwarding state
[   58.916559][ T5410] netlink: 176 bytes leftover after parsing attributes in process `syz.3.369'.
[   58.936867][   T29] audit: type=1400 audit(1756543516.615:2247): avc:  denied  { write } for  pid=5411 comm="syz.2.370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   58.964135][ T5418] loop3: detected capacity change from 0 to 1024
[   58.971188][ T5418] EXT4-fs: Ignoring removed nobh option
[   58.976768][ T5418] EXT4-fs: Ignoring removed bh option
[   59.015593][   T29] audit: type=1400 audit(1756543516.675:2248): avc:  denied  { name_connect } for  pid=5422 comm="syz.2.373" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   59.035839][   T29] audit: type=1400 audit(1756543516.685:2249): avc:  denied  { accept } for  pid=5422 comm="syz.2.373" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   59.056277][   T29] audit: type=1326 audit(1756543516.695:2250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5426 comm="syz.5.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01fe28ebe9 code=0x7ffc0000
[   59.079915][   T29] audit: type=1326 audit(1756543516.695:2251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5426 comm="syz.5.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01fe28ebe9 code=0x7ffc0000
[   59.103274][   T29] audit: type=1326 audit(1756543516.695:2252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5426 comm="syz.5.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01fe28ebe9 code=0x7ffc0000
[   59.126750][   T29] audit: type=1326 audit(1756543516.695:2253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5426 comm="syz.5.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01fe28ebe9 code=0x7ffc0000
[   59.137255][ T5432] 9pnet: Unknown protocol version 9
[   59.150231][   T29] audit: type=1326 audit(1756543516.695:2254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5426 comm="syz.5.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01fe28ebe9 code=0x7ffc0000
[   59.182656][   T29] audit: type=1326 audit(1756543516.695:2255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5426 comm="syz.5.374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f01fe28d69f code=0x7ffc0000
[   59.226952][ T5438] loop2: detected capacity change from 0 to 512
[   59.234643][ T5438] EXT4-fs: Ignoring removed mblk_io_submit option
[   59.241487][ T5440] loop5: detected capacity change from 0 to 512
[   59.242075][ T5438] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   59.258564][ T5440] EXT4-fs: Ignoring removed mblk_io_submit option
[   59.265702][ T5438] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c018, mo2=0002]
[   59.273861][ T5438] System zones: 1-12
[   59.278285][ T5438] EXT4-fs (loop2): 1 truncate cleaned up
[   59.284891][ T5440] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   59.298022][ T5440] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c018, mo2=0002]
[   59.306032][ T5440] System zones: 1-12
[   59.310865][ T5440] EXT4-fs (loop5): 1 truncate cleaned up
[   59.322371][ T5448] loop2: detected capacity change from 0 to 1024
[   59.329237][ T5448] EXT4-fs: Ignoring removed nobh option
[   59.334833][ T5448] EXT4-fs: Ignoring removed bh option
[   59.379953][ T5448] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.382: Allocating blocks 497-513 which overlap fs metadata
[   59.507242][ T5458] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.382: Allocating blocks 497-513 which overlap fs metadata
[   59.598257][ T5465] loop1: detected capacity change from 0 to 1024
[   59.605444][ T5465] EXT4-fs: Ignoring removed nobh option
[   59.611083][ T5465] EXT4-fs: Ignoring removed bh option
[   59.637467][ T5466] loop5: detected capacity change from 0 to 1024
[   59.702768][ T5465] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.388: Allocating blocks 257-513 which overlap fs metadata
[   59.765709][ T5466] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.786320][ T5466] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.385: lblock 3 mapped to illegal pblock 3 (length 13)
[   59.804764][ T5466] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   59.817212][ T5466] EXT4-fs (loop5): This should not happen!! Data will be lost
[   59.817212][ T5466] 
[   59.850524][ T5466] lo speed is unknown, defaulting to 1000
[   60.015738][ T5478] loop1: detected capacity change from 0 to 164
[   60.067282][ T5483] loop1: detected capacity change from 0 to 512
[   60.074195][ T5483] EXT4-fs: Ignoring removed mblk_io_submit option
[   60.082074][ T5483] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   60.096980][ T5483] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c018, mo2=0002]
[   60.104973][ T5483] System zones: 1-12
[   60.109298][ T5483] EXT4-fs (loop1): 1 truncate cleaned up
[   60.213742][ T5496] loop3: detected capacity change from 0 to 1024
[   60.231422][ T5496] EXT4-fs: Ignoring removed nobh option
[   60.237098][ T5496] EXT4-fs: Ignoring removed bh option
[   60.284005][ T5499] infiniband syz!: set active
[   60.288726][ T5499] infiniband syz!: added team_slave_0
[   60.300679][ T5496] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.398: Allocating blocks 497-513 which overlap fs metadata
[   60.318104][ T5496] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.398: Allocating blocks 497-513 which overlap fs metadata
[   60.340597][ T5499] RDS/IB: syz!: added
[   60.350370][ T5499] smc: adding ib device syz! with port count 1
[   60.357010][ T5499] smc:    ib device syz! port 1 has pnetid 
[   60.389733][ T5511] lo speed is unknown, defaulting to 1000
[   60.499000][ T5529] veth0: entered promiscuous mode
[   60.546435][ T5529] netlink: 4 bytes leftover after parsing attributes in process `syz.3.404'.
[   60.556815][ T5535] FAULT_INJECTION: forcing a failure.
[   60.556815][ T5535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.569930][ T5535] CPU: 0 UID: 0 PID: 5535 Comm: syz.4.405 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.570012][ T5535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   60.570024][ T5535] Call Trace:
[   60.570030][ T5535]  <TASK>
[   60.570036][ T5535]  __dump_stack+0x1d/0x30
[   60.570110][ T5535]  dump_stack_lvl+0xe8/0x140
[   60.570130][ T5535]  dump_stack+0x15/0x1b
[   60.570150][ T5535]  should_fail_ex+0x265/0x280
[   60.570170][ T5535]  should_fail+0xb/0x20
[   60.570254][ T5535]  should_fail_usercopy+0x1a/0x20
[   60.570272][ T5535]  _copy_from_user+0x1c/0xb0
[   60.570315][ T5535]  __ia32_sys_rt_sigreturn+0x128/0x350
[   60.570347][ T5535]  x64_sys_call+0x2d3c/0x2ff0
[   60.570369][ T5535]  do_syscall_64+0xd2/0x200
[   60.570396][ T5535]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   60.570518][ T5535]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   60.570544][ T5535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.570566][ T5535] RIP: 0033:0x7f42b8d3adb9
[   60.570581][ T5535] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   60.570674][ T5535] RSP: 002b:00007f42b77fea80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   60.570690][ T5535] RAX: ffffffffffffffda RBX: 00007f42b8fd5fa0 RCX: 00007f42b8d3adb9
[   60.570729][ T5535] RDX: 00007f42b77fea80 RSI: 00007f42b77febb0 RDI: 0000000000000021
[   60.570741][ T5535] RBP: 00007f42b77ff090 R08: 0000000000000000 R09: 0000000000000000
[   60.570754][ T5535] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[   60.570767][ T5535] R13: 00007f42b8fd6038 R14: 00007f42b8fd5fa0 R15: 00007ffff94d18e8
[   60.570786][ T5535]  </TASK>
[   60.920775][ T5574] FAULT_INJECTION: forcing a failure.
[   60.920775][ T5574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.934019][ T5574] CPU: 0 UID: 0 PID: 5574 Comm: syz.3.415 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.934043][ T5574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   60.934053][ T5574] Call Trace:
[   60.934061][ T5574]  <TASK>
[   60.934069][ T5574]  __dump_stack+0x1d/0x30
[   60.934092][ T5574]  dump_stack_lvl+0xe8/0x140
[   60.934112][ T5574]  dump_stack+0x15/0x1b
[   60.934128][ T5574]  should_fail_ex+0x265/0x280
[   60.934227][ T5574]  should_fail+0xb/0x20
[   60.934241][ T5574]  should_fail_usercopy+0x1a/0x20
[   60.934258][ T5574]  _copy_to_user+0x20/0xa0
[   60.934363][ T5574]  __x64_sys_statfs+0xa5/0xf0
[   60.934396][ T5574]  x64_sys_call+0x2a03/0x2ff0
[   60.934412][ T5574]  do_syscall_64+0xd2/0x200
[   60.934483][ T5574]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   60.934533][ T5574]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   60.934561][ T5574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.934582][ T5574] RIP: 0033:0x7fedb17eebe9
[   60.934597][ T5574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.934634][ T5574] RSP: 002b:00007fedb024f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000089
[   60.934652][ T5574] RAX: ffffffffffffffda RBX: 00007fedb1a25fa0 RCX: 00007fedb17eebe9
[   60.934663][ T5574] RDX: 0000000000000000 RSI: 0000200000000f40 RDI: 0000200000000680
[   60.934673][ T5574] RBP: 00007fedb024f090 R08: 0000000000000000 R09: 0000000000000000
[   60.934683][ T5574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.934693][ T5574] R13: 00007fedb1a26038 R14: 00007fedb1a25fa0 R15: 00007ffcdccebb48
[   60.934708][ T5574]  </TASK>
[   61.211448][ T5599] netlink: 36 bytes leftover after parsing attributes in process `syz.3.418'.
[   61.220487][ T5599] netlink: 16 bytes leftover after parsing attributes in process `syz.3.418'.
[   61.229374][ T5599] netlink: 36 bytes leftover after parsing attributes in process `syz.3.418'.
[   61.252576][ T5614] loop4: detected capacity change from 0 to 1024
[   61.346378][ T5614] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.527569][ T5599] netlink: 36 bytes leftover after parsing attributes in process `syz.3.418'.
[   61.537848][ T5624] FAULT_INJECTION: forcing a failure.
[   61.537848][ T5624] name failslab, interval 1, probability 0, space 0, times 0
[   61.550865][ T5624] CPU: 1 UID: 0 PID: 5624 Comm: syz.5.420 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.550948][ T5624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   61.550960][ T5624] Call Trace:
[   61.550967][ T5624]  <TASK>
[   61.550974][ T5624]  __dump_stack+0x1d/0x30
[   61.550991][ T5624]  dump_stack_lvl+0xe8/0x140
[   61.551007][ T5624]  dump_stack+0x15/0x1b
[   61.551020][ T5624]  should_fail_ex+0x265/0x280
[   61.551108][ T5624]  should_failslab+0x8c/0xb0
[   61.551129][ T5624]  kmem_cache_alloc_noprof+0x50/0x310
[   61.551160][ T5624]  ? audit_log_start+0x365/0x6c0
[   61.551256][ T5624]  audit_log_start+0x365/0x6c0
[   61.551286][ T5624]  audit_seccomp+0x48/0x100
[   61.551305][ T5624]  ? __seccomp_filter+0x68c/0x10d0
[   61.551406][ T5624]  __seccomp_filter+0x69d/0x10d0
[   61.551428][ T5624]  ? plist_check_list+0x1e4/0x210
[   61.551500][ T5624]  __secure_computing+0x82/0x150
[   61.551520][ T5624]  syscall_trace_enter+0xcf/0x1e0
[   61.551545][ T5624]  do_syscall_64+0xac/0x200
[   61.551570][ T5624]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   61.551672][ T5624]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.551692][ T5624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.551719][ T5624] RIP: 0033:0x7f01fe28ebe9
[   61.551735][ T5624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.551824][ T5624] RSP: 002b:00007f01fccef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   61.551844][ T5624] RAX: ffffffffffffffda RBX: 00007f01fe4c5fa0 RCX: 00007f01fe28ebe9
[   61.551856][ T5624] RDX: 0000000000002000 RSI: 0000000000002000 RDI: 0000200000ffc000
[   61.551943][ T5624] RBP: 00007f01fccef090 R08: 0000200000fff000 R09: 0000000000000000
[   61.551956][ T5624] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001
[   61.551969][ T5624] R13: 00007f01fe4c6038 R14: 00007f01fe4c5fa0 R15: 00007ffd8e1c90a8
[   61.552069][ T5624]  </TASK>
[   61.822085][ T5631] loop1: detected capacity change from 0 to 512
[   61.828785][ T5631] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.873134][ T5631] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   61.881718][ T5631] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[   61.914245][ T5631] System zones: 0-1, 15-15, 18-18, 34-34
[   61.920095][ T5631] EXT4-fs (loop1): orphan cleanup on readonly fs
[   61.927214][ T5631] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #16: comm syz.1.422: casefold flag without casefold feature
[   61.940744][ T5631] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.422: couldn't read orphan inode 16 (err -117)
[   61.997993][ T5665] loop2: detected capacity change from 0 to 164
[   62.031382][ T5668] IPv6: sit2: Disabled Multicast RS
[   62.046231][ T5669] netlink: 'syz.2.433': attribute type 3 has an invalid length.
[   62.078374][ T5675] loop5: detected capacity change from 0 to 1024
[   62.092350][ T5675] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.144202][ T5680] tipc: Started in network mode
[   62.149166][ T5680] tipc: Node identity e60970b1a193, cluster identity 4711
[   62.156717][ T5680] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   62.166993][ T5675] EXT4-fs: Ignoring removed orlov option
[   62.173544][ T5675] EXT4-fs (loop5): can't enable nombcache during remount
[   62.183534][ T5675] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5675 comm=syz.5.436
[   62.207554][ T5680] syzkaller0: entered promiscuous mode
[   62.213285][ T5680] syzkaller0: entered allmulticast mode
[   62.267010][ T5691] netlink: 176 bytes leftover after parsing attributes in process `syz.5.440'.
[   62.301376][ T5697] tipc: Resetting bearer <eth:syzkaller0>
[   62.364595][ T5705] FAULT_INJECTION: forcing a failure.
[   62.364595][ T5705] name failslab, interval 1, probability 0, space 0, times 0
[   62.377409][ T5705] CPU: 1 UID: 0 PID: 5705 Comm: syz.4.447 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.377432][ T5705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   62.377443][ T5705] Call Trace:
[   62.377451][ T5705]  <TASK>
[   62.377458][ T5705]  __dump_stack+0x1d/0x30
[   62.377508][ T5705]  dump_stack_lvl+0xe8/0x140
[   62.377524][ T5705]  dump_stack+0x15/0x1b
[   62.377539][ T5705]  should_fail_ex+0x265/0x280
[   62.377581][ T5705]  should_failslab+0x8c/0xb0
[   62.377603][ T5705]  kmem_cache_alloc_noprof+0x50/0x310
[   62.377628][ T5705]  ? security_inode_alloc+0x37/0x100
[   62.377730][ T5705]  security_inode_alloc+0x37/0x100
[   62.377785][ T5705]  inode_init_always_gfp+0x4b7/0x500
[   62.377804][ T5705]  ? __pfx_sock_alloc_inode+0x10/0x10
[   62.377829][ T5705]  alloc_inode+0x58/0x170
[   62.377921][ T5705]  do_accept+0xa0/0x3a0
[   62.377948][ T5705]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   62.377992][ T5705]  __sys_accept4+0xbf/0x140
[   62.378016][ T5705]  __x64_sys_accept4+0x51/0x60
[   62.378134][ T5705]  x64_sys_call+0x2ed3/0x2ff0
[   62.378151][ T5705]  do_syscall_64+0xd2/0x200
[   62.378175][ T5705]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.378197][ T5705]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   62.378320][ T5705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.378340][ T5705] RIP: 0033:0x7f42b8d9ebe9
[   62.378355][ T5705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.378371][ T5705] RSP: 002b:00007f42b77ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[   62.378434][ T5705] RAX: ffffffffffffffda RBX: 00007f42b8fd5fa0 RCX: 00007f42b8d9ebe9
[   62.378479][ T5705] RDX: 0000000000000000 RSI: 9999999999999999 RDI: 0000000000000006
[   62.378492][ T5705] RBP: 00007f42b77ff090 R08: 0000000000000000 R09: 0000000000000000
[   62.378503][ T5705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.378512][ T5705] R13: 00007f42b8fd6038 R14: 00007f42b8fd5fa0 R15: 00007ffff94d18e8
[   62.378530][ T5705]  </TASK>
[   62.707893][ T5679] tipc: Resetting bearer <eth:syzkaller0>
[   62.715481][ T5679] tipc: Disabling bearer <eth:syzkaller0>
[   62.725991][ T5709] lo speed is unknown, defaulting to 1000
[   62.802686][ T5713] loop3: detected capacity change from 0 to 1024
[   62.841809][ T5713] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.854561][ T5713] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.448: lblock 3 mapped to illegal pblock 3 (length 13)
[   62.868969][ T5713] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   62.881459][ T5713] EXT4-fs (loop3): This should not happen!! Data will be lost
[   62.881459][ T5713] 
[   62.908990][ T5713] lo speed is unknown, defaulting to 1000
[   63.083064][ T5718] loop4: detected capacity change from 0 to 1024
[   63.173870][ T5718] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.193148][ T5718] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.449: lblock 3 mapped to illegal pblock 3 (length 13)
[   63.223466][ T5718] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   63.235907][ T5718] EXT4-fs (loop4): This should not happen!! Data will be lost
[   63.235907][ T5718] 
[   63.283031][ T5723] lo speed is unknown, defaulting to 1000
[   63.423461][ T5725] loop2: detected capacity change from 0 to 1024
[   63.444545][ T5725] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.652742][ T5736] loop4: detected capacity change from 0 to 128
[   63.659482][ T5736] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   63.673669][ T5736] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   63.792518][ T5750] netlink: 12 bytes leftover after parsing attributes in process `syz.2.461'.
[   63.810216][ T5746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.460'.
[   63.912231][ T5716] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   63.960965][   T29] kauditd_printk_skb: 282 callbacks suppressed
[   63.960979][   T29] audit: type=1326 audit(1756543521.645:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   63.961059][ T5759] loop2: detected capacity change from 0 to 1024
[   63.968373][   T29] audit: type=1326 audit(1756543521.645:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   64.021022][   T29] audit: type=1326 audit(1756543521.645:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   64.044384][   T29] audit: type=1326 audit(1756543521.645:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8f88d2d69f code=0x7ffc0000
[   64.067885][   T29] audit: type=1326 audit(1756543521.645:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   64.091250][   T29] audit: type=1326 audit(1756543521.645:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   64.114709][   T29] audit: type=1326 audit(1756543521.645:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   64.138082][   T29] audit: type=1326 audit(1756543521.645:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   64.161491][   T29] audit: type=1326 audit(1756543521.645:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   64.200605][ T5759] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.256982][ T5769] loop1: detected capacity change from 0 to 1024
[   64.264753][ T5769] EXT4-fs: Ignoring removed nobh option
[   64.270370][ T5769] EXT4-fs: Ignoring removed bh option
[   64.285673][ T5774] loop2: detected capacity change from 0 to 128
[   64.292978][ T5774] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   64.366533][   T29] audit: type=1400 audit(1756543521.995:2545): avc:  denied  { write } for  pid=5775 comm="syz.3.467" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   64.396531][ T5769] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.466: Allocating blocks 481-513 which overlap fs metadata
[   64.411626][ T5774] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   64.631712][ T5784] netlink: 176 bytes leftover after parsing attributes in process `syz.4.471'.
[   64.721255][ T5790] veth0: entered promiscuous mode
[   64.737288][ T5790] netlink: 4 bytes leftover after parsing attributes in process `syz.4.473'.
[   64.782779][ T5796] FAULT_INJECTION: forcing a failure.
[   64.782779][ T5796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.796345][ T5796] CPU: 1 UID: 0 PID: 5796 Comm: syz.2.475 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.796377][ T5796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.796454][ T5796] Call Trace:
[   64.796461][ T5796]  <TASK>
[   64.796469][ T5796]  __dump_stack+0x1d/0x30
[   64.796487][ T5796]  dump_stack_lvl+0xe8/0x140
[   64.796505][ T5796]  dump_stack+0x15/0x1b
[   64.796673][ T5796]  should_fail_ex+0x265/0x280
[   64.796694][ T5796]  should_fail+0xb/0x20
[   64.796712][ T5796]  should_fail_usercopy+0x1a/0x20
[   64.796732][ T5796]  _copy_to_user+0x20/0xa0
[   64.796760][ T5796]  simple_read_from_buffer+0xb5/0x130
[   64.796825][ T5796]  proc_fail_nth_read+0x10e/0x150
[   64.796849][ T5796]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   64.796875][ T5796]  vfs_read+0x1a8/0x770
[   64.796895][ T5796]  ? __rcu_read_unlock+0x4f/0x70
[   64.796968][ T5796]  ? __fget_files+0x184/0x1c0
[   64.797046][ T5796]  ksys_read+0xda/0x1a0
[   64.797103][ T5796]  __x64_sys_read+0x40/0x50
[   64.797124][ T5796]  x64_sys_call+0x27bc/0x2ff0
[   64.797142][ T5796]  do_syscall_64+0xd2/0x200
[   64.797230][ T5796]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.797347][ T5796]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.797373][ T5796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.797402][ T5796] RIP: 0033:0x7f93afb0d5fc
[   64.797415][ T5796] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   64.797429][ T5796] RSP: 002b:00007f93ae577030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   64.797445][ T5796] RAX: ffffffffffffffda RBX: 00007f93afd45fa0 RCX: 00007f93afb0d5fc
[   64.797456][ T5796] RDX: 000000000000000f RSI: 00007f93ae5770a0 RDI: 0000000000000008
[   64.797478][ T5796] RBP: 00007f93ae577090 R08: 0000000000000000 R09: 0000000000000000
[   64.797491][ T5796] R10: 0000000000000066 R11: 0000000000000246 R12: 0000000000000001
[   64.797504][ T5796] R13: 00007f93afd46038 R14: 00007f93afd45fa0 R15: 00007ffdfb26b778
[   64.797525][ T5796]  </TASK>
[   65.023374][ T5798] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.030932][ T5798] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.070893][ T5798] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.078546][ T5798] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.104911][ T5804] loop1: detected capacity change from 0 to 1024
[   65.122196][ T5804] EXT4-fs: Ignoring removed nobh option
[   65.127935][ T5804] EXT4-fs: Ignoring removed bh option
[   65.144494][ T5806] loop5: detected capacity change from 0 to 128
[   65.152307][ T5808] vhci_hcd: invalid port number 23
[   65.158145][ T5806] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   65.178410][ T5806] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   65.213112][ T5812] loop2: detected capacity change from 0 to 1024
[   65.286475][ T5812] EXT4-fs: Ignoring removed nobh option
[   65.292083][ T5812] EXT4-fs: Ignoring removed bh option
[   65.316132][ T5823] loop3: detected capacity change from 0 to 1024
[   65.335042][ T5820] ip6gre2: entered allmulticast mode
[   65.360598][ T5812] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.484: Allocating blocks 257-513 which overlap fs metadata
[   65.417884][ T5823] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.519106][ T5844] FAULT_INJECTION: forcing a failure.
[   65.519106][ T5844] name failslab, interval 1, probability 0, space 0, times 0
[   65.531832][ T5844] CPU: 0 UID: 0 PID: 5844 Comm: syz.2.495 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.531856][ T5844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   65.531866][ T5844] Call Trace:
[   65.531872][ T5844]  <TASK>
[   65.531879][ T5844]  __dump_stack+0x1d/0x30
[   65.531909][ T5844]  dump_stack_lvl+0xe8/0x140
[   65.531928][ T5844]  dump_stack+0x15/0x1b
[   65.531940][ T5835] loop5: detected capacity change from 0 to 1024
[   65.531944][ T5844]  should_fail_ex+0x265/0x280
[   65.531965][ T5844]  should_failslab+0x8c/0xb0
[   65.531985][ T5844]  __kmalloc_noprof+0xa5/0x3e0
[   65.532009][ T5844]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   65.532080][ T5844]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   65.532105][ T5844]  genl_family_rcv_msg_doit+0x48/0x1b0
[   65.532152][ T5844]  ? selinux_capable+0x31/0x40
[   65.532177][ T5844]  ? security_capable+0x83/0x90
[   65.532268][ T5844]  ? ns_capable+0x7d/0xb0
[   65.532287][ T5844]  genl_rcv_msg+0x422/0x460
[   65.532312][ T5844]  ? __pfx_ethnl_act_module_fw_flash+0x10/0x10
[   65.532362][ T5844]  netlink_rcv_skb+0x123/0x220
[   65.532397][ T5844]  ? __pfx_genl_rcv_msg+0x10/0x10
[   65.532427][ T5844]  genl_rcv+0x28/0x40
[   65.532450][ T5844]  netlink_unicast+0x5bd/0x690
[   65.532469][ T5844]  netlink_sendmsg+0x58b/0x6b0
[   65.532506][ T5844]  ? __pfx_netlink_sendmsg+0x10/0x10
[   65.532527][ T5844]  __sock_sendmsg+0x145/0x180
[   65.532554][ T5844]  ____sys_sendmsg+0x31e/0x4e0
[   65.532623][ T5844]  ___sys_sendmsg+0x17b/0x1d0
[   65.532656][ T5844]  __x64_sys_sendmsg+0xd4/0x160
[   65.532686][ T5844]  x64_sys_call+0x191e/0x2ff0
[   65.532706][ T5844]  do_syscall_64+0xd2/0x200
[   65.532805][ T5844]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   65.532828][ T5844]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   65.532914][ T5844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.532934][ T5844] RIP: 0033:0x7f93afb0ebe9
[   65.532949][ T5844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.532965][ T5844] RSP: 002b:00007f93ae577038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   65.532983][ T5844] RAX: ffffffffffffffda RBX: 00007f93afd45fa0 RCX: 00007f93afb0ebe9
[   65.532996][ T5844] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[   65.533012][ T5844] RBP: 00007f93ae577090 R08: 0000000000000000 R09: 0000000000000000
[   65.533022][ T5844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.533032][ T5844] R13: 00007f93afd46038 R14: 00007f93afd45fa0 R15: 00007ffdfb26b778
[   65.533048][ T5844]  </TASK>
[   65.681702][ T5858] __nla_validate_parse: 2 callbacks suppressed
[   65.681717][ T5858] netlink: 176 bytes leftover after parsing attributes in process `syz.3.496'.
[   65.703926][ T5835] EXT4-fs mount: 65 callbacks suppressed
[   65.703941][ T5835] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.812138][ T5862] loop2: detected capacity change from 0 to 128
[   65.823189][ T5835] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.842093][ T5862] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   65.855860][ T5862] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   65.865905][ T5864] loop3: detected capacity change from 0 to 164
[   65.904595][ T5866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.500'.
[   65.916294][ T5866] ip6gre1: entered allmulticast mode
[   65.937597][ T5868] netlink: 4 bytes leftover after parsing attributes in process `syz.4.501'.
[   66.008758][ T5872] loop3: detected capacity change from 0 to 512
[   66.050553][ T5872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.069547][ T5882] loop2: detected capacity change from 0 to 1024
[   66.082369][ T5882] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.094750][ T5882] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.153783][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.166210][ T5886] 9pnet_virtio: no channels available for device syz
[   66.177636][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.245298][ T5888] netlink: 4 bytes leftover after parsing attributes in process `syz.3.508'.
[   66.290120][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.559402][ T5900] netlink: 16 bytes leftover after parsing attributes in process `syz.1.512'.
[   66.589443][ T5899] netlink: 8 bytes leftover after parsing attributes in process `syz.5.513'.
[   66.601134][ T5899] ip6gre2: entered allmulticast mode
[   66.644251][ T5911] FAULT_INJECTION: forcing a failure.
[   66.644251][ T5911] name failslab, interval 1, probability 0, space 0, times 0
[   66.656968][ T5911] CPU: 1 UID: 0 PID: 5911 Comm: syz.5.517 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.657052][ T5911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   66.657064][ T5911] Call Trace:
[   66.657070][ T5911]  <TASK>
[   66.657079][ T5911]  __dump_stack+0x1d/0x30
[   66.657102][ T5911]  dump_stack_lvl+0xe8/0x140
[   66.657120][ T5911]  dump_stack+0x15/0x1b
[   66.657203][ T5911]  should_fail_ex+0x265/0x280
[   66.657222][ T5911]  should_failslab+0x8c/0xb0
[   66.657243][ T5911]  __kmalloc_cache_node_noprof+0x54/0x320
[   66.657268][ T5911]  ? __get_vm_area_node+0x106/0x1d0
[   66.657300][ T5911]  __get_vm_area_node+0x106/0x1d0
[   66.657329][ T5911]  __vmalloc_node_range_noprof+0x273/0xe00
[   66.657358][ T5911]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   66.657435][ T5911]  ? avc_has_perm_noaudit+0x1b1/0x200
[   66.657460][ T5911]  ? cred_has_capability+0x210/0x280
[   66.657478][ T5911]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   66.657580][ T5911]  __vmalloc_noprof+0x83/0xc0
[   66.657606][ T5911]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   66.657627][ T5911]  bpf_prog_alloc_no_stats+0x47/0x3a0
[   66.657695][ T5911]  ? bpf_prog_alloc+0x2a/0x150
[   66.657721][ T5911]  bpf_prog_alloc+0x3c/0x150
[   66.657745][ T5911]  bpf_prog_load+0x514/0x1070
[   66.657846][ T5911]  ? security_bpf+0x2b/0x90
[   66.657871][ T5911]  __sys_bpf+0x462/0x7b0
[   66.657897][ T5911]  __x64_sys_bpf+0x41/0x50
[   66.657958][ T5911]  x64_sys_call+0x2aea/0x2ff0
[   66.657986][ T5911]  do_syscall_64+0xd2/0x200
[   66.658010][ T5911]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   66.658054][ T5911]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   66.658076][ T5911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.658145][ T5911] RIP: 0033:0x7f01fe28ebe9
[   66.658237][ T5911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.658255][ T5911] RSP: 002b:00007f01fccef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   66.658273][ T5911] RAX: ffffffffffffffda RBX: 00007f01fe4c5fa0 RCX: 00007f01fe28ebe9
[   66.658284][ T5911] RDX: 0000000000000094 RSI: 0000200000000880 RDI: 0000000000000005
[   66.658294][ T5911] RBP: 00007f01fccef090 R08: 0000000000000000 R09: 0000000000000000
[   66.658305][ T5911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.658315][ T5911] R13: 00007f01fe4c6038 R14: 00007f01fe4c5fa0 R15: 00007ffd8e1c90a8
[   66.658359][ T5911]  </TASK>
[   66.899982][ T5911] syz.5.517: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[   66.916581][ T5911] CPU: 1 UID: 0 PID: 5911 Comm: syz.5.517 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.916655][ T5911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   66.916721][ T5911] Call Trace:
[   66.916727][ T5911]  <TASK>
[   66.916778][ T5911]  __dump_stack+0x1d/0x30
[   66.916848][ T5911]  dump_stack_lvl+0xe8/0x140
[   66.916889][ T5911]  dump_stack+0x15/0x1b
[   66.916907][ T5911]  warn_alloc+0x12b/0x1a0
[   66.917001][ T5911]  __vmalloc_node_range_noprof+0x297/0xe00
[   66.917036][ T5911]  ? avc_has_perm_noaudit+0x1b1/0x200
[   66.917063][ T5911]  ? cred_has_capability+0x210/0x280
[   66.917086][ T5911]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   66.917179][ T5911]  __vmalloc_noprof+0x83/0xc0
[   66.917208][ T5911]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   66.917233][ T5911]  bpf_prog_alloc_no_stats+0x47/0x3a0
[   66.917312][ T5911]  ? bpf_prog_alloc+0x2a/0x150
[   66.917414][ T5911]  bpf_prog_alloc+0x3c/0x150
[   66.917438][ T5911]  bpf_prog_load+0x514/0x1070
[   66.917471][ T5911]  ? security_bpf+0x2b/0x90
[   66.917569][ T5911]  __sys_bpf+0x462/0x7b0
[   66.917599][ T5911]  __x64_sys_bpf+0x41/0x50
[   66.917621][ T5911]  x64_sys_call+0x2aea/0x2ff0
[   66.917642][ T5911]  do_syscall_64+0xd2/0x200
[   66.917667][ T5911]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   66.917732][ T5911]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   66.917757][ T5911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.917778][ T5911] RIP: 0033:0x7f01fe28ebe9
[   66.917794][ T5911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.917825][ T5911] RSP: 002b:00007f01fccef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   66.917845][ T5911] RAX: ffffffffffffffda RBX: 00007f01fe4c5fa0 RCX: 00007f01fe28ebe9
[   66.917858][ T5911] RDX: 0000000000000094 RSI: 0000200000000880 RDI: 0000000000000005
[   66.917870][ T5911] RBP: 00007f01fccef090 R08: 0000000000000000 R09: 0000000000000000
[   66.917883][ T5911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.917949][ T5911] R13: 00007f01fe4c6038 R14: 00007f01fe4c5fa0 R15: 00007ffd8e1c90a8
[   66.917968][ T5911]  </TASK>
[   66.917975][ T5911] Mem-Info:
[   66.927989][ T5918] loop3: detected capacity change from 0 to 1024
[   66.938120][ T5911] active_anon:10098 inactive_anon:1 isolated_anon:0
[   66.938120][ T5911]  active_file:20689 inactive_file:2223 isolated_file:0
[   66.938120][ T5911]  unevictable:0 dirty:379 writeback:0
[   66.938120][ T5911]  slab_reclaimable:3347 slab_unreclaimable:18676
[   66.938120][ T5911]  mapped:35099 shmem:6051 pagetables:1300
[   66.938120][ T5911]  sec_pagetables:0 bounce:0
[   66.938120][ T5911]  kernel_misc_reclaimable:0
[   66.938120][ T5911]  free:1876775 free_pcp:9365 free_cma:0
[   67.039906][ T5918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.044122][ T5911] Node 0 active_anon:51876kB inactive_anon:4kB active_file:82756kB inactive_file:8892kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:151880kB dirty:1516kB writeback:0kB shmem:35688kB kernel_stack:4464kB pagetables:5200kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   67.049981][ T5918] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.055825][ T5911] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   67.055896][ T5911] lowmem_reserve[]: 0
[   67.075159][ T5918] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.510: lblock 3 mapped to illegal pblock 3 (length 13)
[   67.079981][ T5911]  2883
[   67.104489][ T5918] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   67.104772][ T5911]  7862
[   67.112836][ T5918] EXT4-fs (loop3): This should not happen!! Data will be lost
[   67.112836][ T5918] 
[   67.120916][ T5911]  7862
[   67.130959][ T5923] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 4: comm syz.3.510: lblock 4 mapped to illegal pblock 4 (length 1)
[   67.131978][ T5911] 
[   67.135732][ T5923] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.510: Freeing blocks not in datazone - block = 3, count = 1
[   67.141558][ T5911] Node 0 DMA32 free:2949196kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952828kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB
[   67.210056][ T5924] loop1: detected capacity change from 0 to 1024
[   67.226319][ T5911] lowmem_reserve[]: 0
[   67.315747][ T5924] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.327972][ T5911]  0 4978 4978
[   67.330366][ T5924] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.343712][ T5911] Node 0 Normal free:4542312kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:52456kB inactive_anon:4kB active_file:82756kB inactive_file:8892kB unevictable:0kB writepending:1516kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:21684kB local_pcp:12644kB free_cma:0kB
[   67.380611][ T5924] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.519: lblock 3 mapped to illegal pblock 3 (length 13)
[   67.384408][ T5911] lowmem_reserve[]: 0
[   67.398849][ T5924] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   67.400370][ T5911]  0 0 0
[   67.410696][ T5924] EXT4-fs (loop1): This should not happen!! Data will be lost
[   67.410696][ T5924] 
[   67.443258][ T5911] 
[   67.443268][ T5911] Node 0 DMA: 
[   67.459820][ T5927] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 4: comm syz.1.519: lblock 4 mapped to illegal pblock 4 (length 1)
[   67.461410][ T5911] 0*4kB 
[   67.473924][ T5927] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.519: Freeing blocks not in datazone - block = 3, count = 1
[   67.476568][ T5911] 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   67.533260][ T5911] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949196kB
[   67.549592][ T5911] Node 0 Normal: 725*4kB (UE) 336*8kB (UME) 196*16kB (UE) 306*32kB (U) 152*64kB (U) 96*128kB (UM) 139*256kB (UM) 61*512kB (UME) 39*1024kB (UME) 16*2048kB (UM) 1065*4096kB (UM) = 4542292kB
[   67.569106][ T5911] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   67.578645][ T5911] 32008 total pagecache pages
[   67.583590][ T5911] 5 pages in swap cache
[   67.587929][ T5911] Free swap  = 124976kB
[   67.592216][ T5911] Total swap = 124996kB
[   67.596606][ T5911] 2097051 pages RAM
[   67.600441][ T5911] 0 pages HighMem/MovableOnly
[   67.605200][ T5911] 80444 pages reserved
[   67.700621][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.729966][ T5935] veth0: entered promiscuous mode
[   67.736926][ T5935] netlink: 4 bytes leftover after parsing attributes in process `syz.5.524'.
[   67.746134][ T5934] loop2: detected capacity change from 0 to 1024
[   67.761799][ T5934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.800587][ T5934] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.823051][ T5945] syz.4.526 uses obsolete (PF_INET,SOCK_PACKET)
[   67.843945][ T5945] FAULT_INJECTION: forcing a failure.
[   67.843945][ T5945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.857052][ T5945] CPU: 0 UID: 0 PID: 5945 Comm: syz.4.526 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.857103][ T5945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.857114][ T5945] Call Trace:
[   67.857121][ T5945]  <TASK>
[   67.857129][ T5945]  __dump_stack+0x1d/0x30
[   67.857152][ T5945]  dump_stack_lvl+0xe8/0x140
[   67.857170][ T5945]  dump_stack+0x15/0x1b
[   67.857183][ T5945]  should_fail_ex+0x265/0x280
[   67.857235][ T5945]  should_fail+0xb/0x20
[   67.857250][ T5945]  should_fail_usercopy+0x1a/0x20
[   67.857269][ T5945]  _copy_from_iter+0xd2/0xe80
[   67.857295][ T5945]  ? _copy_from_iter+0x170/0xe80
[   67.857323][ T5945]  copy_page_from_iter+0x178/0x2a0
[   67.857371][ T5945]  skb_copy_datagram_from_iter+0x232/0x490
[   67.857413][ T5945]  tun_get_user+0xafa/0x2680
[   67.857444][ T5945]  ? ref_tracker_alloc+0x1f2/0x2f0
[   67.857463][ T5945]  ? selinux_file_permission+0x1e4/0x320
[   67.857483][ T5945]  tun_chr_write_iter+0x15e/0x210
[   67.857563][ T5945]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   67.857663][ T5945]  vfs_write+0x52a/0x960
[   67.857702][ T5945]  ksys_write+0xda/0x1a0
[   67.857726][ T5945]  __x64_sys_write+0x40/0x50
[   67.857747][ T5945]  x64_sys_call+0x27fe/0x2ff0
[   67.857763][ T5945]  do_syscall_64+0xd2/0x200
[   67.857794][ T5945]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.857883][ T5945]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.857905][ T5945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.857922][ T5945] RIP: 0033:0x7f42b8d9ebe9
[   67.857938][ T5945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.857967][ T5945] RSP: 002b:00007f42b77ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   67.857987][ T5945] RAX: ffffffffffffffda RBX: 00007f42b8fd5fa0 RCX: 00007f42b8d9ebe9
[   67.857998][ T5945] RDX: 000000000000fd6c RSI: 0000200000000280 RDI: 0000000000000003
[   67.858042][ T5945] RBP: 00007f42b77ff090 R08: 0000000000000000 R09: 0000000000000000
[   67.858056][ T5945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.858069][ T5945] R13: 00007f42b8fd6038 R14: 00007f42b8fd5fa0 R15: 00007ffff94d18e8
[   67.858089][ T5945]  </TASK>
[   68.099235][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.118748][ T5958] 9pnet_fd: Insufficient options for proto=fd
[   68.143118][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.186504][ T5968] loop2: detected capacity change from 0 to 128
[   68.204735][ T5968] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   68.212646][ T5968] FAT-fs (loop2): Filesystem has been set read-only
[   68.220554][ T5968] syz.2.532: attempt to access beyond end of device
[   68.220554][ T5968] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   68.221751][ T5973] netlink: 'syz.1.531': attribute type 1 has an invalid length.
[   68.234828][ T5968] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   68.249933][ T5968] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   68.258436][ T5975] netlink: 8 bytes leftover after parsing attributes in process `syz.5.536'.
[   68.259837][ T5968] syz.2.532: attempt to access beyond end of device
[   68.259837][ T5968] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.267456][ T5975] netlink: 4 bytes leftover after parsing attributes in process `syz.5.536'.
[   68.281004][ T5968] syz.2.532: attempt to access beyond end of device
[   68.281004][ T5968] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.302881][ T5968] syz.2.532: attempt to access beyond end of device
[   68.302881][ T5968] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.316410][ T5976] syz.2.532: attempt to access beyond end of device
[   68.316410][ T5976] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.329893][ T5968] syz.2.532: attempt to access beyond end of device
[   68.329893][ T5968] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.343396][ T5976] syz.2.532: attempt to access beyond end of device
[   68.343396][ T5976] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.356784][ T5968] syz.2.532: attempt to access beyond end of device
[   68.356784][ T5968] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.378788][ T5968] syz.2.532: attempt to access beyond end of device
[   68.378788][ T5968] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.393688][ T5981] loop1: detected capacity change from 0 to 164
[   68.407069][ T5968] syz.2.532: attempt to access beyond end of device
[   68.407069][ T5968] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   68.521628][ T5985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.539'.
[   68.635442][ T5994] loop3: detected capacity change from 0 to 1024
[   68.705972][ T5991] ip6gre3: entered allmulticast mode
[   68.718994][ T5994] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.731328][ T5994] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.768327][ T5994] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.541: lblock 3 mapped to illegal pblock 3 (length 13)
[   68.787346][ T5994] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   68.800223][ T5994] EXT4-fs (loop3): This should not happen!! Data will be lost
[   68.800223][ T5994] 
[   68.815041][ T6001] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 4: comm syz.3.541: lblock 4 mapped to illegal pblock 4 (length 1)
[   68.830280][ T6001] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.541: Freeing blocks not in datazone - block = 3, count = 1
[   68.932106][ T6008] FAULT_INJECTION: forcing a failure.
[   68.932106][ T6008] name failslab, interval 1, probability 0, space 0, times 0
[   68.944781][ T6008] CPU: 0 UID: 0 PID: 6008 Comm: syz.1.545 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.944809][ T6008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   68.944866][ T6008] Call Trace:
[   68.944872][ T6008]  <TASK>
[   68.944879][ T6008]  __dump_stack+0x1d/0x30
[   68.944897][ T6008]  dump_stack_lvl+0xe8/0x140
[   68.944917][ T6008]  dump_stack+0x15/0x1b
[   68.944934][ T6008]  should_fail_ex+0x265/0x280
[   68.944956][ T6008]  ? audit_log_d_path+0x8d/0x150
[   68.945001][ T6008]  should_failslab+0x8c/0xb0
[   68.945142][ T6008]  __kmalloc_cache_noprof+0x4c/0x320
[   68.945167][ T6008]  audit_log_d_path+0x8d/0x150
[   68.945190][ T6008]  audit_log_d_path_exe+0x42/0x70
[   68.945222][ T6008]  audit_log_task+0x1e9/0x250
[   68.945249][ T6008]  audit_seccomp+0x61/0x100
[   68.945272][ T6008]  ? __seccomp_filter+0x68c/0x10d0
[   68.945293][ T6008]  __seccomp_filter+0x69d/0x10d0
[   68.945379][ T6008]  __secure_computing+0x82/0x150
[   68.945399][ T6008]  syscall_trace_enter+0xcf/0x1e0
[   68.945422][ T6008]  do_syscall_64+0xac/0x200
[   68.945449][ T6008]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.945538][ T6008]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   68.945571][ T6008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.945593][ T6008] RIP: 0033:0x7f8f88d2d5fc
[   68.945606][ T6008] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   68.945676][ T6008] RSP: 002b:00007f8f8778f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   68.945697][ T6008] RAX: ffffffffffffffda RBX: 00007f8f88f65fa0 RCX: 00007f8f88d2d5fc
[   68.945710][ T6008] RDX: 000000000000000f RSI: 00007f8f8778f0a0 RDI: 0000000000000005
[   68.945753][ T6008] RBP: 00007f8f8778f090 R08: 0000000000000000 R09: 0000000000000000
[   68.945833][ T6008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   68.945845][ T6008] R13: 00007f8f88f66038 R14: 00007f8f88f65fa0 R15: 00007fffab34f948
[   68.945861][ T6008]  </TASK>
[   69.146643][   T29] kauditd_printk_skb: 316 callbacks suppressed
[   69.146658][   T29] audit: type=1326 audit(1756543526.835:2862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6006 comm="syz.1.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8f88d2d69f code=0x7ffc0000
[   69.176115][   T29] audit: type=1326 audit(1756543526.835:2863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6006 comm="syz.1.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8f88d2d84a code=0x7ffc0000
[   69.199617][   T29] audit: type=1326 audit(1756543526.835:2864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6006 comm="syz.1.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   69.223669][   T29] audit: type=1326 audit(1756543526.835:2865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6006 comm="syz.1.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f88d2ebe9 code=0x7ffc0000
[   69.234090][ T6016] loop4: detected capacity change from 0 to 1024
[   69.321260][ T6016] EXT4-fs: Ignoring removed nobh option
[   69.326892][ T6016] EXT4-fs: Ignoring removed bh option
[   69.378485][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.398113][   T29] audit: type=1326 audit(1756543526.865:2866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6009 comm="syz.4.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b8d9ebe9 code=0x7ffc0000
[   69.421623][   T29] audit: type=1326 audit(1756543526.865:2867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6009 comm="syz.4.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b8d9ebe9 code=0x7ffc0000
[   69.445900][   T29] audit: type=1326 audit(1756543526.865:2868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6009 comm="syz.4.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b8d9ebe9 code=0x7ffc0000
[   69.456854][ T6016] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.469645][   T29] audit: type=1326 audit(1756543526.865:2869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6009 comm="syz.4.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b8d9ebe9 code=0x7ffc0000
[   69.505514][   T29] audit: type=1326 audit(1756543526.865:2870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6009 comm="syz.4.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b8d9ebe9 code=0x7ffc0000
[   69.528894][   T29] audit: type=1326 audit(1756543526.865:2871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6009 comm="syz.4.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f42b8d9d69f code=0x7ffc0000
[   69.529022][ T6027] loop1: detected capacity change from 0 to 1024
[   69.575892][ T6027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.588018][ T6027] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.599856][ T6035] loop2: detected capacity change from 0 to 164
[   69.608959][ T6016] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.549: Allocating blocks 257-513 which overlap fs metadata
[   69.614180][ T6017] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.548: lblock 3 mapped to illegal pblock 3 (length 13)
[   69.650815][ T6037] ip6gre2: entered allmulticast mode
[   69.657531][ T6017] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   69.670022][ T6017] EXT4-fs (loop1): This should not happen!! Data will be lost
[   69.670022][ T6017] 
[   69.680598][ T6027] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 4: comm syz.1.548: lblock 4 mapped to illegal pblock 4 (length 1)
[   69.695299][ T6027] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.548: Freeing blocks not in datazone - block = 3, count = 1
[   69.724355][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.758704][ T6045] netlink: 'syz.3.559': attribute type 83 has an invalid length.
[   69.838125][ T6059] FAULT_INJECTION: forcing a failure.
[   69.838125][ T6059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.851337][ T6059] CPU: 0 UID: 0 PID: 6059 Comm: syz.3.565 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.851461][ T6059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   69.851527][ T6059] Call Trace:
[   69.851533][ T6059]  <TASK>
[   69.851540][ T6059]  __dump_stack+0x1d/0x30
[   69.851561][ T6059]  dump_stack_lvl+0xe8/0x140
[   69.851581][ T6059]  dump_stack+0x15/0x1b
[   69.851664][ T6059]  should_fail_ex+0x265/0x280
[   69.851682][ T6059]  should_fail+0xb/0x20
[   69.851748][ T6059]  should_fail_usercopy+0x1a/0x20
[   69.851770][ T6059]  _copy_from_iter+0xd2/0xe80
[   69.851791][ T6059]  ? __build_skb_around+0x1a0/0x200
[   69.851883][ T6059]  ? __alloc_skb+0x223/0x320
[   69.851903][ T6059]  netlink_sendmsg+0x471/0x6b0
[   69.851928][ T6059]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.851951][ T6059]  __sock_sendmsg+0x145/0x180
[   69.852030][ T6059]  ____sys_sendmsg+0x31e/0x4e0
[   69.852050][ T6059]  ___sys_sendmsg+0x17b/0x1d0
[   69.852084][ T6059]  __x64_sys_sendmsg+0xd4/0x160
[   69.852109][ T6059]  x64_sys_call+0x191e/0x2ff0
[   69.852212][ T6059]  do_syscall_64+0xd2/0x200
[   69.852296][ T6059]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   69.852316][ T6059]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   69.852343][ T6059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.852365][ T6059] RIP: 0033:0x7fedb17eebe9
[   69.852380][ T6059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.852397][ T6059] RSP: 002b:00007fedb024f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   69.852484][ T6059] RAX: ffffffffffffffda RBX: 00007fedb1a25fa0 RCX: 00007fedb17eebe9
[   69.852497][ T6059] RDX: 0000000000000894 RSI: 0000200000000000 RDI: 0000000000000005
[   69.852508][ T6059] RBP: 00007fedb024f090 R08: 0000000000000000 R09: 0000000000000000
[   69.852536][ T6059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.852547][ T6059] R13: 00007fedb1a26038 R14: 00007fedb1a25fa0 R15: 00007ffcdccebb48
[   69.852612][ T6059]  </TASK>
[   69.912046][ T6067] netlink: 'syz.5.567': attribute type 2 has an invalid length.
[   69.991730][ T6079] netlink: 'syz.2.572': attribute type 6 has an invalid length.
[   69.994547][ T6078] loop3: detected capacity change from 0 to 1024
[   69.994855][ T6078] EXT4-fs: Ignoring removed nobh option
[   69.994875][ T6078] EXT4-fs: Ignoring removed bh option
[   70.027424][ T6078] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.193691][ T6078] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.571: Allocating blocks 257-513 which overlap fs metadata
[   70.210473][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.244677][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.278310][ T6093] ip6gre2: entered allmulticast mode
[   70.371296][ T6114] netlink: 'syz.5.584': attribute type 3 has an invalid length.
[   70.396194][ T6104] loop1: detected capacity change from 0 to 1024
[   70.413456][ T6104] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.426015][ T6104] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.484302][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.570499][ T6134] ip6gre3: entered allmulticast mode
[   70.608223][ T6143] team0 (unregistering): Port device team_slave_0 removed
[   70.617629][ T6143] team0 (unregistering): Port device team_slave_1 removed
[   70.634345][ T6146] tmpfs: Unknown parameter 'mpolYinterleave'
[   70.677167][ T6141] loop5: detected capacity change from 0 to 512
[   70.684027][ T6141] EXT4-fs: Ignoring removed nobh option
[   70.693426][ T6141] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[   70.701751][ T6141] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #13: comm syz.5.589: casefold flag without casefold feature
[   70.715054][ T6141] EXT4-fs (loop5): Remounting filesystem read-only
[   70.723529][ T6141] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.774558][ T6155] loop1: detected capacity change from 0 to 1024
[   70.778296][ T6126] EXT4-fs warning (device loop5): ext4_lookup:1799: Inconsistent encryption contexts: 2/12
[   70.799387][ T6160] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.814324][ T6126] EXT4-fs warning (device loop5): ext4_lookup:1799: Inconsistent encryption contexts: 2/12
[   70.852412][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.941867][ T6165] loop5: detected capacity change from 0 to 1024
[   71.023269][ T6165] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.035732][ T6165] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.085188][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.134078][ T6172] loop1: detected capacity change from 0 to 1024
[   71.163310][ T6172] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.175567][ T6172] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.191472][ T6172] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.604: lblock 3 mapped to illegal pblock 3 (length 13)
[   71.207084][ T6172] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   71.219750][ T6172] EXT4-fs (loop1): This should not happen!! Data will be lost
[   71.219750][ T6172] 
[   71.233503][ T6172] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 4: comm syz.1.604: lblock 4 mapped to illegal pblock 4 (length 1)
[   71.247940][ T6172] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.604: Freeing blocks not in datazone - block = 3, count = 1
[   71.312592][ T6176] loop5: detected capacity change from 0 to 1024
[   71.319703][ T6176] EXT4-fs: Ignoring removed nobh option
[   71.325357][ T6176] EXT4-fs: Ignoring removed bh option
[   71.376270][ T6176] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.434379][ T6176] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.605: Allocating blocks 257-513 which overlap fs metadata
[   71.507853][ T6182] loop3: detected capacity change from 0 to 512
[   71.517725][ T6182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.531226][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.572068][ T6186] loop5: detected capacity change from 0 to 512
[   71.580477][ T6186] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.602431][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.626004][ T6191] FAULT_INJECTION: forcing a failure.
[   71.626004][ T6191] name failslab, interval 1, probability 0, space 0, times 0
[   71.639079][ T6191] CPU: 1 UID: 0 PID: 6191 Comm: syz.3.609 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.639104][ T6191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   71.639115][ T6191] Call Trace:
[   71.639121][ T6191]  <TASK>
[   71.639129][ T6191]  __dump_stack+0x1d/0x30
[   71.639149][ T6191]  dump_stack_lvl+0xe8/0x140
[   71.639267][ T6191]  dump_stack+0x15/0x1b
[   71.639283][ T6191]  should_fail_ex+0x265/0x280
[   71.639304][ T6191]  should_failslab+0x8c/0xb0
[   71.639334][ T6191]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   71.639363][ T6191]  ? sidtab_sid2str_get+0xa0/0x130
[   71.639385][ T6191]  kmemdup_noprof+0x2b/0x70
[   71.639478][ T6191]  sidtab_sid2str_get+0xa0/0x130
[   71.639497][ T6191]  security_sid_to_context_core+0x1eb/0x2e0
[   71.639534][ T6191]  security_sid_to_context+0x27/0x40
[   71.639553][ T6191]  selinux_lsmprop_to_secctx+0x67/0xf0
[   71.639575][ T6191]  security_lsmprop_to_secctx+0x43/0x80
[   71.639664][ T6191]  audit_log_task_context+0x77/0x190
[   71.639720][ T6191]  audit_log_task+0xf4/0x250
[   71.639744][ T6191]  audit_seccomp+0x61/0x100
[   71.639914][ T6191]  ? __seccomp_filter+0x68c/0x10d0
[   71.639934][ T6191]  __seccomp_filter+0x69d/0x10d0
[   71.639952][ T6191]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   71.640028][ T6191]  ? vfs_write+0x7e8/0x960
[   71.640079][ T6191]  __secure_computing+0x82/0x150
[   71.640099][ T6191]  syscall_trace_enter+0xcf/0x1e0
[   71.640142][ T6191]  do_syscall_64+0xac/0x200
[   71.640166][ T6191]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.640186][ T6191]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   71.640388][ T6191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.640409][ T6191] RIP: 0033:0x7fedb17ed5fc
[   71.640424][ T6191] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   71.640452][ T6191] RSP: 002b:00007fedb024f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   71.640469][ T6191] RAX: ffffffffffffffda RBX: 00007fedb1a25fa0 RCX: 00007fedb17ed5fc
[   71.640479][ T6191] RDX: 000000000000000f RSI: 00007fedb024f0a0 RDI: 0000000000000006
[   71.640490][ T6191] RBP: 00007fedb024f090 R08: 0000000000000000 R09: 0000000000000000
[   71.640502][ T6191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.640515][ T6191] R13: 00007fedb1a26038 R14: 00007fedb1a25fa0 R15: 00007ffcdccebb48
[   71.640534][ T6191]  </TASK>
[   71.649529][ T6194] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.883891][ T6194] batman_adv: batadv0: Removing interface: batadv_slave_0
[   71.891856][ T6194] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.899318][ T6194] batman_adv: batadv0: Removing interface: batadv_slave_1
[   71.934746][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.961895][ T6205] loop1: detected capacity change from 0 to 128
[   71.964340][ T6208] sg_write: data in/out 197376/352 bytes for SCSI command 0x8-- guessing data in;
[   71.964340][ T6208]    program syz.2.616 not setting count and/or reply_len properly
[   71.968932][ T6205] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   71.999225][ T6205] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   72.091463][ T6211] loop3: detected capacity change from 0 to 1024
[   72.112118][ T6211] EXT4-fs: Ignoring removed nobh option
[   72.117816][ T6211] EXT4-fs: Ignoring removed bh option
[   72.134123][ T6211] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.153581][ T6211] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.618: Allocating blocks 257-513 which overlap fs metadata
[   72.175520][ T6215] loop1: detected capacity change from 0 to 512
[   72.183825][ T6215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.221621][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.235226][ T6220] netlink: 'syz.4.621': attribute type 1 has an invalid length.
[   72.269969][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.299808][ T6223] loop3: detected capacity change from 0 to 512
[   72.316362][ T6223] EXT4-fs error (device loop3): __ext4_iget:5464: inode #17: block 1803188595: comm syz.3.622: invalid block
[   72.329047][ T6223] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.622: couldn't read orphan inode 17 (err -117)
[   72.341971][ T6223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.378532][ T6232] __nla_validate_parse: 10 callbacks suppressed
[   72.378550][ T6232] netlink: 176 bytes leftover after parsing attributes in process `syz.1.625'.
[   72.419382][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.566480][ T6246] lo speed is unknown, defaulting to 1000
[   72.638361][ T6247] loop5: detected capacity change from 0 to 1024
[   72.736854][ T6247] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.749042][ T6247] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.764341][ T6247] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.626: lblock 3 mapped to illegal pblock 3 (length 13)
[   72.779137][ T6247] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   72.791508][ T6247] EXT4-fs (loop5): This should not happen!! Data will be lost
[   72.791508][ T6247] 
[   72.805491][ T6247] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 4: comm syz.5.626: lblock 4 mapped to illegal pblock 4 (length 1)
[   72.819781][ T6247] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.626: Freeing blocks not in datazone - block = 3, count = 1
[   73.091940][ T6252] loop4: detected capacity change from 0 to 128
[   73.109992][ T6252] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   73.143585][ T6252] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   73.155645][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.192159][ T6254] siw: device registration error -23
[   73.198843][ T6254] netlink: 'syz.2.631': attribute type 10 has an invalid length.
[   73.209534][ T6254] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   73.211640][ T6256] loop1: detected capacity change from 0 to 512
[   73.244389][ T6256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.319856][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.339328][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.377692][ T6269] loop2: detected capacity change from 0 to 512
[   73.388732][ T6271] netlink: 176 bytes leftover after parsing attributes in process `syz.1.637'.
[   73.399234][ T6269] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   73.427956][ T6269] EXT4-fs (loop2): mount failed
[   73.456040][ T6279] loop5: detected capacity change from 0 to 1024
[   73.475605][ T6279] EXT4-fs: Ignoring removed nobh option
[   73.481324][ T6279] EXT4-fs: Ignoring removed bh option
[   73.487443][ T6277] netlink: 4 bytes leftover after parsing attributes in process `syz.1.640'.
[   73.502494][ T6279] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.526674][ T6288] netlink: 'syz.2.643': attribute type 3 has an invalid length.
[   73.551294][ T6279] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.641: Allocating blocks 481-513 which overlap fs metadata
[   73.567950][ T6275] FAULT_INJECTION: forcing a failure.
[   73.567950][ T6275] name failslab, interval 1, probability 0, space 0, times 0
[   73.574195][ T6292] loop2: detected capacity change from 0 to 1024
[   73.580717][ T6275] CPU: 0 UID: 0 PID: 6275 Comm: syz.4.639 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.580742][ T6275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.580753][ T6275] Call Trace:
[   73.580760][ T6275]  <TASK>
[   73.580768][ T6275]  __dump_stack+0x1d/0x30
[   73.580790][ T6275]  dump_stack_lvl+0xe8/0x140
[   73.580808][ T6275]  dump_stack+0x15/0x1b
[   73.580939][ T6275]  should_fail_ex+0x265/0x280
[   73.580959][ T6275]  should_failslab+0x8c/0xb0
[   73.581004][ T6275]  kmem_cache_alloc_noprof+0x50/0x310
[   73.581029][ T6275]  ? skb_clone+0x151/0x1f0
[   73.581070][ T6275]  skb_clone+0x151/0x1f0
[   73.581092][ T6275]  __netlink_deliver_tap+0x2c9/0x500
[   73.581116][ T6275]  netlink_unicast+0x66b/0x690
[   73.581153][ T6275]  netlink_sendmsg+0x58b/0x6b0
[   73.581175][ T6275]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.581196][ T6275]  __sock_sendmsg+0x145/0x180
[   73.581238][ T6275]  ____sys_sendmsg+0x31e/0x4e0
[   73.581261][ T6275]  ___sys_sendmsg+0x17b/0x1d0
[   73.581289][ T6275]  __x64_sys_sendmsg+0xd4/0x160
[   73.581375][ T6275]  x64_sys_call+0x191e/0x2ff0
[   73.581395][ T6275]  do_syscall_64+0xd2/0x200
[   73.581432][ T6275]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.581453][ T6275]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.581560][ T6275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.581580][ T6275] RIP: 0033:0x7f42b8d9ebe9
[   73.581595][ T6275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.581612][ T6275] RSP: 002b:00007f42b77ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.581630][ T6275] RAX: ffffffffffffffda RBX: 00007f42b8fd5fa0 RCX: 00007f42b8d9ebe9
[   73.581641][ T6275] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000008
[   73.581653][ T6275] RBP: 00007f42b77ff090 R08: 0000000000000000 R09: 0000000000000000
[   73.581720][ T6275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.581732][ T6275] R13: 00007f42b8fd6038 R14: 00007f42b8fd5fa0 R15: 00007ffff94d18e8
[   73.581749][ T6275]  </TASK>
[   73.581766][ T6275] netlink: 4 bytes leftover after parsing attributes in process `syz.4.639'.
[   73.587919][ T6292] EXT4-fs: Ignoring removed nobh option
[   73.809380][ T6292] EXT4-fs: Ignoring removed bh option
[   73.817534][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.831907][ T6292] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.865217][ T6292] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.645: Allocating blocks 257-513 which overlap fs metadata
[   73.866674][ T6306] loop5: detected capacity change from 0 to 128
[   73.886798][ T6306] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   73.900883][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.912457][ T6306] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   73.951081][ T6300] loop1: detected capacity change from 0 to 1024
[   73.966601][ T6300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.979198][ T6300] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.996048][ T6300] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.647: lblock 3 mapped to illegal pblock 3 (length 13)
[   74.010578][ T6300] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   74.023086][ T6300] EXT4-fs (loop1): This should not happen!! Data will be lost
[   74.023086][ T6300] 
[   74.033873][ T6300] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 4: comm syz.1.647: lblock 4 mapped to illegal pblock 4 (length 1)
[   74.048250][ T6300] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.647: Freeing blocks not in datazone - block = 3, count = 1
[   74.088693][ T6319] netlink: 4 bytes leftover after parsing attributes in process `syz.5.651'.
[   74.104890][ T6321] netlink: 12 bytes leftover after parsing attributes in process `syz.2.654'.
[   74.113909][ T6321] netlink: 12 bytes leftover after parsing attributes in process `syz.2.654'.
[   74.139147][ T6323] loop3: detected capacity change from 0 to 128
[   74.154722][ T6327] netlink: 'syz.2.657': attribute type 10 has an invalid length.
[   74.178011][   T29] kauditd_printk_skb: 238 callbacks suppressed
[   74.178024][   T29] audit: type=1326 audit(1756543531.855:3108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.193133][ T6323] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   74.207738][   T29] audit: type=1326 audit(1756543531.855:3109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.215561][ T6323] FAT-fs (loop3): Filesystem has been set read-only
[   74.278820][   T29] audit: type=1326 audit(1756543531.955:3110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.302644][   T29] audit: type=1326 audit(1756543531.955:3111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.326071][   T29] audit: type=1326 audit(1756543531.955:3112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.349711][   T29] audit: type=1326 audit(1756543531.955:3113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.373243][   T29] audit: type=1326 audit(1756543531.955:3114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.396957][   T29] audit: type=1326 audit(1756543531.955:3115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.420646][   T29] audit: type=1326 audit(1756543531.955:3116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.444170][   T29] audit: type=1326 audit(1756543531.955:3117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6326 comm="syz.2.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   74.468040][ T6323] bio_check_eod: 13464 callbacks suppressed
[   74.468110][ T6323] syz.3.656: attempt to access beyond end of device
[   74.468110][ T6323] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   74.490419][ T6323] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   74.498270][ T6323] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   74.533419][ T6323] syz.3.656: attempt to access beyond end of device
[   74.533419][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.540769][ T6327] netlink: 'syz.2.657': attribute type 10 has an invalid length.
[   74.572276][ T6327] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   74.597083][ T6325] netlink: 4 bytes leftover after parsing attributes in process `syz.4.655'.
[   74.610490][ T6323] syz.3.656: attempt to access beyond end of device
[   74.610490][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.670303][ T6323] syz.3.656: attempt to access beyond end of device
[   74.670303][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.690654][ T6345] loop2: detected capacity change from 0 to 128
[   74.707242][ T6323] syz.3.656: attempt to access beyond end of device
[   74.707242][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.738338][ T6345] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   74.740262][ T6323] syz.3.656: attempt to access beyond end of device
[   74.740262][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.765263][ T6345] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   74.777009][ T6323] syz.3.656: attempt to access beyond end of device
[   74.777009][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.792703][ T6323] syz.3.656: attempt to access beyond end of device
[   74.792703][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.806223][ T6323] syz.3.656: attempt to access beyond end of device
[   74.806223][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.821710][ T6323] syz.3.656: attempt to access beyond end of device
[   74.821710][ T6323] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   74.935347][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.975651][ T6357] netlink: 8 bytes leftover after parsing attributes in process `syz.2.667'.
[   74.987488][ T6357] ip6gre4: entered allmulticast mode
[   75.023863][ T6360] loop3: detected capacity change from 0 to 512
[   75.032041][ T6360] EXT4-fs: Ignoring removed nobh option
[   75.040445][ T6362] netlink: 176 bytes leftover after parsing attributes in process `syz.2.669'.
[   75.050053][ T6360] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[   75.059191][ T6360] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.668: attempt to clear invalid blocks 1 len 1
[   75.090055][ T6360] EXT4-fs (loop3): Remounting filesystem read-only
[   75.106732][ T6360] EXT4-fs (loop3): 1 truncate cleaned up
[   75.113336][ T6360] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.142698][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.310300][ T6383] loop2: detected capacity change from 0 to 128
[   75.317536][ T6383] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   75.334287][ T6383] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   75.412089][ T6384] loop3: detected capacity change from 0 to 1024
[   75.500283][ T6384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.512539][ T6384] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.527073][ T6384] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.677: lblock 3 mapped to illegal pblock 3 (length 13)
[   75.542308][ T6384] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   75.554856][ T6384] EXT4-fs (loop3): This should not happen!! Data will be lost
[   75.554856][ T6384] 
[   75.567697][ T6384] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 4: comm syz.3.677: lblock 4 mapped to illegal pblock 4 (length 1)
[   75.584484][ T6384] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.677: Freeing blocks not in datazone - block = 3, count = 1
[   75.705962][ T6392] ip6gre4: entered allmulticast mode
[   75.744152][ T6396] lo speed is unknown, defaulting to 1000
[   75.756376][ T6400] lo speed is unknown, defaulting to 1000
[   75.788096][ T6404] can0: slcan on ttyS3.
[   75.830569][ T6404] can0 (unregistered): slcan off ttyS3.
[   75.838640][ T6404] can0: slcan on ttyS3.
[   75.890329][ T6401] can0 (unregistered): slcan off ttyS3.
[   75.964353][ T6416] loop5: detected capacity change from 0 to 512
[   75.973409][ T6416] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.102025][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.113221][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.149355][ T6424] FAULT_INJECTION: forcing a failure.
[   76.149355][ T6424] name failslab, interval 1, probability 0, space 0, times 0
[   76.149631][ T6426] loop5: detected capacity change from 0 to 128
[   76.162505][ T6424] CPU: 0 UID: 0 PID: 6424 Comm: syz.2.693 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.162539][ T6424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.162551][ T6424] Call Trace:
[   76.162558][ T6424]  <TASK>
[   76.162567][ T6424]  __dump_stack+0x1d/0x30
[   76.162632][ T6424]  dump_stack_lvl+0xe8/0x140
[   76.162661][ T6424]  dump_stack+0x15/0x1b
[   76.162740][ T6424]  should_fail_ex+0x265/0x280
[   76.162761][ T6424]  should_failslab+0x8c/0xb0
[   76.162837][ T6424]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   76.162866][ T6424]  ? sidtab_sid2str_get+0xa0/0x130
[   76.162888][ T6424]  kmemdup_noprof+0x2b/0x70
[   76.162964][ T6424]  sidtab_sid2str_get+0xa0/0x130
[   76.162983][ T6424]  security_sid_to_context_core+0x1eb/0x2e0
[   76.163002][ T6424]  security_sid_to_context+0x27/0x40
[   76.163086][ T6424]  selinux_lsmprop_to_secctx+0x67/0xf0
[   76.163171][ T6424]  security_lsmprop_to_secctx+0x43/0x80
[   76.163227][ T6424]  audit_log_task_context+0x77/0x190
[   76.163256][ T6424]  audit_log_task+0xf4/0x250
[   76.163283][ T6424]  audit_seccomp+0x61/0x100
[   76.163382][ T6424]  ? __seccomp_filter+0x68c/0x10d0
[   76.163400][ T6424]  __seccomp_filter+0x69d/0x10d0
[   76.163420][ T6424]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   76.163444][ T6424]  ? vfs_write+0x7e8/0x960
[   76.163617][ T6424]  ? __rcu_read_unlock+0x4f/0x70
[   76.163640][ T6424]  ? __fget_files+0x184/0x1c0
[   76.163666][ T6424]  __secure_computing+0x82/0x150
[   76.163686][ T6424]  syscall_trace_enter+0xcf/0x1e0
[   76.163709][ T6424]  do_syscall_64+0xac/0x200
[   76.163741][ T6424]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.163799][ T6424]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.163827][ T6424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.163881][ T6424] RIP: 0033:0x7f93afb0ebe9
[   76.163897][ T6424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.163911][ T6424] RSP: 002b:00007f93ae577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000067
[   76.163930][ T6424] RAX: ffffffffffffffda RBX: 00007f93afd45fa0 RCX: 00007f93afb0ebe9
[   76.163943][ T6424] RDX: b12288e90d7c8384 RSI: 0000200000000000 RDI: 0000000000000004
[   76.164019][ T6424] RBP: 00007f93ae577090 R08: 0000000000000000 R09: 0000000000000000
[   76.164031][ T6424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.164074][ T6424] R13: 00007f93afd46038 R14: 00007f93afd45fa0 R15: 00007ffdfb26b778
[   76.164093][ T6424]  </TASK>
[   76.433979][ T6426] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   76.462717][ T6426] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   76.607170][ T6448] sch_fq: defrate 156 ignored.
[   76.632944][ T6443] loop4: detected capacity change from 0 to 1024
[   76.633828][ T6452] loop5: detected capacity change from 0 to 1024
[   76.646125][ T6452] EXT4-fs: Ignoring removed nobh option
[   76.651521][ T6443] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.651771][ T6452] EXT4-fs: Ignoring removed bh option
[   76.664349][ T6443] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.695463][ T6452] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.719835][ T6452] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.702: Allocating blocks 481-513 which overlap fs metadata
[   76.760338][ T3669] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.786845][ T6460] binfmt_misc: register: failed to install interpreter file ./bus
[   76.882415][ T6462] loop2: detected capacity change from 0 to 1024
[   76.933358][ T6464] loop1: detected capacity change from 0 to 164
[   77.062303][ T6462] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.074584][ T6462] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.090614][ T6462] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 3: comm syz.2.701: lblock 3 mapped to illegal pblock 3 (length 13)
[   77.105290][ T6462] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   77.117794][ T6462] EXT4-fs (loop2): This should not happen!! Data will be lost
[   77.117794][ T6462] 
[   77.131002][ T6462] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 4: comm syz.2.701: lblock 4 mapped to illegal pblock 4 (length 1)
[   77.148262][ T6462] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.701: Freeing blocks not in datazone - block = 3, count = 1
[   77.163431][ T6429] 9pnet_fd: p9_fd_create_tcp (6429): problem connecting socket to 127.0.0.1
[   77.193866][ T6468] ip6gre5: entered allmulticast mode
[   77.279457][ T6472] loop1: detected capacity change from 0 to 128
[   77.297539][ T6472] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   77.310877][ T6472] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   77.505707][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.639372][ T6484] loop1: detected capacity change from 0 to 128
[   77.661097][ T6485] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.681645][ T6485] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.708247][ T6484] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   77.737863][ T6493] netlink: 'syz.5.715': attribute type 12 has an invalid length.
[   77.740256][ T6484] ext4 filesystem being mounted at /138/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   77.745628][ T6493] __nla_validate_parse: 7 callbacks suppressed
[   77.745645][ T6493] netlink: 4 bytes leftover after parsing attributes in process `syz.5.715'.
[   77.761352][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.775090][ T6493] netlink: 'syz.5.715': attribute type 12 has an invalid length.
[   77.780040][ T3779] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   77.787663][ T6493] netlink: 4 bytes leftover after parsing attributes in process `syz.5.715'.
[   77.827703][ T3779] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   77.865637][ T3779] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   77.883225][ T6495] netlink: 8 bytes leftover after parsing attributes in process `syz.5.717'.
[   77.892319][ T3779] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   77.914563][ T6495] ip6gre3: entered allmulticast mode
[   77.980888][ T6502] batadv_slave_1: entered promiscuous mode
[   78.005161][ T3303] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   78.056194][ T6498] netlink: 'syz.4.714': attribute type 12 has an invalid length.
[   78.069054][ T6510] sg_write: data in/out 197376/352 bytes for SCSI command 0x8-- guessing data in;
[   78.069054][ T6510]    program syz.5.722 not setting count and/or reply_len properly
[   78.316463][ T6520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.724'.
[   78.338882][ T6520] ip6gre3: entered allmulticast mode
[   78.593462][ T6528] netlink: 8 bytes leftover after parsing attributes in process `syz.4.727'.
[   78.619033][ T6528] ip6gre1: entered allmulticast mode
[   78.660539][ T6530] netlink: 24 bytes leftover after parsing attributes in process `syz.3.725'.
[   78.735173][ T6534] loop4: detected capacity change from 0 to 1024
[   78.796557][ T6501] batadv_slave_1: left promiscuous mode
[   78.813327][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.4.730'.
[   78.837597][ T6539] ip6gre2: entered allmulticast mode
[   78.866351][ T6541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.731'.
[   78.884118][ T6545] loop1: detected capacity change from 0 to 1024
[   78.908525][ T6545] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.128882][ T6562] loop2: detected capacity change from 0 to 1024
[   79.214557][ T6562] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.295420][ T6569] lo speed is unknown, defaulting to 1000
[   79.465450][   T29] kauditd_printk_skb: 405 callbacks suppressed
[   79.465498][   T29] audit: type=1326 audit(1756543537.145:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.507287][   T29] audit: type=1326 audit(1756543537.145:3524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.535537][   T29] audit: type=1326 audit(1756543537.145:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.562900][   T29] audit: type=1326 audit(1756543537.145:3525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.587024][   T29] audit: type=1326 audit(1756543537.185:3526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.612532][   T29] audit: type=1326 audit(1756543537.185:3527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.638783][   T29] audit: type=1326 audit(1756543537.185:3528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.664982][   T29] audit: type=1326 audit(1756543537.185:3529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.698961][   T29] audit: type=1326 audit(1756543537.285:3530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.725501][   T29] audit: type=1326 audit(1756543537.285:3531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.3.739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb17eebe9 code=0x7ffc0000
[   79.728276][ T6578] loop4: detected capacity change from 0 to 1024
[   79.772618][ T6578] EXT4-fs: Ignoring removed nobh option
[   79.778396][ T6578] EXT4-fs: Ignoring removed bh option
[   79.805412][ T6582] batadv_slave_1: entered promiscuous mode
[   79.827862][ T6578] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.741: Allocating blocks 257-513 which overlap fs metadata
[   79.854577][ T6580] loop5: detected capacity change from 0 to 512
[   79.936763][ T6592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.746'.
[   79.996691][ T6606] loop1: detected capacity change from 0 to 1024
[   80.016305][ T6606] EXT4-fs: Ignoring removed nobh option
[   80.021997][ T6606] EXT4-fs: Ignoring removed bh option
[   80.137168][ T6610] loop5: detected capacity change from 0 to 512
[   80.151228][ T6611] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.750: Allocating blocks 481-513 which overlap fs metadata
[   80.164667][ T6613] netlink: 8 bytes leftover after parsing attributes in process `syz.4.753'.
[   80.165701][ T6610] ext2: Unknown parameter 'nouser_xattr'
[   80.195432][ T6613] ip6gre3: entered allmulticast mode
[   80.209135][ T6615] loop2: detected capacity change from 0 to 128
[   80.217264][ T6615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.226011][ T6615] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.349000][ T6641] netlink: 'syz.4.760': attribute type 21 has an invalid length.
[   80.362215][ T6641] netlink: 'syz.4.760': attribute type 1 has an invalid length.
[   80.434132][ T6653] lo speed is unknown, defaulting to 1000
[   80.593030][ T6581] batadv_slave_1: left promiscuous mode
[   80.636585][ T6659] ip6gre4: entered allmulticast mode
[   80.653762][ T6661] FAULT_INJECTION: forcing a failure.
[   80.653762][ T6661] name failslab, interval 1, probability 0, space 0, times 0
[   80.666509][ T6661] CPU: 0 UID: 0 PID: 6661 Comm: syz.4.765 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.666537][ T6661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   80.666549][ T6661] Call Trace:
[   80.666556][ T6661]  <TASK>
[   80.666564][ T6661]  __dump_stack+0x1d/0x30
[   80.666585][ T6661]  dump_stack_lvl+0xe8/0x140
[   80.666670][ T6661]  dump_stack+0x15/0x1b
[   80.666686][ T6661]  should_fail_ex+0x265/0x280
[   80.666707][ T6661]  ? ip_setup_cork+0x176/0x410
[   80.666730][ T6661]  should_failslab+0x8c/0xb0
[   80.666750][ T6661]  __kmalloc_cache_noprof+0x4c/0x320
[   80.666807][ T6661]  ip_setup_cork+0x176/0x410
[   80.666843][ T6661]  ? __pfx_udplite_getfrag+0x10/0x10
[   80.666863][ T6661]  ip_make_skb+0xb1/0x2c0
[   80.666890][ T6661]  udp_sendmsg+0x1013/0x13c0
[   80.666959][ T6661]  ? __pfx_udplite_getfrag+0x10/0x10
[   80.667031][ T6661]  udpv6_sendmsg+0x7e9/0x1590
[   80.667078][ T6661]  ? __pfx_udpv6_sendmsg+0x10/0x10
[   80.667113][ T6661]  inet6_sendmsg+0xac/0xd0
[   80.667166][ T6661]  __sock_sendmsg+0x8b/0x180
[   80.667191][ T6661]  ____sys_sendmsg+0x31e/0x4e0
[   80.667216][ T6661]  ___sys_sendmsg+0x17b/0x1d0
[   80.667315][ T6661]  __x64_sys_sendmsg+0xd4/0x160
[   80.667354][ T6661]  x64_sys_call+0x191e/0x2ff0
[   80.667375][ T6661]  do_syscall_64+0xd2/0x200
[   80.667401][ T6661]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   80.667424][ T6661]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.667509][ T6661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.667529][ T6661] RIP: 0033:0x7f42b8d9ebe9
[   80.667543][ T6661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.667571][ T6661] RSP: 002b:00007f42b77ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.667588][ T6661] RAX: ffffffffffffffda RBX: 00007f42b8fd5fa0 RCX: 00007f42b8d9ebe9
[   80.667599][ T6661] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[   80.667654][ T6661] RBP: 00007f42b77ff090 R08: 0000000000000000 R09: 0000000000000000
[   80.667667][ T6661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.667677][ T6661] R13: 00007f42b8fd6038 R14: 00007f42b8fd5fa0 R15: 00007ffff94d18e8
[   80.667694][ T6661]  </TASK>
[   80.894585][ T6663] loop3: detected capacity change from 0 to 128
[   80.905585][ T6663] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   80.917868][ T6663] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   81.005321][ T6671] loop3: detected capacity change from 0 to 512
[   81.011929][ T6671] journal_path: Non-blockdev passed as './bus'
[   81.018166][ T6671] EXT4-fs: error: could not find journal device path
[   81.033100][ T6671] netlink: 'syz.3.771': attribute type 1 has an invalid length.
[   81.035662][ T6673] loop4: detected capacity change from 0 to 128
[   81.041168][ T6671] netlink: 'syz.3.771': attribute type 2 has an invalid length.
[   81.056543][ T6673] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   81.068764][ T6673] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   81.124062][ T6677] loop3: detected capacity change from 0 to 512
[   81.145004][ T6677] EXT4-fs (loop3): orphan cleanup on readonly fs
[   81.146738][ T6681] ip6gre6: entered allmulticast mode
[   81.165645][ T6677] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.771: Failed to acquire dquot type 1
[   81.182500][ T6677] EXT4-fs (loop3): 1 truncate cleaned up
[   81.292183][ T6693] loop1: detected capacity change from 0 to 512
[   81.312294][ T6693] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   81.321526][ T6697] loop3: detected capacity change from 0 to 128
[   81.328172][ T6699] netlink: 'syz.2.782': attribute type 10 has an invalid length.
[   81.328335][ T6697] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   81.348337][ T6693] EXT4-fs (loop1): invalid journal inode
[   81.351564][ T6699] netlink: 'syz.2.782': attribute type 10 has an invalid length.
[   81.354220][ T6693] EXT4-fs (loop1): can't get journal size
[   81.370729][ T6697] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   81.389116][ T6693] EXT4-fs (loop1): 1 truncate cleaned up
[   81.403174][ T6699] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   81.444080][ T6699] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   81.472760][ T6707] FAULT_INJECTION: forcing a failure.
[   81.472760][ T6707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.487120][ T6707] CPU: 0 UID: 0 PID: 6707 Comm: syz.3.785 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   81.487145][ T6707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   81.487155][ T6707] Call Trace:
[   81.487162][ T6707]  <TASK>
[   81.487169][ T6707]  __dump_stack+0x1d/0x30
[   81.487244][ T6707]  dump_stack_lvl+0xe8/0x140
[   81.487263][ T6707]  dump_stack+0x15/0x1b
[   81.487278][ T6707]  should_fail_ex+0x265/0x280
[   81.487303][ T6707]  should_fail+0xb/0x20
[   81.487362][ T6707]  should_fail_usercopy+0x1a/0x20
[   81.487383][ T6707]  _copy_to_user+0x20/0xa0
[   81.487411][ T6707]  simple_read_from_buffer+0xb5/0x130
[   81.487488][ T6707]  proc_fail_nth_read+0x10e/0x150
[   81.487560][ T6707]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   81.487581][ T6707]  vfs_read+0x1a8/0x770
[   81.487598][ T6707]  ? __rcu_read_unlock+0x4f/0x70
[   81.487617][ T6707]  ? __fget_files+0x184/0x1c0
[   81.487662][ T6707]  ksys_read+0xda/0x1a0
[   81.487680][ T6707]  __x64_sys_read+0x40/0x50
[   81.487707][ T6707]  x64_sys_call+0x27bc/0x2ff0
[   81.487728][ T6707]  do_syscall_64+0xd2/0x200
[   81.487752][ T6707]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   81.487820][ T6707]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   81.487841][ T6707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.487910][ T6707] RIP: 0033:0x7fedb17ed5fc
[   81.487926][ T6707] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   81.487943][ T6707] RSP: 002b:00007fedb024f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   81.487960][ T6707] RAX: ffffffffffffffda RBX: 00007fedb1a25fa0 RCX: 00007fedb17ed5fc
[   81.487970][ T6707] RDX: 000000000000000f RSI: 00007fedb024f0a0 RDI: 0000000000000004
[   81.487998][ T6707] RBP: 00007fedb024f090 R08: 0000000000000000 R09: 0000000000000000
[   81.488008][ T6707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.488019][ T6707] R13: 00007fedb1a26038 R14: 00007fedb1a25fa0 R15: 00007ffcdccebb48
[   81.488038][ T6707]  </TASK>
[   81.729404][ T6719] ip6gre4: entered allmulticast mode
[   81.740264][ T6693] loop1: detected capacity change from 512 to 0
[   81.747533][ T6721] loop2: detected capacity change from 0 to 512
[   81.760479][ T6721] journal_path: Non-blockdev passed as './bus'
[   81.766758][ T6721] EXT4-fs: error: could not find journal device path
[   81.776982][    C0] I/O error, dev loop1, sector 26 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[   81.787134][ T3303] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[   81.803162][    C0] I/O error, dev loop1, sector 12 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 2
[   81.812766][    C0] I/O error, dev loop1, sector 10 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[   81.824988][ T3303] EXT4-fs error (device loop1): ext4_get_inode_loc:4999: inode #2: block 5: comm syz-executor: unable to read itable block
[   81.838866][    C0] I/O error, dev loop1, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   81.840776][ T6730] batadv_slave_1: entered promiscuous mode
[   81.848463][    C0] I/O error, dev loop1, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   81.863976][    C0] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   81.872416][ T3303] EXT4-fs (loop1): I/O error while writing superblock
[   81.879217][ T3303] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: IO failure
[   81.889980][    C0] I/O error, dev loop1, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   81.899501][    C0] I/O error, dev loop1, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   81.907337][ T6721] netlink: 'syz.2.791': attribute type 1 has an invalid length.
[   81.909064][    C0] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   81.926747][ T6721] netlink: 'syz.2.791': attribute type 2 has an invalid length.
[   81.926879][ T3303] EXT4-fs (loop1): I/O error while writing superblock
[   81.944327][ T3303] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error
[   81.978873][    C0] I/O error, dev loop1, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   81.990500][    C0] I/O error, dev loop1, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   81.990649][ T6732] loop3: detected capacity change from 0 to 512
[   82.003092][    C0] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   82.003257][ T3303] EXT4-fs (loop1): I/O error while writing superblock
[   82.081000][    C0] I/O error, dev loop1, sector 12 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 2
[   82.091048][ T4847] EXT4-fs error (device loop1): __ext4_get_inode_loc_noinmem:4984: inode #2: block 5: comm kworker/u8:27: unable to read itable block
[   82.107853][ T6737] loop2: detected capacity change from 0 to 512
[   82.124804][ T6737] EXT4-fs (loop2): orphan cleanup on readonly fs
[   82.125175][    C1] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   82.142207][ T4847] EXT4-fs (loop1): I/O error while writing superblock
[   82.149813][    C0] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   82.158263][ T3303] EXT4-fs (loop1): I/O error while writing superblock
[   82.199442][ T6737] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.791: Failed to acquire dquot type 1
[   82.212106][ T6737] EXT4-fs (loop2): 1 truncate cleaned up
[   82.406580][ T6749] loop3: detected capacity change from 0 to 512
[   82.414053][ T6749] ext2: Unknown parameter 'nouser_xattr'
[   82.629148][ T6760] loop3: detected capacity change from 0 to 1024
[   82.648261][ T6760] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.663857][ T6760] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.806: lblock 3 mapped to illegal pblock 3 (length 13)
[   82.667927][ T6729] batadv_slave_1: left promiscuous mode
[   82.685905][ T6760] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   82.699517][ T6760] EXT4-fs (loop3): This should not happen!! Data will be lost
[   82.699517][ T6760] 
[   82.717355][ T6760] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 4: comm syz.3.806: lblock 4 mapped to illegal pblock 4 (length 1)
[   82.734859][ T6760] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.806: Freeing blocks not in datazone - block = 3, count = 1
[   82.763070][ T6778] __nla_validate_parse: 9 callbacks suppressed
[   82.763083][ T6778] netlink: 20 bytes leftover after parsing attributes in process `syz.5.811'.
[   82.764092][ T6754] lo speed is unknown, defaulting to 1000
[   82.837264][ T6782] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.893074][ T6754] chnl_net:caif_netlink_parms(): no params data found
[   82.939226][ T6782] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.951310][ T6795] lo speed is unknown, defaulting to 1000
[   82.951372][ T6754] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.965953][ T6754] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.974551][ T6754] bridge_slave_0: entered allmulticast mode
[   82.982051][ T6754] bridge_slave_0: entered promiscuous mode
[   82.989354][ T6754] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.997220][ T6754] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.006853][ T6754] bridge_slave_1: entered allmulticast mode
[   83.016346][ T6800] netlink: 'syz.5.816': attribute type 13 has an invalid length.
[   83.016831][ T6754] bridge_slave_1: entered promiscuous mode
[   83.098653][ T6800] bridge0: port 4(veth0_to_team) entered disabled state
[   83.105750][ T6800] bridge0: port 3(veth1_to_hsr) entered disabled state
[   83.113911][ T6800] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.124521][ T6800] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.234976][ T6782] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.255840][ T6754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.266749][ T4847] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   83.278337][ T4847] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.296531][ T6754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.307396][ T4847] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   83.317310][ T4847] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.331279][ T4847] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   83.342414][ T4847] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.352578][ T4847] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   83.361842][ T4847] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.395302][ T6782] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.411753][ T6754] team0: Port device team_slave_0 added
[   83.419140][ T6754] team0: Port device team_slave_1 added
[   83.446899][ T6754] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.455643][ T6754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.486994][ T6754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.503994][ T6804] lo speed is unknown, defaulting to 1000
[   83.515920][ T6754] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.524428][ T6754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.552208][ T6754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.630944][ T4867] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.667604][ T4867] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.700914][ T4867] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.715911][ T6754] hsr_slave_0: entered promiscuous mode
[   83.722673][ T6813] loop4: detected capacity change from 0 to 512
[   83.723196][ T6754] hsr_slave_1: entered promiscuous mode
[   83.732759][ T6813] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   83.736143][ T6754] debugfs: 'hsr0' already exists in 'hsr'
[   83.754435][ T6754] Cannot create hsr debugfs directory
[   83.772866][ T4867] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.783901][ T6813] EXT4-fs error (device loop4): xattr_find_entry:333: inode #15: comm syz.4.820: corrupted xattr entries
[   83.798716][ T6813] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   83.816331][ T6813] EXT4-fs (loop4): 1 truncate cleaned up
[   83.866367][ T6821] loop4: detected capacity change from 0 to 128
[   83.881053][ T6821] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   83.898282][ T6821] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   83.965631][ T6754] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   83.993536][ T6754] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   84.012059][ T6754] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   84.029691][ T6754] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   84.086599][ T6754] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.105000][ T6843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.830'.
[   84.110557][ T6754] 8021q: adding VLAN 0 to HW filter on device team0
[   84.129047][ T4847] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.136547][ T4847] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.143265][ T6845] netlink: 8 bytes leftover after parsing attributes in process `syz.5.831'.
[   84.159112][ T6843] ip6gre5: entered allmulticast mode
[   84.171089][ T6845] ip6gre4: entered allmulticast mode
[   84.185452][ T4847] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.193272][ T4847] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.226519][ T6754] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   84.238762][ T6754] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   84.263986][ T6849] loop7: detected capacity change from 0 to 16384
[   84.331820][ T6863] loop3: detected capacity change from 0 to 2048
[   84.343465][ T3768] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.362205][ T6863]  loop3: p1 < > p4
[   84.366653][ T6863] loop3: p4 size 8388608 extends beyond EOD, truncated
[   84.409000][ T6754] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.432009][ T3768] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.451097][ T6863] SELinux: failed to load policy
[   84.467980][ T6862] loop7: detected capacity change from 16384 to 0
[   84.492231][ T3768] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.576239][ T3768] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.646307][ T6754] veth0_vlan: entered promiscuous mode
[   84.654734][ T6754] veth1_vlan: entered promiscuous mode
[   84.668268][   T29] kauditd_printk_skb: 375 callbacks suppressed
[   84.668283][   T29] audit: type=1326 audit(1756543542.345:3903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   84.767815][ T6888] loop4: detected capacity change from 0 to 1024
[   84.842694][ T6888] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.863904][ T6888] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.838: lblock 3 mapped to illegal pblock 3 (length 13)
[   84.881141][ T6888] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   84.894985][ T6888] EXT4-fs (loop4): This should not happen!! Data will be lost
[   84.894985][ T6888] 
[   84.914231][ T6888] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #15: block 4: comm syz.4.838: lblock 4 mapped to illegal pblock 4 (length 1)
[   84.931671][ T6888] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.838: Freeing blocks not in datazone - block = 3, count = 1
[   84.953649][ T6893] netlink: 8 bytes leftover after parsing attributes in process `syz.2.841'.
[   85.030209][   T29] audit: type=1326 audit(1756543542.345:3904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.055684][   T29] audit: type=1326 audit(1756543542.345:3905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.077016][ T6754] veth0_macvtap: entered promiscuous mode
[   85.080114][   T29] audit: type=1326 audit(1756543542.345:3906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.087775][ T6754] veth1_macvtap: entered promiscuous mode
[   85.111984][   T29] audit: type=1326 audit(1756543542.345:3907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.125160][ T6754] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.147626][   T29] audit: type=1326 audit(1756543542.345:3908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.157169][ T6754] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.179829][   T29] audit: type=1326 audit(1756543542.405:3909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.179852][   T29] audit: type=1326 audit(1756543542.405:3910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.238164][   T29] audit: type=1326 audit(1756543542.425:3911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.267990][   T29] audit: type=1326 audit(1756543542.425:3912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.2.840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93afb0ebe9 code=0x7ffc0000
[   85.310764][ T6893] ip6gre5: entered allmulticast mode
[   85.334000][ T4867] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.348255][ T4867] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.361693][ T4867] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.372658][ T6898] netlink: 'syz.3.843': attribute type 13 has an invalid length.
[   85.408728][ T4867] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.570292][    T2] ==================================================================
[   85.579633][    T2] BUG: KCSAN: data-race in memcpy_and_pad / rcu_tasks_trace_pregp_step
[   85.588685][    T2] 
[   85.591045][    T2] write to 0xffff8881002114dc of 4 bytes by task 28 on cpu 1:
[   85.598599][    T2]  rcu_tasks_trace_pregp_step+0x1ac/0x920
[   85.604443][    T2]  rcu_tasks_wait_gp+0x8b/0x530
[   85.609464][    T2]  rcu_tasks_one_gp+0x7f3/0x8e0
[   85.615010][    T2]  rcu_tasks_kthread+0xf7/0x110
[   85.621961][    T2]  kthread+0x486/0x510
[   85.627952][    T2]  ret_from_fork+0xda/0x150
[   85.633068][    T2]  ret_from_fork_asm+0x1a/0x30
[   85.638152][    T2] 
[   85.640565][    T2] read to 0xffff888100211080 of 3264 bytes by task 2 on cpu 0:
[   85.648892][    T2]  memcpy_and_pad+0x48/0x80
[   85.653775][    T2]  arch_dup_task_struct+0x2c/0x40
[   85.659166][    T2]  dup_task_struct+0x83/0x6a0
[   85.664065][    T2]  copy_process+0x399/0x2000
[   85.669345][    T2]  kernel_clone+0x16c/0x5c0
[   85.674500][    T2]  kernel_thread+0xac/0xe0
[   85.679090][    T2]  kthreadd+0x28d/0x360
[   85.684457][    T2]  ret_from_fork+0xda/0x150
[   85.689413][    T2]  ret_from_fork_asm+0x1a/0x30
[   85.694442][    T2] 
[   85.696760][    T2] Reported by Kernel Concurrency Sanitizer on:
[   85.704115][    T2] CPU: 0 UID: 0 PID: 2 Comm: kthreadd Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.715120][    T2] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   85.725864][    T2] ==================================================================
[   85.775625][ T6917] loop4: detected capacity change from 0 to 512
[   85.796500][ T6917] journal_path: Non-blockdev passed as './bus'
[   85.802937][ T6917] EXT4-fs: error: could not find journal device path
[   85.815314][ T6917] netlink: 'syz.4.844': attribute type 1 has an invalid length.
[   85.823153][ T6917] netlink: 'syz.4.844': attribute type 2 has an invalid length.
[   85.864837][ T6917] netlink: 4 bytes leftover after parsing attributes in process `syz.4.844'.
[   86.020225][ T1034] lo speed is unknown, defaulting to 1000
[   86.024826][ T4847] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.025974][ T1034] syz2: Port: 1 Link DOWN
[   86.040799][ T3768] bridge_slave_1: left allmulticast mode
[   86.046439][ T3768] bridge_slave_1: left promiscuous mode
[   86.052165][ T3768] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.062589][ T3768] bridge_slave_0: left allmulticast mode
[   86.068231][ T3768] bridge_slave_0: left promiscuous mode
[   86.074879][ T3768] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.085093][ T6917] loop4: detected capacity change from 0 to 512
[   86.092795][ T6917] EXT4-fs (loop4): orphan cleanup on readonly fs
[   86.099501][ T6917] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.844: Failed to acquire dquot type 1
[   86.113138][ T6917] EXT4-fs (loop4): 1 truncate cleaned up
[   86.153641][ T3768] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   86.163609][ T3768] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   86.172775][ T3768] bond0 (unregistering): Released all slaves
[   86.180476][ T4847] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.189506][ T4847] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.198725][ T4847] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.221603][ T3768] tipc: Left network mode
[   86.239532][ T3768] hsr_slave_0: left promiscuous mode
[   86.245247][ T3768] hsr_slave_1: left promiscuous mode
[   86.253043][ T3768] veth1_macvtap: left promiscuous mode
[   86.258507][ T3768] veth0_macvtap: left promiscuous mode
[   86.264064][ T3768] veth1_vlan: left promiscuous mode
[   86.269437][ T3768] veth0_vlan: left promiscuous mode
[   86.318005][ T3768] team0 (unregistering): Port device team_slave_1 removed
[   86.328252][ T3768] team0 (unregistering): Port device team_slave_0 removed
[   86.336702][ T3779] smc: removing ib device syz!