last executing test programs:

47.743365506s ago: executing program 2 (id=542):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000180)={0x6, <r1=>r0, 'id0\x00'})
getdents64(r1, &(0x7f0000000a00)=""/212, 0xd4)
syz_mount_image$ext4(&(0x7f0000000440)='ext2\x00', &(0x7f0000000200)='./file0/file0\x00', 0x0, &(0x7f0000000000)={[], [], 0x2e}, 0x1, 0x46f, &(0x7f0000000580)="$eJzs289vFFUcAPDvbLvlt62IP/ihVtHY+KOlBZWDF40mXExM9IDHWgpBCjW0JkKIVGPwaPgL1KOJf4EnvRj1pPGqiRcTY0IMF9GDGTO7M7C0u+v+ahfczycZeG/mTd/7zszbfTNvJ4CBNZ79k0Rsj4ifRiJGq9mbC4xX/7t29cLcX1cvzCWRpq/+kVTK/Xn1wlxRtNhvW56ZKEWUPkhib516l86dPzW7sDB/Ns9PLZ9+a2rp3PmnTp6ePTF/Yv7MzOHDhw5OP/vMzNM9iXNH1tY97y7u233k9csvzx29/Ma3n2frt+fba+OoGuu6zvEYv/lY1ng04tc0Tbuu41axoyadDPexIbRlKCKy01XO+n+MxlDcOHmj8dL7fW0csK7SNE03rVk7VCRWUuB/LIl+twDoj+KLPrv/LZYNHH703ZXnqzdAWdzX8qW6ZThKeZnyqvvbXhqPiKMrf3+cLVH3OQQAQG99mY1/nqw3/ivFPTXl7ojq3NBYRNwZETsj4q6I2BURd0dUyt4bEfe1Wf/4qvza8c8PWzoKrEXZ+O+5fG7r5vFfMfqLsaE8t6MSfzk5fnJh/kB+TCaivCnLTzep46sXf/yo0bba8V+2ZPUXY8G8Hb8Pr3pAd2x2ebabmGtdeS9iz3C9+JPrMwFJROyOiD0d/P3smJ18/LN9jbb/d/xN9GCeKf004rHq+V+JVfEXkubzk1ObY2H+wFRxVaz13feXXmlUf1fx90B2/rfWvf6vxz+W1M7XLrVfx6WfP2x4T9Pp9T+SvFZJj+Tr3pldXj47HTGSrKxdP3Nj3yJflM/in9hfv//vjPjnk3y/vRGRXcT3R8QDEfFg3vaHIuLhiNjfJP5vXnjkzc7jX19Z/MfaOv/tJ4ZOff1Fo/pbO/+HKqmJfE0rn3+tNrCbYwcAAAC3i1LlN/BJafJ6ulSanKz+hn9XbC0tLC4tP3F88e0zx6q/lR+Lcql40jVa8zx0On82XORnVuUPVp4bp2mabqnkJ+cWF9ZrTh1ozbYG/T/z21C/Wwesu7bm0Rq90QbclryvCYNL/4fB1Wr/L69zO4CN5/sfBle9/n8x4lofmgJsMN//MLj0fxhc+j8MLv0fBlI37/U3S+w80vHuaVe1b84D63D3X9blaDRLDG1gXb1MRKnupnJE3CItbJIo3RrNqCY2RUSrhS92emG3nejzBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECP/BsAAP//cGjokQ==")
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1ae96d0103010000", 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]})
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x8)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000740)=ANY=[], 0xffc9)
close_range(r0, 0xffffffffffffffff, 0x0)

47.678640587s ago: executing program 2 (id=544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000088000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d44001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000003ef0001800e000100636f6e6e6c696d69740000000c000280080001400000e41f08000340000001"], 0xd0}, 0x1, 0x0, 0x0, 0x60000800}, 0x4000024)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0xfffffffc, 0x0, 0x0, 0xffffffff}, 0x20000, 0x0, 0x4000007, 0x8, 0x101, 0x14, 0x20, 0x0, 0x80, 0x7, {0x1, 0xed, 0x0, 0x0, 0x5}}}}]}, 0x78}}, 0x4080)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

46.579070533s ago: executing program 2 (id=550):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
write$nci(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="414601", @ANYRES16=r3], 0x4)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000180)=<r6=>0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x24040080)

46.464864764s ago: executing program 2 (id=554):
r0 = socket$rds(0x15, 0x5, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r1 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r4, 0x13)
tkill(r4, 0x12)
wait4(0x0, 0x0, 0x4000000a, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x6}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELFLOWTABLE={0x78, 0x18, 0xa, 0x3, 0x0, 0x0, {0x15, 0x0, 0x9}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x14}}}, 0xc8}, 0x1, 0x0, 0x0, 0x10008001}, 0x4080)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
mq_open(0x0, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x140, 0x0, 0x0, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f0000000240)={@in={{0x2, 0x4e22, @private=0xa010102}}, 0x0, 0x2, 0x48, 0x0, "0000160000000000000000000000000000000006000000000000d6d98457000000000000000000000000080000008000"}, 0xd8)
bind$inet(r6, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200087fd, &(0x7f00000000c0)={0x2, 0x4e23, @loopback}, 0x10)
close(r6)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0x3, &(0x7f00000006c0)=ANY=[@ANYRES32=r5], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe(&(0x7f00000001c0))
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, 0x0, 0x0)

46.336351027s ago: executing program 2 (id=557):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f00000191c0)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
r2 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x2, 0x3bd})
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r3, 0x4)
close_range(r2, r3, 0x0)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)

46.162249499s ago: executing program 2 (id=561):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
lgetxattr(0x0, &(0x7f0000000040)=@known='trusted.overlay.upper\x00', 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'erspan0\x00'})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e220000060005"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'ip6gretap0\x00', @ifru_mtu=0x6})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=@newtaction={0xec0, 0x30, 0xb, 0x0, 0x0, {}, [{0xeac, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xb}}]}, {0x4}, {0xffffffce}, {0xc, 0x8, {0x3}}}}, @m_pedit={0xe60, 0x2, 0x0, 0x0, {{0xa}, {0xe34, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x1}, [{}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0x0, 0x100}, {0xfffffffd}, {0x40}, {}, {}, {}, {}, {}, {}, {0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x6e8}, {}, {}, {}, {}, {}, {0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {0x20}, {0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfba5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x401}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x1d4ce113}, {}, {0x400}, {0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1000000}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x400000}, {}, {}, {0x6}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {0x0, 0x3}, {0x0, 0x0, 0x3}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {0x0, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x10, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec0}}, 0x4000)
ioctl$sock_netdev_private(r6, 0x8914, &(0x7f0000000000))

46.11562153s ago: executing program 32 (id=561):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
lgetxattr(0x0, &(0x7f0000000040)=@known='trusted.overlay.upper\x00', 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'erspan0\x00'})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e220000060005"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'ip6gretap0\x00', @ifru_mtu=0x6})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=@newtaction={0xec0, 0x30, 0xb, 0x0, 0x0, {}, [{0xeac, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xb}}]}, {0x4}, {0xffffffce}, {0xc, 0x8, {0x3}}}}, @m_pedit={0xe60, 0x2, 0x0, 0x0, {{0xa}, {0xe34, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x1}, [{}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0x0, 0x100}, {0xfffffffd}, {0x40}, {}, {}, {}, {}, {}, {}, {0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x6e8}, {}, {}, {}, {}, {}, {0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {0x20}, {0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfba5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x401}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x1d4ce113}, {}, {0x400}, {0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1000000}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x400000}, {}, {}, {0x6}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {0x0, 0x3}, {0x0, 0x0, 0x3}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {0x0, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x10, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec0}}, 0x4000)
ioctl$sock_netdev_private(r6, 0x8914, &(0x7f0000000000))

2.419317467s ago: executing program 1 (id=1386):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x80000001}, 0x18)
memfd_create(0x0, 0x1)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fd\x00')
exit(0x0)
statx(r1, 0x0, 0x1000, 0x10, 0x0)
syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
getpid()
socket$inet6(0xa, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000580)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r5 = gettid()
rt_tgsigqueueinfo(0x0, r5, 0xb, &(0x7f0000000280)={0x8, 0x0, 0x4})

1.982666553s ago: executing program 4 (id=1393):
r0 = open(0x0, 0x400141042, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0)
pwritev2(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)='\"', 0x1}, {&(0x7f0000001580)="bd", 0x1}], 0x2, 0x1002020, 0x1020884, 0x12)

1.389078621s ago: executing program 1 (id=1397):
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d2800128014000180090001006c617374000000000400028010000180060001006c6173740000000008000340000001"], 0xb4}}, 0x20050800)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5, 0x0, 0x4000000000000000}, 0x18)
ioctl$int_in(r3, 0x5452, &(0x7f0000000240)=0xfffffffffffffffb)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x1018e58, &(0x7f0000000000), 0x1, 0x61f, &(0x7f0000001680)="$eJzs3d9rHNUeAPDv7CZp0ubetJfL5TbciwEfWpCmSS1WfbGtD/ahYME+iPjQ0CQ1dPuDJgVbC23BBwUFEV+L9MV/wHfpu28iqG8+C1WkoqAlKzM7m26S2SZNu7tJ5/OB3Z05MzvnfPfkZM7M7NkJoLTG0qdKxO6IxVNJxEjLsuFoLBzL17v367XT6SOJev2NX5JI8rTm+ov56470KYkYjIhvjkb8q7o63/krV89O1eoN1yP2L5y7uH/+ytV9c+emzsycmTk/eeDFg4cmXpo8OPlE4tyRvx47/vr/Pn7/nRdmv63tS+JwnOx/bzpWxLEB9aQgcSzGYjEPsTW9LyIOpRMFn8tWs64QtnW+HGxMNf977I+I/8RIVLO5hpGY+6inhQM6ql6NqAMllWj/UFLNfkDz2H59x8EnO9wr6Z67RxoHQKvj72ucG4nB7Nho+72k5ciocW5j5xPIP83j/rXRW+kjlp2H+GOpdvqeQD7t3LgZEf8tij/JyrYzizSNvxKVlvclETEREQN5+V7dQNat22p6zPMwj16IR4i/tR7Sz+Jw/pqmH91g/mMr5rsdPwDldOdIviPP9sYP9n9p36PZ/4mC/s9wwb5rI3q9/2vf/2vu7wezc+SVFf2wtM9yoniT/SsTfvzw2Kft8m/t/92/lmTlaPYFu+HuzYjRFfF/kHX0kqX6TwrqP13l1OH15fHadz8fa7dsefyjt7odf/12xJ7C458HvdJ06iHXJ/fPztVmJhrPhXl89fXbX7TLv9fxp/W/vU38LfVfWfm+9DO5uM48vjxx+9xAm2XDa8Zf+WkgaRxvNrfx7tTCwqXJiIHkeL5KS/qBh5eluU5zG2n8e58tbv/L/v5vLt/OUOsBzBouvnn2XrtlG6n/lovJi/V1lqGdNP7ptet/VftP0z5ZZx6/v3X5/+2WFcQfkcc/9DiBAQAAAAAAQAlVsmuwSWV8abpSGR9vjJf9d2yv1C7MLzw3e+Hy+emIvdn3IfsrzSvdI435JJ2fzL8P25w/sGL++YjYFRGfVYey+fHTF2rTvQ4eAAAAAAAAAAAAAAAAAAAANokd+fj/5n2qf6s2xv8DJdHJG8wBm5v2D+WVtf9Vt3gCysD+H8pL+4fy0v6hvLR/KC/tH8pL+4fy0v6hvLR/AAAAAHgq7Xrmzg9JRNx4eSh7pAbyZdWelgzotP6CtPr1HhQE6Dr7eCivpUv/hv9D6RT1/1f5M/9xwM4XB+iBpCgx6xzUH9747xS+EwAAAAAAAAAAAADogD2724//X9fYAGDLMuwPyusxxv/76QDY4vz0P5SXY3xgrVH8g+0WGP8PAAAAAAAAAAAAAF0znD2Syng+Fng4KpXx8Yh/RMTO6E9m52ozExHxz4j4vtq/LZ2f7HWhAQAAAAAAAAAAAAAAAAAA4Ckzf+Xq2alabeZS68Rfq1Ke7onmXVC7kNcr8YjviqT7H8tQRPS8Ujo20deSkkTcSGt+UxTs0nxsjmJkEz3+xwQAAAAAAAAAAAAAAAAAACXUMva42OjnXS4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTfg/v/d26i1zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvT3wEAAP//PflCHg==")

1.388653931s ago: executing program 5 (id=1398):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x40, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.340222092s ago: executing program 5 (id=1399):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x2, 0x3bd})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
close_range(r0, r1, 0x0)

1.304394482s ago: executing program 4 (id=1400):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x40, 0x0, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.303259042s ago: executing program 0 (id=1401):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x40, 0x0, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.294191632s ago: executing program 5 (id=1402):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000002a88ef3fe539559439f1abcfa9e000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000004b704000000000000850000000300000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x200000001300, 0x200000001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000001000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000"]}, 0x108)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
setfsgid(0xee00)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
request_key(0x0, 0x0, 0x0, 0xfffffffffffffffa)

1.254378273s ago: executing program 5 (id=1403):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
write$nci(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="414601", @ANYRES16=r3], 0x4)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x24040080)

1.241505443s ago: executing program 4 (id=1404):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
write$nci(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="414601", @ANYRES16=r3], 0x4)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x24040080)

1.220956504s ago: executing program 0 (id=1405):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad2ffe1ad738f4c073f1378d2b455e61844076a4a97ac1e13e2fb300ae69d55c501f96dcc39bf7ed835cc866f0fbd8e936e8374a484f111919dc610e0a36a0ee3df2ab1dc34cea42a4292e2fbaa86875", 0xec}], 0x1}}], 0x1, 0xc0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000050900010073797a310000000024010000050a01020000000000000000010000000c00024000000000000000010900010073797a3100000000040004800a000700"], 0x1ac}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000e40)=@delchain={0xe8, 0x65, 0x200, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0xa}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_RATE={0x6, 0x5, {0x4, 0x28}}, @filter_kind_options=@f_flower={{0xb}, {0x7c, 0x2, [@TCA_FLOWER_KEY_ETH_SRC={0xa}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_VLAN_PRIO={0x5, 0x18, 0x5}, @TCA_FLOWER_KEY_MPLS_OPTS={0x8, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x4}}, @TCA_FLOWER_KEY_IP_TTL_MASK={0x5, 0x4c, 0x1}, @TCA_FLOWER_ACT={0x44, 0x3, [@m_ife={0x40, 0x12, 0x0, 0x0, {{0x8}, {0x4}, {0x15, 0x6, "7dea7fdc03dc266b4394d770e179d0165e"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_FLOWER_KEY_ENC_IP_TOS={0x5, 0x50, 0x2}]}}, @filter_kind_options=@f_matchall={{0xd}, {0x24, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xffe0, 0xffe0}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff3, 0xd}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}]}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x2000000, &(0x7f0000000340)=ANY=[@ANYBLOB="003531d0081634a844cb7924d87a8dce5d1a6c9ae88dce733292494dc2900e6759d69221ec8f827bc438bf6a983de5286b648195a809a18b941c6b3d090092180d1746e9c5eae6b9c2992b32ec95bffe226d2ad16124944e105e9d268dfafd74ca934a7dbef224c2293a4798904f162d126d1819febf57d3758306dadf1057fdf9ee584e"], 0x1, 0x55a, &(0x7f0000000b80)="$eJzs2s9qE1EUB+CTP02LCGYtLgbcuCrVJzBICsWAEMlCceFA4yYjwmQzyaoP4hP4PD5JVt1F6oSkURGknUxtvg9CDvlNMucykHsX5+OTz5PzL9NPH75/jaOXSbQjonkZ0Y1mtKLUiI1GdOK6iwAA/jfDYdqruweqlee99OoMd/hbMvpWS0MAAAAAAAAAAADc2L/M/zfN/wPAvVDO/3fqboMK5Xkv7azOb9vM/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD1uVwuHy3/8qq7PwDg9tn/AWD/2P8BYP/Y/wFg/7x99/51bzDoD5PkKGJxUYyKUfle5qdng/5J8lN3861FUYxa6/x5mSfb+UE8WOUv/ph34tnTMr/KXr0Z/JIfxnn1ywcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACuOU7Wuo31p4uiGLXKfHNBN7bysjo9G/RPVhds5+143N7dOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICbm87mkzTLxrmiiqIdETu41/HD8mkerJ7q7d8iolHRLyvuZlHffxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCv6Ww+SbNsnE/r7gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCums/kkzbJxXmFR9xoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYvR8BAAD//2/WhiY=")
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r3 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, &(0x7f0000000540)={{0x8}, {0x9, 0x5}, 0x8, 0x2, 0x8})
recvmsg(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
unshare(0x28060500)
r4 = gettid()
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x12, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7ff}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x1, 0xb, 0x5, 0x0, 0xffffffffffffffec}, @generic={0xfd, 0x3, 0xf, 0xfff, 0x4}]}, &(0x7f0000000180)='syzkaller\x00', 0x4, 0xd8, &(0x7f00000001c0)=""/216, 0x40f00, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x5, 0x1, 0x10001, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x9, @void, @value}, 0x94)
r6 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file1\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
statx(r6, &(0x7f0000000040)='./file1\x00', 0x2000, 0x400, &(0x7f00000002c0))
statx(r6, &(0x7f0000000080)='./file1\x00', 0x2000, 0x8, &(0x7f0000000540))

1.208294574s ago: executing program 3 (id=1406):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@float={0x3, 0x0, 0x0, 0x10, 0x8}, @decl_tag={0x3, 0x0, 0x0, 0x11, 0x3}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x0, 0x2}]}]}, {0x0, [0x61, 0x61, 0x2e]}}, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f00000003c0)=0x2, 0x12)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x9, <r3=>0x0}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x18, &(0x7f0000000680)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800", @ANYRES32=r2], &(0x7f0000000600)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000002140)=""/4088, 0xff8}], 0x4, 0x4, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r6, 0x29, 0x37, &(0x7f00000000c0)=ANY=[@ANYBLOB="2b0b000000000000071000000003020108004200000000000000c204000000070502046d803602fc75485096adbd96a15d6129ffdd304a2f5c09f9869148a75ee5ca11728214d24c9c474a5384b90c927124f21efbce26073651c90502004b"], 0x60)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x14, r8, 0x1, 0x0, 0x0, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x24008005}, 0x0)
ioctl$SG_IO(r5, 0x2285, 0x0)
writev(r5, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000a80)='kfree\x00', r9}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300001e, 0x62033, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

1.082535516s ago: executing program 5 (id=1407):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x80000001}, 0x18)
memfd_create(0x0, 0x1)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fd\x00')
exit(0x0)
statx(r1, 0x0, 0x1000, 0x10, 0x0)
syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
getpid()
socket$inet6(0xa, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000580)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r5 = gettid()
rt_tgsigqueueinfo(0x0, r5, 0xb, &(0x7f0000000280)={0x8, 0x0, 0x4})

1.066297026s ago: executing program 4 (id=1408):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x2, 0x63, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000580), 0xc6082, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000240)='io_uring_req_failed\x00', r2}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(0xffffffffffffffff, 0x0, 0x89)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r5, &(0x7f00000003c0)='./file0\x00')
readlinkat(r5, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000001300001700000000000000006574683a746544b4c21c853e7ba400"/46], 0x34}}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r8, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
shutdown(r9, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000100)={<r10=>0x0, 0x10, &(0x7f0000000300)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000280)=0x10)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r9, 0x84, 0x66, &(0x7f0000000040)={r10}, &(0x7f00000000c0)=0x8)
listen(r9, 0x9)
ioctl(r9, 0x8, &(0x7f00000005c0)="6d9fbdb0db6b4d73a7f39613f770e83324bea78988775fbe71211e87e400bcf8da8b12d8fbfebdd7a752bed09023cc0df68737b27b40df22fbae4d6a329a133c3a143f4a1646c63dbe8bb7373946d0dfc911677a4a809c5bf3dff4319e46e20b40577a7d4eb3e006e171801277f65c589844a9b576114de0902efb52904cc6e0d4b4814ab48c8f4aafecd703edc772bd891b6fc7a9839fef8b22f071cc45b2e4ee1db4f5198677496d69a369376aa32ef99403328a7b09c6ffa99d4d83b8e40ae2fee1c8319930f463d9f2ff5502bcacd04d2c3cc130430d0930f9e0d98c929f4d8948543254eb8b3135ab7ca1f90972cff32434")
listen(r9, 0x2c)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x11, 0xffffffffffffffff, 0x300000000)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x8, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x70154000)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r12 = signalfd4(r11, &(0x7f0000000040)={[0x800000000000]}, 0x8, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r12, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000880)=ANY=[@ANYBLOB='3\x00\x00\x00', @ANYRESOCT, @ANYBLOB="4fe04be95af260beb01f44e6e343783dafa8a7aa9028390b2ea3a074a3f98e34db62ad427ee912d7f19633d44e2f34a285c3dc40c6109508d7f5e7c248cd49ea44a9e47ee132abf0a179c738e1e73854f5f1ffae283ef707e421f36634e3f7c828d7ae05207cc9e31cbda971fbc397eead8824d19e7e2c1a7c9ed23bd8c69d64b093315ea26fbfe776af3c1d3eb301e2487ae478b058c850c1d12105fb325ad67c9f30aa317e66b82a6a54352fb742724fb5458a333d320f17935697506f85c8c8511f6dc47d661802478d6b9b7180baed29b572d12d316dd265cc6724d8"], 0x3c}, 0x1, 0x0, 0x0, 0x80d0}, 0x10040)

1.061447436s ago: executing program 0 (id=1409):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r2, &(0x7f0000004200)='t', 0x1)

1.038259136s ago: executing program 3 (id=1410):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
pwritev2(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)='\"', 0x1}, {&(0x7f0000001580)="bd", 0x1}], 0x2, 0x1002020, 0x1020884, 0x12)

1.036191646s ago: executing program 1 (id=1411):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020000000000000000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d000000950000000000ab3b8995507903b649e1b2fc00"/93], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket(0xa, 0x3, 0x3a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000001c0)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x78, {0x2, 0x4e20, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000100)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x23}}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000100000051d833483cc75d51900000000000000004000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319e2e66d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
getsockopt$inet_mptcp_buf(0xffffffffffffffff, 0x11c, 0x2, 0x0, &(0x7f0000000100))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000080)={{0xa, 0x0, 0x0, @remote, 0x3}, {0xa, 0x4e22, 0x0, @mcast1}, 0x1}, 0x5c)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x1)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)

1.003902997s ago: executing program 3 (id=1412):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x2, 0x3bd})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
close_range(r0, r1, 0x0)

951.563227ms ago: executing program 3 (id=1413):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x10001, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="e000", @ANYRES16=r3], 0xe0}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffe, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
keyctl$set_timeout(0xf, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYRES64=r0], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bond0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0xac, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r9, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x22, 0x1, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x8}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0xd, 0x3, 0x6}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0xfffffffffffffd78, 0x5, 0x7}]}}]}, 0xac}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000340)='svcrdma_small_wrch_err\x00', r7, 0x0, 0x2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xefff, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

886.439538ms ago: executing program 0 (id=1414):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x10000}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000015c0)='./file0\x00', 0x800734, &(0x7f00000019c0)={[{@jqfmt_vfsv0}]}, 0xff, 0x486, &(0x7f0000001040)="$eJzs3M9rHFUcAPDv7Db93SbWWm1tNVrF4o+kSav24EFFwYOCoId6jElaa7eNNBFsCRpF6lEK3sWj4F/gzYuoBxG8KniUQtEgNPW0Mr+a7WaTJmmSNdnPBzb73s6bfe87M2/3zbzMBtCxetM/ScTOiPgtIrrz7K0FevOnmenJ4RvTk8NJ1Otv/JVk5a5PTw6XRcv1dhSZI5WIyqdJPJ/MrXf84qWzQ7Xa6IUi3z9x7r3+8YuXnjpzbuj06OnR84MnThw/NvDsM4NPr0icaVzXD3w4dnD/K29deW345JW3f/wmbda+Q/nyxjhu60aLgFroTbfa3/VM87JHl9D29WBXQzrZ1MaGsCTViEh3V1fW/7ujGrM7rzte/qStjQNWVfrdtGX+xVN1YANLot0tANqj/KJPz3/LxxoNPf4Xrr0QsblIz0xPDs/cjL9arxSvd61i/b0RcXLq3y/TRyz1OgQAwDJkY5snW43/KrEve87nOnYXcyg9EXFXROyJiLsjYm9E3BORlb03Iu7LV653L7L+3qb83PFP5WrLNq+QdPz3XMPYb6Yh/uKpp1rkdmXxdyWnztRGjxbb5Eh0bUnzAwvU8d1Lv34+37LG8V/6SOsvx4JFA65uarpANzI0MbRSG+HaxxEHNrWKP7k5E5AeAfsj4sDS3np3mTjz+NcH5yt0+/gXsALzTPWvIh7L9/9UNMVfShaen+zfGrXRo/3lUTHXT79cfn2++u8o/hWQ7v/ttx7/TSW6/0ny+dquqNVGL4wvvY7Lv3827znNco//zcmb2Zz1z+/kr30wNDFxYSBic/Jqli/P6bLXB2fXLfNl+TT+I4db9/89xTpp/PdHRHoQH4qIByLiwaLtD0XEwxFxeIH4f3jxkXcXiD+JJNq6/0dafv7dPP57ksb5+mUkqme//3a+GfPF7f/jMZV91uayz7/bWGwD73DzAQAAwLpQiYidkVT68nTvzqhU+vry/+HfG9srtbHxiSdOjb1/fiS/R6Anuirlla7uhuuhA8lU8Y55frC4VlwuP1ZcN/6iui3L9w2P1UbaHDt0uh239v8o+3/qz2q7WwesOvdrQedq7v+VNrUDWHuL+f53LgAbU4v+v60d7QDWnvN/6Fyt+v9HTXnjf9iY5vb/P1r8ZB2wERn/Q+fS/6Fz6f/Qke7kvv7lJ8qbBZb/PlsXfYd/pyTKX7xYzbq2xewrUWl7yB2USHvM2lY6+xsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA69l/AQAA//9EvefZ")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
execve(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000400)={[&(0x7f0000000040)='GPL\x00', &(0x7f0000000200)='\x00', &(0x7f0000000280)='jqfmt=vfsv0', &(0x7f0000000300)='tmpfs\x00', &(0x7f0000000340)='%-$]\x00', &(0x7f0000000380)='\x00', &(0x7f00000003c0)='kfree\x00']}, &(0x7f00000005c0)={[&(0x7f00000004c0)='\x00', &(0x7f0000000500)='GPL\x00', &(0x7f0000000540)='tmpfs\x00', &(0x7f0000000580)='GPL\x00']})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000100)='blkio.reset_stats\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
ioperm(0x8, 0x9, 0x5a)
r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8003}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x38, 0x3, r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}})
write$cgroup_int(r3, &(0x7f0000000040)=0x2, 0x12)

779.856469ms ago: executing program 3 (id=1415):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
write$nci(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="414601", @ANYRES16=r2], 0x4)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000180))
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x24040080)

763.183589ms ago: executing program 4 (id=1416):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x20}}, {@bsdgroups}, {@user_xattr}, {@user_xattr}, {@bsdgroups}]}, 0x3, 0x587, &(0x7f0000000dc0)="$eJzs3c9rHGUfAPDvbHab/nrfplDK25eXl0IPVmo3TeKPCh7qUbRYUM91SaahZNMt2U1pomB7sBcvUgQRC+Jd7x48FC8e/SsKWihSgh68rMxmNt02m2STbkza/XxgkueZmd1nvjPzfXhmZ5cJYGAdz/4UIo5FxOdJxKGOZcXIFx5fXm/p4ceT2ZREs/ne70kk+bz2+kn+/0Be+U9E/PRpxKnC6nbrC4szlWo1ncvro43Zq6P1hcXTl2cr0+l0emV8YuLsKxPjr7/2at9iffHCn1+9e/ets5+dWPry+/uHbydxLg7myzrjeAo3OivHm818n5Ti3BMrjvWhsd0k2ekNYEuG8jwvRcSx0qFSO+uB598nEdEEBlSyyfwf1l/Ac6I9Dmhf2/fpOviZ8eDN5Qug1fEXlz8bib2ta6P9S8ljV0bZ9e5IH9rP2vjhtzu3syn69zkEwIZu3IyIM8Xi6v4vyfu/rTvTwzpPtqH/g3/O3Wz881K38U9hZfwTXcY/B7rk7lZsnP+F+31oZk3Z+O+NruPflZtWI0N57V+tMV8puXS5mmZ9278j4mSUhrP6evdzzi7da661rHP8l01Z++2xYL4d94vDj79mqtKoPE3MnR7cjPhv1/FvsnL8ky7HP9sfH/TYxtH0zv/XWrZx/Nur+W3EC12P/6M7Wsn69ydHW+fDaPusWO2PW0d/Wav97vH//OM2hNpVdvz3rx//SNJ5v7a++Ta+2ftXutayrZ7/e5L3W+U9+bzrlUZjbixiT/LO6vnjj17brrfXz+I/eWL9/q/b+b8vIj7sMf5bR77739bj315Z/FObOv6bL9x7+6Ov12q/t+P/cqt0Mp/TS//X6wY+zb4DAAAAAACA3aYQEQcjKZRjb14uFMrl5e93HIn9hWqt3jh1qTZ/ZSpav5UdiVKhfaf7UMf3Icby78O26+NP1Cci4nBEfDG0r1Uvl6I6tdPBAwAAAAAAAAAAAAAAAAAAwC5xYOX3//HY7/8zvw7t9NYB2664/PxvYABt+Mj/fjzpCdiVNsx/4Lkl/2FwyX8YXPIfBlLrFp/8h8El/2FwyX8YXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urC+fPZ1Fx6mLTqU9cW5mdq105PpfWZ8uz8ZHmyNne1PF2rTVfT8mRtdqP3q9ZqV8fGY/76aCOtN0brC4sXZ2vzVxoXL89WptOLqeeMAwAAAAAAAAAAAAAAAAAAwGr1hcWZSrWazvWhUKpW00JE9LJyRM/v3Bzu/6Y+04VsZ9wo9raft6eQxKM5xd2yWxT6WtjhjgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvwdAAD//2u+Lgo=")
open(&(0x7f0000000140)='./file1\x00', 0x64842, 0x21)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r2, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)

746.42375ms ago: executing program 1 (id=1417):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x48, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

666.043901ms ago: executing program 0 (id=1418):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
r0 = epoll_create1(0x0)
r1 = socket(0x23, 0x5, 0x0)
listen(r1, 0x3)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x20000000})
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, <r3=>0xffffffffffffffff}, './file0\x00'})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x238, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x203, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0xffffffffffffffff}, 0x13)
sendmsg$inet(r4, &(0x7f0000000d40)={0x0, 0x7000003, &(0x7f00000023c0)=[{&(0x7f0000000b40)='?', 0x1}, {0x0, 0x1}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x20001)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000000)={0x10})

378.750795ms ago: executing program 1 (id=1419):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
write$nci(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="414601", @ANYRES16=r3], 0x4)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x24040080)

377.576035ms ago: executing program 3 (id=1420):
socket$inet6_sctp(0xa, 0x5, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x100000003}, 0x1320, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xfcbd}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
prctl$PR_GET_NAME(0x10, &(0x7f0000000280)=""/216)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x1f, &(0x7f0000000040)=0x1, 0x4)
pipe(&(0x7f00000004c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)

300.627836ms ago: executing program 1 (id=1421):
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d2800128014000180090001006c617374000000000400028010000180060001006c6173740000000008000340000001"], 0xb4}}, 0x20050800)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5, 0x0, 0x4000000000000000}, 0x18)
ioctl$int_in(r3, 0x5452, &(0x7f0000000240)=0xfffffffffffffffb)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x1018e58, &(0x7f0000000000), 0x1, 0x61f, &(0x7f0000001680)="$eJzs3d9rHNUeAPDv7CZp0ubetJfL5TbciwEfWpCmSS1WfbGtD/ahYME+iPjQ0CQ1dPuDJgVbC23BBwUFEV+L9MV/wHfpu28iqG8+C1WkoqAlKzM7m26S2SZNu7tJ5/OB3Z05MzvnfPfkZM7M7NkJoLTG0qdKxO6IxVNJxEjLsuFoLBzL17v367XT6SOJev2NX5JI8rTm+ov56470KYkYjIhvjkb8q7o63/krV89O1eoN1yP2L5y7uH/+ytV9c+emzsycmTk/eeDFg4cmXpo8OPlE4tyRvx47/vr/Pn7/nRdmv63tS+JwnOx/bzpWxLEB9aQgcSzGYjEPsTW9LyIOpRMFn8tWs64QtnW+HGxMNf977I+I/8RIVLO5hpGY+6inhQM6ql6NqAMllWj/UFLNfkDz2H59x8EnO9wr6Z67RxoHQKvj72ucG4nB7Nho+72k5ciocW5j5xPIP83j/rXRW+kjlp2H+GOpdvqeQD7t3LgZEf8tij/JyrYzizSNvxKVlvclETEREQN5+V7dQNat22p6zPMwj16IR4i/tR7Sz+Jw/pqmH91g/mMr5rsdPwDldOdIviPP9sYP9n9p36PZ/4mC/s9wwb5rI3q9/2vf/2vu7wezc+SVFf2wtM9yoniT/SsTfvzw2Kft8m/t/92/lmTlaPYFu+HuzYjRFfF/kHX0kqX6TwrqP13l1OH15fHadz8fa7dsefyjt7odf/12xJ7C458HvdJ06iHXJ/fPztVmJhrPhXl89fXbX7TLv9fxp/W/vU38LfVfWfm+9DO5uM48vjxx+9xAm2XDa8Zf+WkgaRxvNrfx7tTCwqXJiIHkeL5KS/qBh5eluU5zG2n8e58tbv/L/v5vLt/OUOsBzBouvnn2XrtlG6n/lovJi/V1lqGdNP7ptet/VftP0z5ZZx6/v3X5/+2WFcQfkcc/9DiBAQAAAAAAQAlVsmuwSWV8abpSGR9vjJf9d2yv1C7MLzw3e+Hy+emIvdn3IfsrzSvdI435JJ2fzL8P25w/sGL++YjYFRGfVYey+fHTF2rTvQ4eAAAAAAAAAAAAAAAAAAAANokd+fj/5n2qf6s2xv8DJdHJG8wBm5v2D+WVtf9Vt3gCysD+H8pL+4fy0v6hvLR/KC/tH8pL+4fy0v6hvLR/AAAAAHgq7Xrmzg9JRNx4eSh7pAbyZdWelgzotP6CtPr1HhQE6Dr7eCivpUv/hv9D6RT1/1f5M/9xwM4XB+iBpCgx6xzUH9747xS+EwAAAAAAAAAAAADogD2724//X9fYAGDLMuwPyusxxv/76QDY4vz0P5SXY3xgrVH8g+0WGP8PAAAAAAAAAAAAAF0znD2Syng+Fng4KpXx8Yh/RMTO6E9m52ozExHxz4j4vtq/LZ2f7HWhAQAAAAAAAAAAAAAAAAAA4Ckzf+Xq2alabeZS68Rfq1Ke7onmXVC7kNcr8YjviqT7H8tQRPS8Ujo20deSkkTcSGt+UxTs0nxsjmJkEz3+xwQAAAAAAAAAAAAAAAAAACXUMva42OjnXS4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTfg/v/d26i1zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvT3wEAAP//PflCHg==")

141.307228ms ago: executing program 4 (id=1422):
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d2800128014000180090001006c617374000000000400028010000180060001006c6173740000000008000340000001"], 0xb4}}, 0x20050800)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0x4000000000000000}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x1018e58, &(0x7f0000000000), 0x1, 0x61f, &(0x7f0000001680)="$eJzs3d9rHNUeAPDv7CZp0ubetJfL5TbciwEfWpCmSS1WfbGtD/ahYME+iPjQ0CQ1dPuDJgVbC23BBwUFEV+L9MV/wHfpu28iqG8+C1WkoqAlKzM7m26S2SZNu7tJ5/OB3Z05MzvnfPfkZM7M7NkJoLTG0qdKxO6IxVNJxEjLsuFoLBzL17v367XT6SOJev2NX5JI8rTm+ov56470KYkYjIhvjkb8q7o63/krV89O1eoN1yP2L5y7uH/+ytV9c+emzsycmTk/eeDFg4cmXpo8OPlE4tyRvx47/vr/Pn7/nRdmv63tS+JwnOx/bzpWxLEB9aQgcSzGYjEPsTW9LyIOpRMFn8tWs64QtnW+HGxMNf977I+I/8RIVLO5hpGY+6inhQM6ql6NqAMllWj/UFLNfkDz2H59x8EnO9wr6Z67RxoHQKvj72ucG4nB7Nho+72k5ciocW5j5xPIP83j/rXRW+kjlp2H+GOpdvqeQD7t3LgZEf8tij/JyrYzizSNvxKVlvclETEREQN5+V7dQNat22p6zPMwj16IR4i/tR7Sz+Jw/pqmH91g/mMr5rsdPwDldOdIviPP9sYP9n9p36PZ/4mC/s9wwb5rI3q9/2vf/2vu7wezc+SVFf2wtM9yoniT/SsTfvzw2Kft8m/t/92/lmTlaPYFu+HuzYjRFfF/kHX0kqX6TwrqP13l1OH15fHadz8fa7dsefyjt7odf/12xJ7C458HvdJ06iHXJ/fPztVmJhrPhXl89fXbX7TLv9fxp/W/vU38LfVfWfm+9DO5uM48vjxx+9xAm2XDa8Zf+WkgaRxvNrfx7tTCwqXJiIHkeL5KS/qBh5eluU5zG2n8e58tbv/L/v5vLt/OUOsBzBouvnn2XrtlG6n/lovJi/V1lqGdNP7ptet/VftP0z5ZZx6/v3X5/+2WFcQfkcc/9DiBAQAAAAAAQAlVsmuwSWV8abpSGR9vjJf9d2yv1C7MLzw3e+Hy+emIvdn3IfsrzSvdI435JJ2fzL8P25w/sGL++YjYFRGfVYey+fHTF2rTvQ4eAAAAAAAAAAAAAAAAAAAANokd+fj/5n2qf6s2xv8DJdHJG8wBm5v2D+WVtf9Vt3gCysD+H8pL+4fy0v6hvLR/KC/tH8pL+4fy0v6hvLR/AAAAAHgq7Xrmzg9JRNx4eSh7pAbyZdWelgzotP6CtPr1HhQE6Dr7eCivpUv/hv9D6RT1/1f5M/9xwM4XB+iBpCgx6xzUH9747xS+EwAAAAAAAAAAAADogD2724//X9fYAGDLMuwPyusxxv/76QDY4vz0P5SXY3xgrVH8g+0WGP8PAAAAAAAAAAAAAF0znD2Syng+Fng4KpXx8Yh/RMTO6E9m52ozExHxz4j4vtq/LZ2f7HWhAQAAAAAAAAAAAAAAAAAA4Ckzf+Xq2alabeZS68Rfq1Ke7onmXVC7kNcr8YjviqT7H8tQRPS8Ujo20deSkkTcSGt+UxTs0nxsjmJkEz3+xwQAAAAAAAAAAAAAAAAAACXUMva42OjnXS4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTfg/v/d26i1zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvT3wEAAP//PflCHg==")

23.16ms ago: executing program 5 (id=1423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xf71, 0x0, 0x1, 0x10000000}, 0x0, 0x200000000000000, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000001c0)='cpu&\"\"\nt\x00')

0s ago: executing program 0 (id=1424):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

kernel console output (not intermixed with test programs):

 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.951816][ T6029] RSP: 002b:00007ffba1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[   76.951840][ T6029] RAX: ffffffffffffffda RBX: 00007ffba32e5fa0 RCX: 00007ffba30be929
[   76.951856][ T6029] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0
[   76.951884][ T6029] RBP: 00007ffba1727090 R08: 0000000000000000 R09: 0000000000000000
[   76.951900][ T6029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.951916][ T6029] R13: 0000000000000000 R14: 00007ffba32e5fa0 R15: 00007ffe76be1868
[   76.951941][ T6029]  </TASK>
[   76.984429][ T6026] EXT4-fs (loop0): 1 truncate cleaned up
[   76.992633][ T6031] loop4: detected capacity change from 0 to 512
[   76.999956][ T6026] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.007084][ T6031] EXT4-fs (loop4): orphan cleanup on readonly fs
[   77.191358][ T6031] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.807: bad orphan inode 13
[   77.201666][ T6031] ext4_test_bit(bit=12, block=18) = 1
[   77.207226][ T6031] is_bad_inode(inode)=0
[   77.211488][ T6031] NEXT_ORPHAN(inode)=2130706432
[   77.216477][ T6031] max_ino=32
[   77.216622][ T6034] loop3: detected capacity change from 0 to 2048
[   77.219709][ T6031] i_nlink=1
[   77.222986][ T6031] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   77.243691][ T6034] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.273536][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.283144][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.305455][ T6045] Cannot find del_set index 0 as target
[   77.332037][ T6049] lo speed is unknown, defaulting to 1000
[   77.338018][ T6049] lo speed is unknown, defaulting to 1000
[   77.348994][ T6049] lo speed is unknown, defaulting to 1000
[   77.356132][ T6049] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   77.360148][ T6051] loop5: detected capacity change from 0 to 2048
[   77.364302][ T6049] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   77.380526][ T6049] lo speed is unknown, defaulting to 1000
[   77.387172][ T6049] lo speed is unknown, defaulting to 1000
[   77.388263][ T6051] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.393821][ T6049] lo speed is unknown, defaulting to 1000
[   77.408211][ T6051] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.427659][ T6049] lo speed is unknown, defaulting to 1000
[   77.434001][ T6049] lo speed is unknown, defaulting to 1000
[   77.455219][ T5238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.509377][ T6067] loop4: detected capacity change from 0 to 512
[   77.526524][ T6067] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.539617][ T6067] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.560226][ T6080] netlink: 44 bytes leftover after parsing attributes in process `syz.5.815'.
[   77.569228][ T6065] netlink: 44 bytes leftover after parsing attributes in process `syz.5.815'.
[   77.587134][ T6082] loop3: detected capacity change from 0 to 512
[   77.606271][ T6082] EXT4-fs (loop3): orphan cleanup on readonly fs
[   77.613097][ T6082] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.820: bad orphan inode 13
[   77.632092][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.642124][ T6082] ext4_test_bit(bit=12, block=18) = 1
[   77.647549][ T6082] is_bad_inode(inode)=0
[   77.651769][ T6082] NEXT_ORPHAN(inode)=2130706432
[   77.656704][ T6082] max_ino=32
[   77.659984][ T6082] i_nlink=1
[   77.674030][ T6082] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   77.691428][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.701409][ T6086] FAULT_INJECTION: forcing a failure.
[   77.701409][ T6086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   77.714589][ T6086] CPU: 0 UID: 0 PID: 6086 Comm: syz.1.821 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[   77.714622][ T6086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   77.714680][ T6086] Call Trace:
[   77.714687][ T6086]  <TASK>
[   77.714697][ T6086]  __dump_stack+0x1d/0x30
[   77.714724][ T6086]  dump_stack_lvl+0xe8/0x140
[   77.714745][ T6086]  dump_stack+0x15/0x1b
[   77.714764][ T6086]  should_fail_ex+0x265/0x280
[   77.714787][ T6086]  should_fail+0xb/0x20
[   77.714828][ T6086]  should_fail_usercopy+0x1a/0x20
[   77.714856][ T6086]  _copy_to_user+0x20/0xa0
[   77.714883][ T6086]  simple_read_from_buffer+0xb5/0x130
[   77.714925][ T6086]  proc_fail_nth_read+0x100/0x140
[   77.714950][ T6086]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   77.714978][ T6086]  vfs_read+0x19d/0x6f0
[   77.715006][ T6086]  ? __rcu_read_unlock+0x4f/0x70
[   77.715035][ T6086]  ? __fget_files+0x184/0x1c0
[   77.715070][ T6086]  ksys_read+0xda/0x1a0
[   77.715093][ T6086]  __x64_sys_read+0x40/0x50
[   77.715116][ T6086]  x64_sys_call+0x2d77/0x2fb0
[   77.715143][ T6086]  do_syscall_64+0xd2/0x200
[   77.715171][ T6086]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.715285][ T6086]  ? clear_bhb_loop+0x40/0x90
[   77.715312][ T6086]  ? clear_bhb_loop+0x40/0x90
[   77.715347][ T6086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.715373][ T6086] RIP: 0033:0x7f856d2bd33c
[   77.715405][ T6086] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   77.715427][ T6086] RSP: 002b:00007f856b927030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   77.715447][ T6086] RAX: ffffffffffffffda RBX: 00007f856d4e5fa0 RCX: 00007f856d2bd33c
[   77.715459][ T6086] RDX: 000000000000000f RSI: 00007f856b9270a0 RDI: 0000000000000007
[   77.715471][ T6086] RBP: 00007f856b927090 R08: 0000000000000000 R09: 0000000000000000
[   77.715483][ T6086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.715494][ T6086] R13: 0000000000000000 R14: 00007f856d4e5fa0 R15: 00007ffc83dcac58
[   77.715517][ T6086]  </TASK>
[   77.716249][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.055954][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.117796][ T6105] netlink: 232 bytes leftover after parsing attributes in process `syz.5.828'.
[   78.154931][ T6105] loop5: detected capacity change from 0 to 2048
[   78.227897][ T6106] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.828'.
[   78.238715][ T6105] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.828'.
[   78.311076][ T6108] 9pnet_fd: Insufficient options for proto=fd
[   78.396843][ T6112] netem: change failed
[   78.413478][ T6115] loop9: detected capacity change from 0 to 7
[   78.420066][ T6115] Buffer I/O error on dev loop9, logical block 0, async page read
[   78.428098][ T6115] Buffer I/O error on dev loop9, logical block 0, async page read
[   78.436080][ T6115]  loop9: unable to read partition table
[   78.441813][ T6115] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   78.441813][ T6115] 
U�������) failed (rc=-5)
[   78.492055][ T6120] loop9: detected capacity change from 0 to 7
[   78.502783][ T6119] loop3: detected capacity change from 0 to 2048
[   78.510075][ T6119] EXT4-fs: Ignoring removed mblk_io_submit option
[   78.516771][ T6120] Buffer I/O error on dev loop9, logical block 0, async page read
[   78.525039][ T6120] Buffer I/O error on dev loop9, logical block 0, async page read
[   78.532914][ T6120]  loop9: unable to read partition table
[   78.538907][ T6120] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   78.538907][ T6120] 
U�������) failed (rc=-5)
[   78.555882][ T6119] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.622963][ T6119] random: crng reseeded on system resumption
[   78.640684][ T6130] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[   78.650045][ T6130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   78.659148][ T6130] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.680389][ T6131] loop4: detected capacity change from 0 to 512
[   78.687055][ T6131] EXT4-fs: Ignoring removed mblk_io_submit option
[   78.694210][ T6131] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   78.709876][ T6131] EXT4-fs (loop4): 1 truncate cleaned up
[   78.720605][ T6131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.809277][ T6139] loop1: detected capacity change from 0 to 512
[   78.828630][ T6139] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.842049][ T6139] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.987644][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.054079][ T6156] Cannot find add_set index 65533 as target
[   79.140639][ T6159] lo speed is unknown, defaulting to 1000
[   79.213667][ T6165] loop1: detected capacity change from 0 to 512
[   79.221661][ T6165] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   79.229862][ T6165] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[   79.239589][ T6165] EXT4-fs (loop1): orphan cleanup on readonly fs
[   79.246207][ T6165] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #13: comm syz.1.847: iget: bad i_size value: 12154761577498
[   79.259262][ T6165] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.847: couldn't read orphan inode 13 (err -117)
[   79.272912][ T6165] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.847: dx entry: limit 65535 != root limit 120
[   79.285070][ T6165] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.847: Corrupt directory, running e2fsck is recommended
[   79.328045][ T6173] lo speed is unknown, defaulting to 1000
[   79.406188][ T6178] loop9: detected capacity change from 0 to 7
[   79.412458][ T6178] Buffer I/O error on dev loop9, logical block 0, async page read
[   79.424212][ T6178] Buffer I/O error on dev loop9, logical block 0, async page read
[   79.432176][ T6178]  loop9: unable to read partition table
[   79.438545][ T6178] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   79.438545][ T6178] 
U�������) failed (rc=-5)
[   79.482440][ T6181] loop9: detected capacity change from 0 to 7
[   79.488868][ T6181]  loop9: unable to read partition table
[   79.495751][ T6181] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   79.495751][ T6181] 
U�������) failed (rc=-5)
[   79.608758][ T6200] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[   79.625778][ T6200] netlink: 'syz.4.856': attribute type 1 has an invalid length.
[   79.693505][ T6208] loop4: detected capacity change from 0 to 512
[   79.707283][ T6209] netlink: 'syz.0.861': attribute type 27 has an invalid length.
[   79.715130][ T6209] netlink: 'syz.0.861': attribute type 3 has an invalid length.
[   79.748360][ T6208] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.856: bg 0: block 393: padding at end of block bitmap is not set
[   79.772406][ T6211] loop5: detected capacity change from 0 to 2048
[   79.777894][ T6208] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   79.779704][ T6211] EXT4-fs: Ignoring removed mblk_io_submit option
[   79.794882][ T6208] EXT4-fs (loop4): 2 truncates cleaned up
[   79.803732][ T6214] loop9: detected capacity change from 0 to 7
[   79.816063][ T6218] loop0: detected capacity change from 0 to 512
[   79.819485][   T29] kauditd_printk_skb: 342 callbacks suppressed
[   79.819502][   T29] audit: type=1326 audit(1749350180.350:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6188 comm="syz.4.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b7be929 code=0x7ffc0000
[   79.824351][ T6214]  loop9: unable to read partition table
[   79.853420][   T29] audit: type=1400 audit(1749350180.350:3309): avc:  denied  { remount } for  pid=6215 comm="syz.0.873" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   79.857782][ T6214] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   79.857782][ T6214] 
U�������) failed (rc=-5)
[   79.903966][   T29] audit: type=1326 audit(1749350180.420:3310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6188 comm="syz.4.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f6d6b7be929 code=0x7ffc0000
[   79.927483][   T29] audit: type=1326 audit(1749350180.420:3311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6188 comm="syz.4.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b7be929 code=0x7ffc0000
[   79.928153][ T6219] loop1: detected capacity change from 0 to 256
[   79.950841][   T29] audit: type=1326 audit(1749350180.420:3312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6188 comm="syz.4.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d6b7be929 code=0x7ffc0000
[   79.980516][   T29] audit: type=1326 audit(1749350180.420:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6188 comm="syz.4.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b7be929 code=0x7ffc0000
[   80.003962][   T29] audit: type=1326 audit(1749350180.430:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6188 comm="syz.4.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d6b7be929 code=0x7ffc0000
[   80.027236][   T29] audit: type=1326 audit(1749350180.430:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6188 comm="syz.4.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b7be929 code=0x7ffc0000
[   80.050805][   T29] audit: type=1326 audit(1749350180.430:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6188 comm="syz.4.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f6d6b7be929 code=0x7ffc0000
[   80.078084][ T6190] wireguard0: entered promiscuous mode
[   80.084112][ T6190] wireguard0: entered allmulticast mode
[   80.162074][ T6211] random: crng reseeded on system resumption
[   80.203833][   T29] audit: type=1326 audit(1749350180.730:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6210 comm="syz.5.862" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x0
[   80.261628][ T1029] IPVS: starting estimator thread 0...
[   80.261684][ T6239] IPVS: set_ctl: invalid protocol: 103 100.1.1.1:20001
[   80.368158][ T6250] loop0: detected capacity change from 0 to 128
[   80.377866][ T6250] ext4 filesystem being mounted at /159/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   80.410258][ T6240] IPVS: using max 2352 ests per chain, 117600 per kthread
[   80.530753][ T6262] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.539509][ T6262] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.046159][ T6276] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.067212][ T6276] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.256419][ T6287] lo speed is unknown, defaulting to 1000
[   81.266783][ T6288] loop9: detected capacity change from 0 to 7
[   81.273199][ T6288] buffer_io_error: 4 callbacks suppressed
[   81.273215][ T6288] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.288715][ T6288] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.299240][ T6288]  loop9: unable to read partition table
[   81.305490][ T6291] loop3: detected capacity change from 0 to 512
[   81.313005][ T6288] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   81.313005][ T6288] 
U�������) failed (rc=-5)
[   81.328936][ T6291] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.368397][ T6297] loop4: detected capacity change from 0 to 128
[   81.375323][ T6297] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   81.388488][ T6297] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   81.399769][ T6295] lo speed is unknown, defaulting to 1000
[   81.437025][ T6299] loop3: detected capacity change from 0 to 512
[   81.454234][ T2010] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   81.500221][ T6299] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.531650][ T6311] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6311 comm=syz.4.890
[   81.548390][ T6311] loop9: detected capacity change from 0 to 7
[   81.555241][ T6311] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.564310][ T6311] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.572715][ T6311]  loop9: unable to read partition table
[   81.580323][ T6311] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   81.580323][ T6311] 
U�������) failed (rc=-5)
[   81.603989][ T6314] loop3: detected capacity change from 0 to 2048
[   81.684629][ T6322] __nla_validate_parse: 19 callbacks suppressed
[   81.684648][ T6322] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.891'.
[   81.704045][ T6323] loop5: detected capacity change from 0 to 256
[   81.722418][ T6314] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.891'.
[   81.754411][ T6325] loop3: detected capacity change from 0 to 512
[   81.762098][ T6325] EXT4-fs (loop3): orphan cleanup on readonly fs
[   81.768867][ T6325] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.895: bad orphan inode 13
[   81.779053][ T6325] ext4_test_bit(bit=12, block=18) = 1
[   81.784687][ T6325] is_bad_inode(inode)=0
[   81.786367][ T6327] netlink: 4 bytes leftover after parsing attributes in process `syz.4.894'.
[   81.788845][ T6325] NEXT_ORPHAN(inode)=2130706432
[   81.788858][ T6325] max_ino=32
[   81.788865][ T6325] i_nlink=1
[   81.809749][ T6319] netlink: 4 bytes leftover after parsing attributes in process `syz.4.894'.
[   81.826635][ T6329] loop9: detected capacity change from 0 to 7
[   81.832918][ T6329] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.840940][ T6329] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.848919][ T6329]  loop9: unable to read partition table
[   81.855516][ T6329] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   81.855516][ T6329] 
U�������) failed (rc=-5)
[   81.950072][ T6332] netlink: 4 bytes leftover after parsing attributes in process `syz.3.897'.
[   81.959063][ T6331] netlink: 4 bytes leftover after parsing attributes in process `syz.3.897'.
[   82.020421][ T6335] netlink: 232 bytes leftover after parsing attributes in process `syz.3.898'.
[   82.038860][ T6335] loop3: detected capacity change from 0 to 2048
[   82.108606][ T6339] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.898'.
[   82.118621][ T6335] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.898'.
[   82.128263][ T6340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.899'.
[   82.200456][ T6344] loop4: detected capacity change from 0 to 1024
[   82.232644][ T6344] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   82.291931][ T6356] loop3: detected capacity change from 0 to 2048
[   82.325138][ T6358] loop4: detected capacity change from 0 to 1024
[   82.337796][ T6358] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   82.370764][ T6363] Cannot find del_set index 0 as target
[   82.380337][ T6365] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6365 comm=syz.4.906
[   82.395526][ T6365] loop9: detected capacity change from 0 to 7
[   82.401828][ T6365] Buffer I/O error on dev loop9, logical block 0, async page read
[   82.405438][ T6367] loop1: detected capacity change from 0 to 1024
[   82.409874][ T6365] Buffer I/O error on dev loop9, logical block 0, async page read
[   82.424020][ T6365]  loop9: unable to read partition table
[   82.430765][ T6365] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   82.430765][ T6365] 
U�������) failed (rc=-5)
[   82.462845][ T6367] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   82.479597][ T6367] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   82.481341][ T6371] loop9: detected capacity change from 0 to 7
[   82.492012][ T6367] EXT4-fs (loop1): This should not happen!! Data will be lost
[   82.492012][ T6367] 
[   82.498238][ T6371] Buffer I/O error on dev loop9, logical block 0, async page read
[   82.507794][ T6367] EXT4-fs (loop1): Total free blocks count 0
[   82.516540][ T6371] Buffer I/O error on dev loop9, logical block 0, async page read
[   82.521645][ T6367] EXT4-fs (loop1): Free/Dirty block details
[   82.521664][ T6367] EXT4-fs (loop1): free_blocks=68451041280
[   82.529553][ T6371]  loop9: unable to read partition table
[   82.535436][ T6367] EXT4-fs (loop1): dirty_blocks=16
[   82.542869][ T6371] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   82.542869][ T6371] 
U�������) failed (rc=-5)
[   82.546885][ T6367] EXT4-fs (loop1): Block reservation details
[   82.572324][ T6367] EXT4-fs (loop1): i_reserved_data_blocks=1
[   82.602022][ T6373] loop4: detected capacity change from 0 to 512
[   82.617302][ T6373] EXT4-fs (loop4): orphan cleanup on readonly fs
[   82.624401][ T6373] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.909: bad orphan inode 13
[   82.638809][ T6373] ext4_test_bit(bit=12, block=18) = 1
[   82.644306][ T6373] is_bad_inode(inode)=0
[   82.648493][ T6373] NEXT_ORPHAN(inode)=2130706432
[   82.653349][ T6373] max_ino=32
[   82.656665][ T6373] i_nlink=1
[   82.717857][ T6387] loop5: detected capacity change from 0 to 512
[   82.725968][ T6387] EXT4-fs (loop5): orphan cleanup on readonly fs
[   82.732676][ T6387] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.915: bad orphan inode 13
[   82.742851][ T6387] ext4_test_bit(bit=12, block=18) = 1
[   82.748345][ T6387] is_bad_inode(inode)=0
[   82.752510][ T6387] NEXT_ORPHAN(inode)=2130706432
[   82.757469][ T6387] max_ino=32
[   82.760672][ T6387] i_nlink=1
[   82.837635][ T6400] loop1: detected capacity change from 0 to 1024
[   82.860791][ T6402] Cannot find del_set index 0 as target
[   82.881216][ T6400] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   82.911461][ T6409] loop5: detected capacity change from 0 to 1024
[   82.939428][ T6416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.948071][ T6416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.964055][ T6417] loop4: detected capacity change from 0 to 256
[   83.155106][ T6424] loop3: detected capacity change from 0 to 1024
[   83.178402][ T6424] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   83.195340][ T6420] loop5: detected capacity change from 0 to 164
[   83.403611][ T6433] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6433 comm=syz.0.931
[   83.421303][ T6433] $H�: renamed from bond0 (while UP)
[   83.429550][ T6433] $H�: entered promiscuous mode
[   83.434719][ T6433] bond_slave_0: entered promiscuous mode
[   83.440643][ T6433] bond_slave_1: entered promiscuous mode
[   83.482774][ T6440] loop1: detected capacity change from 0 to 512
[   83.492304][ T6440] EXT4-fs (loop1): orphan cleanup on readonly fs
[   83.499788][ T6440] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.933: bad orphan inode 13
[   83.510056][ T6440] ext4_test_bit(bit=12, block=18) = 1
[   83.515730][ T6440] is_bad_inode(inode)=0
[   83.519935][ T6440] NEXT_ORPHAN(inode)=2130706432
[   83.524889][ T6440] max_ino=32
[   83.528147][ T6440] i_nlink=1
[   83.542286][ T6446] loop0: detected capacity change from 0 to 2048
[   83.563316][ T6449] Cannot find del_set index 0 as target
[   83.593666][ T6451] loop1: detected capacity change from 0 to 2048
[   83.670113][ T6459] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6459 comm=syz.0.940
[   83.686136][ T6459] loop9: detected capacity change from 0 to 7
[   83.692382][ T6459]  loop9: unable to read partition table
[   83.698192][ T6459] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   83.698192][ T6459] 
U�������) failed (rc=-5)
[   83.736786][ T6461] loop0: detected capacity change from 0 to 2048
[   83.869966][ T6466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.882975][ T6466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.885328][ T6468] loop5: detected capacity change from 0 to 512
[   83.898988][ T6468] EXT4-fs (loop5): orphan cleanup on readonly fs
[   83.906183][ T6468] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.945: bad orphan inode 13
[   83.916883][ T6468] ext4_test_bit(bit=12, block=18) = 1
[   83.922294][ T6468] is_bad_inode(inode)=0
[   83.926566][ T6468] NEXT_ORPHAN(inode)=2130706432
[   83.931745][ T6468] max_ino=32
[   83.935003][ T6468] i_nlink=1
[   83.941487][ T6475] Cannot find del_set index 0 as target
[   83.974754][ T6477] loop0: detected capacity change from 0 to 2048
[   83.975070][ T6479] loop5: detected capacity change from 0 to 1024
[   84.007726][ T6479] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   84.074561][ T6488] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6488 comm=syz.0.953
[   84.090769][ T6488] loop9: detected capacity change from 0 to 7
[   84.097410][ T6488]  loop9: unable to read partition table
[   84.098120][ T6490] loop5: detected capacity change from 0 to 512
[   84.103102][ T6488] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   84.103102][ T6488] 
U�������) failed (rc=-5)
[   84.126062][ T6490] EXT4-fs (loop5): orphan cleanup on readonly fs
[   84.132957][ T6490] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.954: bad orphan inode 13
[   84.143439][ T6490] ext4_test_bit(bit=12, block=18) = 1
[   84.148920][ T6490] is_bad_inode(inode)=0
[   84.153444][ T6490] NEXT_ORPHAN(inode)=2130706432
[   84.158506][ T6490] max_ino=32
[   84.161799][ T6490] i_nlink=1
[   84.209286][ T6496] loop0: detected capacity change from 0 to 256
[   84.223525][ T6498] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6498 comm=syz.5.957
[   84.238470][ T6498] loop9: detected capacity change from 0 to 7
[   84.245076][ T6498]  loop9: unable to read partition table
[   84.250859][ T6498] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   84.250859][ T6498] 
U�������) failed (rc=-5)
[   84.311840][ T6504] loop5: detected capacity change from 0 to 512
[   84.319987][ T6504] EXT4-fs (loop5): orphan cleanup on readonly fs
[   84.326796][ T6504] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.960: bad orphan inode 13
[   84.337521][ T6504] ext4_test_bit(bit=12, block=18) = 1
[   84.342959][ T6504] is_bad_inode(inode)=0
[   84.347202][ T6504] NEXT_ORPHAN(inode)=2130706432
[   84.352082][ T6504] max_ino=32
[   84.355367][ T6504] i_nlink=1
[   84.359983][ T6507] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6507 comm=syz.3.961
[   84.375626][ T6507] loop9: detected capacity change from 0 to 7
[   84.381928][ T6507]  loop9: unable to read partition table
[   84.388293][ T6507] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   84.388293][ T6507] 
U�������) failed (rc=-5)
[   84.453390][ T6513] loop3: detected capacity change from 0 to 2048
[   84.475897][ T6519] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6519 comm=syz.1.966
[   84.490545][ T6519] loop9: detected capacity change from 0 to 7
[   84.497114][ T6519]  loop9: unable to read partition table
[   84.503198][ T6519] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   84.503198][ T6519] 
U�������) failed (rc=-5)
[   84.555953][ T6527] loop3: detected capacity change from 0 to 1024
[   84.568855][ T6529] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6529 comm=syz.1.970
[   84.586651][ T6529] loop9: detected capacity change from 0 to 7
[   84.593189][ T6529]  loop9: unable to read partition table
[   84.599486][ T6529] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   84.599486][ T6529] 
U�������) failed (rc=-5)
[   84.611888][ T6527] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   84.638557][ T6527] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   84.650986][ T6527] EXT4-fs (loop3): This should not happen!! Data will be lost
[   84.650986][ T6527] 
[   84.660712][ T6527] EXT4-fs (loop3): Total free blocks count 0
[   84.666873][ T6527] EXT4-fs (loop3): Free/Dirty block details
[   84.672794][ T6527] EXT4-fs (loop3): free_blocks=68451041280
[   84.673661][ T6539] loop1: detected capacity change from 0 to 1024
[   84.678642][ T6527] EXT4-fs (loop3): dirty_blocks=16
[   84.690300][ T6527] EXT4-fs (loop3): Block reservation details
[   84.696445][ T6527] EXT4-fs (loop3): i_reserved_data_blocks=1
[   84.735828][ T6546] loop4: detected capacity change from 0 to 512
[   84.749153][ T6546] EXT4-fs (loop4): orphan cleanup on readonly fs
[   84.757962][ T6539] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   84.780624][ T6551] loop3: detected capacity change from 0 to 1024
[   84.780809][ T6549] loop5: detected capacity change from 0 to 1024
[   84.793824][ T6546] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.973: bad orphan inode 13
[   84.794336][ T6551] EXT4-fs: Ignoring removed orlov option
[   84.806273][ T6546] ext4_test_bit(bit=12, block=18) = 1
[   84.814968][ T6546] is_bad_inode(inode)=0
[   84.819224][ T6546] NEXT_ORPHAN(inode)=2130706432
[   84.824190][ T6546] max_ino=32
[   84.827400][ T6546] i_nlink=1
[   84.848333][ T6549] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   84.895395][ T6560] loop3: detected capacity change from 0 to 512
[   84.909055][ T6557] loop4: detected capacity change from 0 to 2048
[   84.919178][ T6562] loop5: detected capacity change from 0 to 2048
[   84.927742][ T6560] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.001116][ T6576] loop3: detected capacity change from 0 to 512
[   85.017131][ T6576] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.038806][ T6581] Cannot find del_set index 0 as target
[   85.083581][ T6583] lo speed is unknown, defaulting to 1000
[   85.139344][   T29] kauditd_printk_skb: 257 callbacks suppressed
[   85.139426][   T29] audit: type=1326 audit(1749350698.674:3575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6567 comm="syz.1.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856d2be929 code=0x7ffc0000
[   85.180870][   T29] audit: type=1326 audit(1749350698.674:3576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6567 comm="syz.1.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f856d2be929 code=0x7ffc0000
[   85.204414][   T29] audit: type=1326 audit(1749350698.674:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6567 comm="syz.1.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856d2be929 code=0x7ffc0000
[   85.228143][   T29] audit: type=1326 audit(1749350698.674:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6567 comm="syz.1.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f856d2be929 code=0x7ffc0000
[   85.251685][   T29] audit: type=1326 audit(1749350698.674:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6567 comm="syz.1.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856d2be929 code=0x7ffc0000
[   85.275576][   T29] audit: type=1326 audit(1749350698.674:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6567 comm="syz.1.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f856d2be929 code=0x7ffc0000
[   85.298799][   T29] audit: type=1326 audit(1749350698.674:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6567 comm="syz.1.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856d2be929 code=0x7ffc0000
[   85.322335][   T29] audit: type=1326 audit(1749350698.684:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6567 comm="syz.1.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856d2be929 code=0x7ffc0000
[   85.323168][ T6588] loop0: detected capacity change from 0 to 512
[   85.364973][ T6588] EXT4-fs (loop0): orphan cleanup on readonly fs
[   85.371625][ T6588] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.986: bad orphan inode 13
[   85.399335][ T6588] ext4_test_bit(bit=12, block=18) = 1
[   85.404900][ T6588] is_bad_inode(inode)=0
[   85.409154][ T6588] NEXT_ORPHAN(inode)=2130706432
[   85.414118][ T6588] max_ino=32
[   85.417361][ T6588] i_nlink=1
[   85.528374][ T6600] loop0: detected capacity change from 0 to 512
[   85.554053][ T6595] netlink: 'syz.3.989': attribute type 1 has an invalid length.
[   85.568362][ T6595] loop3: detected capacity change from 0 to 1024
[   85.576242][ T6600] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.579454][ T6595] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   85.610820][ T6595] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   85.625112][ T6595] EXT4-fs (loop3): orphan cleanup on readonly fs
[   85.632762][ T6595] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.989: bg 0: block 10: padding at end of block bitmap is not set
[   85.647557][ T6595] Quota error (device loop3): write_blk: dquota write failed
[   85.655006][ T6595] Quota error (device loop3): find_free_dqentry: Can't write quota data block 3
[   85.665359][ T6595] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.989: Failed to acquire dquot type 0
[   85.677416][ T6595] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.989: Failed to acquire dquot type 0
[   85.689439][ T6595] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.989: Freeing blocks not in datazone - block = 0, count = 4096
[   85.691128][ T6613] loop0: detected capacity change from 0 to 1024
[   85.710216][ T6613] EXT4-fs: Ignoring removed orlov option
[   85.710656][ T6595] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.989: Failed to acquire dquot type 0
[   85.727777][ T6614] loop1: detected capacity change from 0 to 512
[   85.735045][ T6614] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   85.754956][ T6614] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec028, mo2=0102]
[   85.763403][ T6595] EXT4-fs (loop3): 1 orphan inode deleted
[   85.774267][ T6614] System zones: 1-12
[   85.778664][ T6614] EXT4-fs (loop1): 1 truncate cleaned up
[   85.820210][ T6623] loop4: detected capacity change from 0 to 256
[   85.836998][ T6614] EXT4-fs warning (device loop1): ext4_group_extend:1862: can't shrink FS - resize aborted
[   85.862018][ T6622] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.872441][ T6622] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.928224][ T6626] loop5: detected capacity change from 0 to 512
[   85.937062][ T6626] EXT4-fs (loop5): orphan cleanup on readonly fs
[   85.943703][ T6626] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.998: bad orphan inode 13
[   85.953924][ T6626] ext4_test_bit(bit=12, block=18) = 1
[   85.960606][ T6626] is_bad_inode(inode)=0
[   85.964978][ T6626] NEXT_ORPHAN(inode)=2130706432
[   85.969882][ T6626] max_ino=32
[   85.973074][ T6626] i_nlink=1
[   85.998653][ T6629] loop3: detected capacity change from 0 to 512
[   86.016679][ T6629] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.127888][ T6639] loop5: detected capacity change from 0 to 512
[   86.140232][ T6639] EXT4-fs (loop5): orphan cleanup on readonly fs
[   86.147624][ T6639] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.1001: bad orphan inode 13
[   86.158098][ T6639] ext4_test_bit(bit=12, block=18) = 1
[   86.163541][ T6639] is_bad_inode(inode)=0
[   86.167741][ T6639] NEXT_ORPHAN(inode)=2130706432
[   86.172631][ T6639] max_ino=32
[   86.175912][ T6639] i_nlink=1
[   86.225552][ T6645] loop5: detected capacity change from 0 to 512
[   86.246789][ T6645] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.403584][ T6658] Cannot find del_set index 0 as target
[   86.418755][ T6656] loop5: detected capacity change from 0 to 1024
[   86.425868][ T6656] EXT4-fs: Ignoring removed orlov option
[   86.554265][ T6664] loop1: detected capacity change from 0 to 512
[   86.563657][ T6666] loop9: detected capacity change from 0 to 7
[   86.573790][ T6666] buffer_io_error: 12 callbacks suppressed
[   86.573803][ T6666] Buffer I/O error on dev loop9, logical block 0, async page read
[   86.612599][ T6666] Buffer I/O error on dev loop9, logical block 0, async page read
[   86.620880][ T6666]  loop9: unable to read partition table
[   86.629225][ T6666] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[   86.629225][ T6666] 
U�������) failed (rc=-5)
[   86.816521][ T6673] loop4: detected capacity change from 0 to 512
[   86.841391][ T6677] __nla_validate_parse: 40 callbacks suppressed
[   86.841463][ T6677] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1012'.
[   86.878411][ T6673] EXT4-fs (loop4): orphan cleanup on readonly fs
[   86.898011][ T6673] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.1013: bad orphan inode 13
[   86.914073][ T6673] ext4_test_bit(bit=12, block=18) = 1
[   86.919700][ T6673] is_bad_inode(inode)=0
[   86.924029][ T6673] NEXT_ORPHAN(inode)=2130706432
[   86.928926][ T6673] max_ino=32
[   86.932166][ T6673] i_nlink=1
[   86.938666][ T6689] Cannot find del_set index 0 as target
[   87.001748][ T6699] loop4: detected capacity change from 0 to 1024
[   87.027586][ T6699] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   87.065883][ T6708] loop4: detected capacity change from 0 to 512
[   87.074691][ T6709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1024'.
[   87.083927][ T6701] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1024'.
[   87.130777][ T6713] loop0: detected capacity change from 0 to 1024
[   87.156797][ T6717] loop5: detected capacity change from 0 to 512
[   87.163823][ T6717] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   87.203311][ T6717] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec028, mo2=0102]
[   87.212005][ T6717] System zones: 1-12
[   87.217076][ T6717] EXT4-fs (loop5): 1 truncate cleaned up
[   87.225419][ T6719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1027'.
[   87.258151][ T6717] EXT4-fs warning (device loop5): ext4_group_extend:1862: can't shrink FS - resize aborted
[   87.277457][ T6733] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1031'.
[   87.308706][ T6737] loop3: detected capacity change from 0 to 256
[   87.318391][ T6739] Cannot find del_set index 0 as target
[   87.326140][ T6733] loop0: detected capacity change from 0 to 2048
[   87.353571][ T6744] netlink: 232 bytes leftover after parsing attributes in process `syz.4.1034'.
[   87.375963][ T6744] loop4: detected capacity change from 0 to 2048
[   87.378090][ T6734] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1040'.
[   87.415760][ T6748] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1031'.
[   87.425740][ T6733] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1031'.
[   87.476917][ T6756] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1037'.
[   87.503085][ T6759] loop3: detected capacity change from 0 to 512
[   87.510464][ T6756] loop0: detected capacity change from 0 to 2048
[   87.514896][ T6761] loop1: detected capacity change from 0 to 1024
[   87.526776][ T6759] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.547606][ T6761] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   87.595358][ T6767] loop1: detected capacity change from 0 to 2048
[   87.673568][ T6776] Cannot find del_set index 0 as target
[   87.777840][ T6787] loop1: detected capacity change from 0 to 2048
[   87.876814][ T6796] loop3: detected capacity change from 0 to 1024
[   87.883396][ T6794] loop5: detected capacity change from 0 to 1024
[   87.884509][ T6796] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   87.914817][ T6796] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   87.923361][ T6796] EXT4-fs (loop3): orphan cleanup on readonly fs
[   87.931367][ T6796] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1052: bg 0: block 10: padding at end of block bitmap is not set
[   87.946661][ T6796] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1052: Failed to acquire dquot type 0
[   87.958412][ T6796] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1052: Failed to acquire dquot type 0
[   87.970058][ T6794] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   87.971387][ T6796] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.1052: Freeing blocks not in datazone - block = 0, count = 4096
[   88.004303][ T6796] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1052: Failed to acquire dquot type 0
[   88.024204][ T6796] EXT4-fs (loop3): 1 orphan inode deleted
[   88.041094][ T6806] loop5: detected capacity change from 0 to 512
[   88.055397][ T6806] EXT4-fs (loop5): orphan cleanup on readonly fs
[   88.063054][ T6806] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.1054: bad orphan inode 13
[   88.073445][ T6806] ext4_test_bit(bit=12, block=18) = 1
[   88.079063][ T6806] is_bad_inode(inode)=0
[   88.083333][ T6806] NEXT_ORPHAN(inode)=2130706432
[   88.088277][ T6806] max_ino=32
[   88.091504][ T6806] i_nlink=1
[   88.120625][ T6781] loop0: detected capacity change from 0 to 512
[   88.135728][ T6781] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[   88.146922][ T6816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.164498][ T6816] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.182478][ T6820] loop1: detected capacity change from 0 to 512
[   88.197073][ T6781] loop0: detected capacity change from 0 to 1024
[   88.218571][ T6823] loop4: detected capacity change from 0 to 512
[   88.220196][ T6820] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.270141][ T6823] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.452124][ T6838] loop0: detected capacity change from 0 to 1024
[   88.467692][ T6838] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   88.525406][ T6855] loop0: detected capacity change from 0 to 256
[   88.550815][ T6857] loop1: detected capacity change from 0 to 2048
[   88.667398][ T6861] loop0: detected capacity change from 0 to 1024
[   88.703076][ T6865] loop5: detected capacity change from 0 to 512
[   88.716823][ T6865] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.759531][ T6875] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[   88.793055][ T6877] Cannot find del_set index 0 as target
[   88.827157][ T6880] loop0: detected capacity change from 0 to 512
[   88.845208][ T6880] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   88.853363][ T6880] EXT4-fs (loop0): orphan cleanup on readonly fs
[   88.860038][ T6880] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   88.875009][ T6880] EXT4-fs (loop0): Cannot turn on quotas: error -117
[   88.882120][ T6880] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1075: bg 0: block 40: padding at end of block bitmap is not set
[   88.896711][ T6880] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   88.905745][ T6880] EXT4-fs (loop0): 1 truncate cleaned up
[   88.915256][ T6871] pimreg3: entered allmulticast mode
[   88.921301][ T6870] pimreg3: left allmulticast mode
[   89.092999][ T6892] loop3: detected capacity change from 0 to 1024
[   89.108391][ T6892] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   89.445772][ T6905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.502910][ T6905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.515933][ T6909] loop0: detected capacity change from 0 to 512
[   89.533063][ T6907] loop4: detected capacity change from 0 to 2048
[   89.607488][ T6909] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.626993][ T6913] 9pnet_fd: Insufficient options for proto=fd
[   89.730855][ T6916] loop1: detected capacity change from 0 to 736
[   89.748522][ T6916] rock: directory entry would overflow storage
[   89.754790][ T6916] rock: sig=0x3b10, size=4, remaining=3
[   89.912028][ T6949] loop0: detected capacity change from 0 to 2048
[   90.069400][ T6957] loop5: detected capacity change from 0 to 2048
[   90.081218][ T6959] loop3: detected capacity change from 0 to 1024
[   90.219070][ T6971] loop5: detected capacity change from 0 to 2048
[   90.310175][   T29] kauditd_printk_skb: 368 callbacks suppressed
[   90.310194][   T29] audit: type=1326 audit(1749350703.844:3934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.340257][   T29] audit: type=1326 audit(1749350703.844:3935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.363930][   T29] audit: type=1326 audit(1749350703.844:3936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.387436][   T29] audit: type=1326 audit(1749350703.844:3937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.410909][   T29] audit: type=1326 audit(1749350703.844:3938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.434537][   T29] audit: type=1326 audit(1749350703.844:3939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.458024][   T29] audit: type=1326 audit(1749350703.844:3940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.481469][   T29] audit: type=1326 audit(1749350703.844:3941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.505122][   T29] audit: type=1326 audit(1749350703.844:3942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.529144][   T29] audit: type=1326 audit(1749350703.844:3943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6974 comm="syz.5.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   90.623222][ T6991] loop5: detected capacity change from 0 to 256
[   90.910835][ T6996] loop1: detected capacity change from 0 to 512
[   90.957673][ T6996] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.166685][ T7006] loop0: detected capacity change from 0 to 1024
[   91.239016][ T7015] loop3: detected capacity change from 0 to 512
[   91.265973][ T7015] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.398175][ T7026] loop0: detected capacity change from 0 to 1024
[   91.485856][ T7026] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   91.585197][ T7037] netlink: 'syz.4.1120': attribute type 1 has an invalid length.
[   91.603186][ T7037] loop4: detected capacity change from 0 to 1024
[   91.611222][ T7051] binfmt_misc: register: failed to install interpreter file ./file2
[   91.611497][ T7037] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   91.632978][ T7037] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   91.641287][ T7037] EXT4-fs (loop4): orphan cleanup on readonly fs
[   91.649215][ T7037] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1120: bg 0: block 10: padding at end of block bitmap is not set
[   91.665060][ T7037] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1120: Failed to acquire dquot type 0
[   91.676578][ T7037] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1120: Failed to acquire dquot type 0
[   91.688034][ T7037] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.1120: Freeing blocks not in datazone - block = 0, count = 4096
[   91.702528][ T7037] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1120: Failed to acquire dquot type 0
[   91.714114][ T7037] EXT4-fs (loop4): 1 orphan inode deleted
[   91.907670][ T7067] __nla_validate_parse: 35 callbacks suppressed
[   91.907684][ T7067] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1129'.
[   92.149979][ T7084] loop4: detected capacity change from 0 to 512
[   92.191290][ T7084] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.386839][ T7096] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1134'.
[   92.415530][ T7098] loop3: detected capacity change from 0 to 1024
[   92.462828][ T7104] Cannot find del_set index 0 as target
[   92.470263][ T7098] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   92.519763][ T7109] loop0: detected capacity change from 0 to 512
[   92.536171][ T7109] ext4 filesystem being mounted at /216/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.574117][ T7113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1141'.
[   92.622031][ T7122] loop0: detected capacity change from 0 to 164
[   92.635991][ T7125] lo speed is unknown, defaulting to 1000
[   92.667608][ T7125] loop1: detected capacity change from 0 to 512
[   92.711450][ T7125] EXT4-fs (loop1): 1 orphan inode deleted
[   92.713814][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1147'.
[   92.719804][ T7125] ext4 filesystem being mounted at /249/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.746639][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1147'.
[   92.747246][   T54] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[   92.802272][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1147'.
[   92.823385][ T7143] loop3: detected capacity change from 0 to 1024
[   92.831965][ T7143] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   92.835142][ T7146] loop1: detected capacity change from 0 to 1024
[   92.853830][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1147'.
[   92.866184][ T7143] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   92.874937][ T7143] EXT4-fs (loop3): orphan cleanup on readonly fs
[   92.882745][ T7143] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1147: bg 0: block 10: padding at end of block bitmap is not set
[   92.899357][ T7156] loop5: detected capacity change from 0 to 512
[   92.900551][ T7146] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   92.922408][ T7143] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1147: Failed to acquire dquot type 0
[   92.938581][ T7156] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.949521][ T7148] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1148'.
[   92.949991][ T7143] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1147: Failed to acquire dquot type 0
[   92.972747][ T7143] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.1147: Freeing blocks not in datazone - block = 0, count = 4096
[   92.982710][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1147'.
[   92.986836][ T7143] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1147: Failed to acquire dquot type 0
[   93.006970][ T7143] EXT4-fs (loop3): 1 orphan inode deleted
[   93.015788][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1147'.
[   93.052609][ T7161] loop1: detected capacity change from 0 to 2048
[   93.071813][ T7165] loop5: detected capacity change from 0 to 512
[   93.086363][ T7165] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.102319][ T7169] loop3: detected capacity change from 0 to 128
[   93.110873][ T7169] ext4 filesystem being mounted at /245/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   93.127222][ T7171] loop0: detected capacity change from 0 to 256
[   93.186655][ T7174] loop1: detected capacity change from 0 to 1024
[   93.246570][ T7184] FAULT_INJECTION: forcing a failure.
[   93.246570][ T7184] name failslab, interval 1, probability 0, space 0, times 0
[   93.259440][ T7184] CPU: 1 UID: 0 PID: 7184 Comm: syz.1.1161 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[   93.259483][ T7184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.259499][ T7184] Call Trace:
[   93.259506][ T7184]  <TASK>
[   93.259515][ T7184]  __dump_stack+0x1d/0x30
[   93.259541][ T7184]  dump_stack_lvl+0xe8/0x140
[   93.259564][ T7184]  dump_stack+0x15/0x1b
[   93.259581][ T7184]  should_fail_ex+0x265/0x280
[   93.259664][ T7184]  should_failslab+0x8c/0xb0
[   93.259688][ T7184]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   93.259717][ T7184]  ? __d_alloc+0x3d/0x350
[   93.259749][ T7184]  ? css_rstat_updated+0xcd/0x5b0
[   93.259883][ T7184]  __d_alloc+0x3d/0x350
[   93.259949][ T7184]  d_alloc_parallel+0x53/0xc40
[   93.260022][ T7184]  ? selinux_inode_permission+0x532/0x620
[   93.260057][ T7184]  ? make_vfsuid+0x49/0xa0
[   93.260139][ T7184]  ? lockref_get_not_dead+0x120/0x1c0
[   93.260258][ T7184]  ? __rcu_read_unlock+0x4f/0x70
[   93.260288][ T7184]  __lookup_slow+0x8c/0x250
[   93.260320][ T7184]  lookup_slow+0x3c/0x60
[   93.260352][ T7184]  walk_component+0x1ec/0x220
[   93.260428][ T7184]  path_lookupat+0xfe/0x2a0
[   93.260495][ T7184]  filename_lookup+0x147/0x340
[   93.260542][ T7184]  kern_path+0x3b/0x130
[   93.260582][ T7184]  bpf_uprobe_multi_link_attach+0x232/0x8f0
[   93.260619][ T7184]  ? kstrtouint+0x76/0xc0
[   93.260710][ T7184]  ? __rcu_read_unlock+0x4f/0x70
[   93.260738][ T7184]  ? __fget_files+0x184/0x1c0
[   93.260771][ T7184]  link_create+0x666/0x6c0
[   93.260798][ T7184]  __sys_bpf+0x4c7/0x790
[   93.260946][ T7184]  __x64_sys_bpf+0x41/0x50
[   93.260978][ T7184]  x64_sys_call+0x2478/0x2fb0
[   93.261036][ T7184]  do_syscall_64+0xd2/0x200
[   93.261068][ T7184]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.261095][ T7184]  ? clear_bhb_loop+0x40/0x90
[   93.261143][ T7184]  ? clear_bhb_loop+0x40/0x90
[   93.261171][ T7184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.261196][ T7184] RIP: 0033:0x7f856d2be929
[   93.261294][ T7184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.261318][ T7184] RSP: 002b:00007f856b927038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.261337][ T7184] RAX: ffffffffffffffda RBX: 00007f856d4e5fa0 RCX: 00007f856d2be929
[   93.261349][ T7184] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c
[   93.261361][ T7184] RBP: 00007f856b927090 R08: 0000000000000000 R09: 0000000000000000
[   93.261375][ T7184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.261457][ T7184] R13: 0000000000000000 R14: 00007f856d4e5fa0 R15: 00007ffc83dcac58
[   93.261551][ T7184]  </TASK>
[   93.559138][ T7190] tipc: New replicast peer: 172.30.1.2
[   93.564781][ T7190] tipc: Enabled bearer <udp:syz2>, priority 10
[   93.610731][ T7194] loop3: detected capacity change from 0 to 1024
[   93.649129][ T7194] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   93.694107][ T7202] loop1: detected capacity change from 0 to 512
[   93.717088][ T7202] ext4 filesystem being mounted at /256/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.723809][ T7215] Cannot find del_set index 0 as target
[   93.803398][ T7222] loop4: detected capacity change from 0 to 2048
[   93.811644][ T7224] loop5: detected capacity change from 0 to 512
[   93.826366][ T7224] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.826574][ T7226] loop1: detected capacity change from 0 to 512
[   93.844120][ T7226] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   93.855048][ T7226] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1173: invalid block
[   93.869595][ T7226] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1173: invalid indirect mapped block 4294967295 (level 1)
[   93.885371][ T7226] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1173: invalid indirect mapped block 4294967295 (level 1)
[   93.899863][ T7226] EXT4-fs (loop1): 2 truncates cleaned up
[   93.908551][ T7226] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz.1.1173: path /257/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0
[   93.932683][ T7226] ������: renamed from vlan1
[   94.052041][ T7244] loop0: detected capacity change from 0 to 1024
[   94.072282][ T7244] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   94.106674][ T7246] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.161209][ T7246] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.204591][ T7254] loop0: detected capacity change from 0 to 1024
[   94.211318][ T7254] EXT4-fs: Ignoring removed oldalloc option
[   94.217494][ T7254] EXT4-fs: dax option not supported
[   94.234267][ T7246] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.277455][ T7246] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.331371][ T7246] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.342767][ T7246] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.354344][ T7246] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.365605][ T7246] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.418928][ T7265] loop5: detected capacity change from 0 to 512
[   94.437539][ T7265] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.473732][ T7269] sd 0:0:1:0: device reset
[   94.489862][ T7269] loop5: detected capacity change from 0 to 512
[   94.506082][ T7269] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.638033][ T7275] loop3: detected capacity change from 0 to 512
[   94.655925][ T7275] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.702857][ T7280] loop4: detected capacity change from 0 to 256
[   94.799783][ T7282] loop0: detected capacity change from 0 to 1024
[   94.807039][ T7282] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   94.818198][ T7282] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   94.826274][ T7282] EXT4-fs (loop0): orphan cleanup on readonly fs
[   94.833585][ T7282] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1188: bg 0: block 10: padding at end of block bitmap is not set
[   94.848588][ T7282] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1188: Failed to acquire dquot type 0
[   94.860701][ T7282] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1188: Failed to acquire dquot type 0
[   94.872392][ T7282] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.1188: Freeing blocks not in datazone - block = 0, count = 4096
[   94.892987][ T7282] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1188: Failed to acquire dquot type 0
[   94.905146][ T7282] EXT4-fs (loop0): 1 orphan inode deleted
[   94.949321][ T7293] veth0: entered promiscuous mode
[   94.966029][ T7293] veth0: left promiscuous mode
[   94.971283][ T7289] loop1: detected capacity change from 0 to 1024
[   94.979001][ T7289] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   94.993714][ T7289] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   95.001896][ T7300] loop3: detected capacity change from 0 to 1024
[   95.002334][ T7289] EXT4-fs (loop1): orphan cleanup on readonly fs
[   95.016996][ T7289] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1189: bg 0: block 10: padding at end of block bitmap is not set
[   95.031936][ T7289] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1189: Failed to acquire dquot type 0
[   95.032847][ T7300] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   95.043624][ T7289] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1189: Failed to acquire dquot type 0
[   95.072198][ T7289] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1189: Freeing blocks not in datazone - block = 0, count = 4096
[   95.085979][ T7306] loop0: detected capacity change from 0 to 1024
[   95.087515][ T7289] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1189: Failed to acquire dquot type 0
[   95.093582][ T7306] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   95.115027][ T7306] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   95.123282][ T7289] EXT4-fs (loop1): 1 orphan inode deleted
[   95.130057][ T7306] EXT4-fs (loop0): orphan cleanup on readonly fs
[   95.139704][ T7306] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1191: bg 0: block 10: padding at end of block bitmap is not set
[   95.156581][ T7311] FAULT_INJECTION: forcing a failure.
[   95.156581][ T7311] name failslab, interval 1, probability 0, space 0, times 0
[   95.158350][ T7306] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1191: Failed to acquire dquot type 0
[   95.169265][ T7311] CPU: 1 UID: 0 PID: 7311 Comm: syz.3.1193 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[   95.169321][ T7311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.169371][ T7311] Call Trace:
[   95.169382][ T7311]  <TASK>
[   95.169394][ T7311]  __dump_stack+0x1d/0x30
[   95.169422][ T7311]  dump_stack_lvl+0xe8/0x140
[   95.169449][ T7311]  dump_stack+0x15/0x1b
[   95.169471][ T7311]  should_fail_ex+0x265/0x280
[   95.169575][ T7311]  ? __pfx_ip6_dst_gc+0x10/0x10
[   95.169601][ T7311]  should_failslab+0x8c/0xb0
[   95.169634][ T7311]  kmem_cache_alloc_noprof+0x50/0x310
[   95.169717][ T7311]  ? dst_alloc+0xbd/0x100
[   95.169742][ T7311]  ? __pfx_ip6_dst_gc+0x10/0x10
[   95.169767][ T7311]  dst_alloc+0xbd/0x100
[   95.169821][ T7311]  ip6_pol_route+0x6bf/0xb40
[   95.169849][ T7311]  ? ip6_pol_route+0x389/0xb40
[   95.169889][ T7311]  ip6_pol_route_output+0x40/0x50
[   95.169920][ T7311]  ? __pfx_ip6_pol_route_output+0x10/0x10
[   95.169992][ T7311]  fib6_rule_lookup+0x112/0x470
[   95.170031][ T7311]  ? __pfx_ip6_pol_route_output+0x10/0x10
[   95.170134][ T7311]  ? fixup_exception+0x72e/0xd00
[   95.170161][ T7311]  ? dev_get_by_index_rcu+0xa0/0xc0
[   95.170198][ T7311]  ip6_route_output_flags+0x1e0/0x2c0
[   95.170252][ T7311]  ip6_dst_lookup_tail+0xb6/0xab0
[   95.170291][ T7311]  ? kernelmode_fixup_or_oops+0x59/0xb0
[   95.170338][ T7311]  ? exc_page_fault+0x62/0xa0
[   95.170449][ T7311]  ? xas_load+0x413/0x430
[   95.170473][ T7311]  ? xas_load+0x413/0x430
[   95.170500][ T7311]  ? __rcu_read_unlock+0x4f/0x70
[   95.170530][ T7311]  ? xa_load+0xb1/0xe0
[   95.170560][ T7311]  ip6_dst_lookup_flow+0x47/0xc0
[   95.170633][ T7311]  l2tp_ip6_sendmsg+0x96e/0xd00
[   95.170689][ T7311]  ? __pfx_l2tp_ip6_sendmsg+0x10/0x10
[   95.170730][ T7311]  inet_sendmsg+0xc2/0xd0
[   95.170763][ T7311]  __sock_sendmsg+0x102/0x180
[   95.170864][ T7311]  ____sys_sendmsg+0x345/0x4e0
[   95.170909][ T7311]  ___sys_sendmsg+0x17b/0x1d0
[   95.171004][ T7311]  __sys_sendmmsg+0x178/0x300
[   95.171050][ T7311]  __x64_sys_sendmmsg+0x57/0x70
[   95.171090][ T7311]  x64_sys_call+0x2f2f/0x2fb0
[   95.171120][ T7311]  do_syscall_64+0xd2/0x200
[   95.171220][ T7311]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.171256][ T7311]  ? clear_bhb_loop+0x40/0x90
[   95.171284][ T7311]  ? clear_bhb_loop+0x40/0x90
[   95.171314][ T7311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.171366][ T7311] RIP: 0033:0x7f62b26ee929
[   95.171386][ T7311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.171410][ T7311] RSP: 002b:00007f62b0d57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   95.171433][ T7311] RAX: ffffffffffffffda RBX: 00007f62b2915fa0 RCX: 00007f62b26ee929
[   95.171481][ T7311] RDX: 0000000000000001 RSI: 0000200000008940 RDI: 0000000000000003
[   95.171495][ T7311] RBP: 00007f62b0d57090 R08: 0000000000000000 R09: 0000000000000000
[   95.171508][ T7311] R10: 00000000040400e4 R11: 0000000000000246 R12: 0000000000000001
[   95.171524][ T7311] R13: 0000000000000000 R14: 00007f62b2915fa0 R15: 00007ffd4486e468
[   95.171550][ T7311]  </TASK>
[   95.340646][ T7318] loop3: detected capacity change from 0 to 2048
[   95.341229][ T7306] __quota_error: 296 callbacks suppressed
[   95.341244][ T7306] Quota error (device loop0): write_blk: dquota write failed
[   95.505761][ T7306] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3
[   95.515199][ T7306] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[   95.525212][ T7306] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1191: Failed to acquire dquot type 0
[   95.537808][ T7306] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.1191: Freeing blocks not in datazone - block = 0, count = 4096
[   95.562394][   T29] audit: type=1326 audit(1749350709.094:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   95.594984][ T7306] Quota error (device loop0): write_blk: dquota write failed
[   95.602501][ T7306] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3
[   95.615838][   T29] audit: type=1326 audit(1749350709.124:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   95.632129][ T7306] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[   95.639504][   T29] audit: type=1326 audit(1749350709.124:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   95.672956][   T29] audit: type=1326 audit(1749350709.124:4203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba30be929 code=0x7ffc0000
[   95.675160][ T7306] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1191: Failed to acquire dquot type 0
[   95.734800][ T7306] EXT4-fs (loop0): 1 orphan inode deleted
[   95.786200][ T7335] FAULT_INJECTION: forcing a failure.
[   95.786200][ T7335] name failslab, interval 1, probability 0, space 0, times 0
[   95.799072][ T7335] CPU: 0 UID: 0 PID: 7335 Comm: syz.4.1203 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[   95.799102][ T7335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.799114][ T7335] Call Trace:
[   95.799120][ T7335]  <TASK>
[   95.799127][ T7335]  __dump_stack+0x1d/0x30
[   95.799167][ T7335]  dump_stack_lvl+0xe8/0x140
[   95.799188][ T7335]  dump_stack+0x15/0x1b
[   95.799247][ T7335]  should_fail_ex+0x265/0x280
[   95.799272][ T7335]  should_failslab+0x8c/0xb0
[   95.799296][ T7335]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   95.799325][ T7335]  ? shmem_alloc_inode+0x34/0x50
[   95.799408][ T7335]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   95.799428][ T7335]  shmem_alloc_inode+0x34/0x50
[   95.799450][ T7335]  alloc_inode+0x3d/0x170
[   95.799475][ T7335]  new_inode+0x1d/0xe0
[   95.799503][ T7335]  shmem_get_inode+0x244/0x750
[   95.799552][ T7335]  __shmem_file_setup+0x113/0x210
[   95.799605][ T7335]  shmem_file_setup+0x3b/0x50
[   95.799740][ T7335]  __se_sys_memfd_create+0x2c3/0x590
[   95.799768][ T7335]  __x64_sys_memfd_create+0x31/0x40
[   95.799811][ T7335]  x64_sys_call+0x122f/0x2fb0
[   95.799837][ T7335]  do_syscall_64+0xd2/0x200
[   95.799864][ T7335]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.799992][ T7335]  ? clear_bhb_loop+0x40/0x90
[   95.800021][ T7335]  ? clear_bhb_loop+0x40/0x90
[   95.800049][ T7335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.800079][ T7335] RIP: 0033:0x7f6d6b7be929
[   95.800099][ T7335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.800122][ T7335] RSP: 002b:00007f6d69e26e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   95.800146][ T7335] RAX: ffffffffffffffda RBX: 000000000000045d RCX: 00007f6d6b7be929
[   95.800218][ T7335] RDX: 00007f6d69e26ef0 RSI: 0000000000000000 RDI: 00007f6d6b8414cc
[   95.800279][ T7335] RBP: 0000200000001480 R08: 00007f6d69e26bb7 R09: 00007f6d69e26e40
[   95.800296][ T7335] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000100
[   95.800312][ T7335] R13: 00007f6d69e26ef0 R14: 00007f6d69e26eb0 R15: 0000200000000040
[   95.800337][ T7335]  </TASK>
[   96.044543][ T7343] random: crng reseeded on system resumption
[   96.087696][ T7343] loop4: detected capacity change from 0 to 512
[   96.104212][ T7343] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   96.106565][ T7347] loop1: detected capacity change from 0 to 2048
[   96.164691][ T7343] EXT4-fs (loop4): 1 orphan inode deleted
[   96.170577][ T7343] EXT4-fs (loop4): 1 truncate cleaned up
[   96.195598][ T7353] loop3: detected capacity change from 0 to 512
[   96.215415][ T7353] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1208: bg 0: block 16: invalid block bitmap
[   96.246546][ T7353] EXT4-fs (loop3): Remounting filesystem read-only
[   96.253206][ T7353] EXT4-fs (loop3): 1 truncate cleaned up
[   96.307390][ T7357] loop5: detected capacity change from 0 to 1024
[   96.327190][ T7357] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   96.347812][ T7357] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   96.356274][ T7357] EXT4-fs (loop5): orphan cleanup on readonly fs
[   96.377390][ T7357] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1210: bg 0: block 10: padding at end of block bitmap is not set
[   96.396938][ T7357] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1210: Failed to acquire dquot type 0
[   96.409448][ T7357] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1210: Failed to acquire dquot type 0
[   96.421798][ T7357] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.1210: Freeing blocks not in datazone - block = 0, count = 4096
[   96.436272][ T7357] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1210: Failed to acquire dquot type 0
[   96.448013][ T7357] EXT4-fs (loop5): 1 orphan inode deleted
[   96.463804][ T7366] loop3: detected capacity change from 0 to 1024
[   96.476775][ T7366] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   96.490056][ T7366] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   96.498419][ T7366] EXT4-fs (loop3): orphan cleanup on readonly fs
[   96.504582][ T7380] lo speed is unknown, defaulting to 1000
[   96.512801][ T7366] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1211: bg 0: block 10: padding at end of block bitmap is not set
[   96.538025][ T7366] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1211: Failed to acquire dquot type 0
[   96.550190][ T7366] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1211: Failed to acquire dquot type 0
[   96.561934][ T7366] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.1211: Freeing blocks not in datazone - block = 0, count = 4096
[   96.576790][ T7366] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1211: Failed to acquire dquot type 0
[   96.588321][ T7366] EXT4-fs (loop3): 1 orphan inode deleted
[   96.612985][ T7385] loop4: detected capacity change from 0 to 512
[   96.659576][ T7385] EXT4-fs (loop4): 1 orphan inode deleted
[   96.666105][ T7385] ext4 filesystem being mounted at /246/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.677428][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[   96.744983][ T7401] loop0: detected capacity change from 0 to 128
[   97.065332][ T7406] syz.3.1220 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   97.181301][ T7406] SELinux:  policydb magic number 0x4c0000 does not match expected magic number 0xf97cff8c
[   97.216977][ T7406] SELinux: failed to load policy
[   97.475924][ T7413] __nla_validate_parse: 44 callbacks suppressed
[   97.475968][ T7413] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1222'.
[   97.515850][ T7416] loop4: detected capacity change from 0 to 512
[   97.569045][ T7420] loop0: detected capacity change from 0 to 1024
[   97.582866][ T7420] EXT4-fs: Ignoring removed nomblk_io_submit option
[   97.589868][ T7410] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1222'.
[   97.627144][ T7416] EXT4-fs (loop4): orphan cleanup on readonly fs
[   97.634376][ T7416] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.1219: bad orphan inode 13
[   97.695047][ T7416] ext4_test_bit(bit=12, block=18) = 1
[   97.700561][ T7416] is_bad_inode(inode)=0
[   97.704837][ T7416] NEXT_ORPHAN(inode)=2130706432
[   97.709741][ T7416] max_ino=32
[   97.712956][ T7416] i_nlink=1
[   97.747518][ T7426] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1225'.
[   97.810286][ T7429] loop1: detected capacity change from 0 to 2048
[   97.872183][ T7429] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   97.933847][ T7429] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   97.946538][ T7429] EXT4-fs (loop1): This should not happen!! Data will be lost
[   97.946538][ T7429] 
[   97.956409][ T7429] EXT4-fs (loop1): Total free blocks count 0
[   97.962475][ T7429] EXT4-fs (loop1): Free/Dirty block details
[   97.968610][ T7429] EXT4-fs (loop1): free_blocks=2415919104
[   97.974582][ T7429] EXT4-fs (loop1): dirty_blocks=16
[   97.979756][ T7429] EXT4-fs (loop1): Block reservation details
[   97.985913][ T7429] EXT4-fs (loop1): i_reserved_data_blocks=1
[   97.993969][ T7439] lo speed is unknown, defaulting to 1000
[   98.128050][ T7459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1236'.
[   98.145884][ T7464] loop0: detected capacity change from 0 to 512
[   98.165351][ T7459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1236'.
[   98.179371][ T7466] FAULT_INJECTION: forcing a failure.
[   98.179371][ T7466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.192519][ T7466] CPU: 0 UID: 0 PID: 7466 Comm: syz.5.1239 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[   98.192551][ T7466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.192567][ T7466] Call Trace:
[   98.192575][ T7466]  <TASK>
[   98.192585][ T7466]  __dump_stack+0x1d/0x30
[   98.192611][ T7466]  dump_stack_lvl+0xe8/0x140
[   98.192682][ T7466]  dump_stack+0x15/0x1b
[   98.192698][ T7466]  should_fail_ex+0x265/0x280
[   98.192727][ T7466]  should_fail+0xb/0x20
[   98.192744][ T7466]  should_fail_usercopy+0x1a/0x20
[   98.192845][ T7466]  _copy_from_iter+0xcf/0xe40
[   98.192876][ T7466]  ? skb_set_owner_w+0x16a/0x1c0
[   98.192968][ T7466]  ? sock_alloc_send_pskb+0x456/0x4f0
[   98.192995][ T7466]  skb_copy_datagram_from_iter+0xb1/0x490
[   98.193022][ T7466]  ? __rcu_read_unlock+0x4f/0x70
[   98.193044][ T7466]  ? skb_put+0xa9/0xf0
[   98.193063][ T7466]  packet_sendmsg+0x25ef/0x3240
[   98.193231][ T7466]  ? __rcu_read_unlock+0x4f/0x70
[   98.193256][ T7466]  ? avc_has_perm+0xd3/0x150
[   98.193296][ T7466]  ? selinux_socket_sendmsg+0x175/0x1b0
[   98.193349][ T7466]  ? __pfx_packet_sendmsg+0x10/0x10
[   98.193378][ T7466]  __sock_sendmsg+0x142/0x180
[   98.193408][ T7466]  ____sys_sendmsg+0x345/0x4e0
[   98.193435][ T7466]  ___sys_sendmsg+0x17b/0x1d0
[   98.193473][ T7466]  __sys_sendmmsg+0x178/0x300
[   98.193507][ T7466]  __x64_sys_sendmmsg+0x57/0x70
[   98.193570][ T7466]  x64_sys_call+0x2f2f/0x2fb0
[   98.193593][ T7466]  do_syscall_64+0xd2/0x200
[   98.193617][ T7466]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.193646][ T7466]  ? clear_bhb_loop+0x40/0x90
[   98.193714][ T7466]  ? clear_bhb_loop+0x40/0x90
[   98.193736][ T7466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.193758][ T7466] RIP: 0033:0x7ffba30be929
[   98.193774][ T7466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.193844][ T7466] RSP: 002b:00007ffba1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   98.193863][ T7466] RAX: ffffffffffffffda RBX: 00007ffba32e5fa0 RCX: 00007ffba30be929
[   98.193882][ T7466] RDX: 0000000000000001 RSI: 0000200000000440 RDI: 0000000000000005
[   98.193895][ T7466] RBP: 00007ffba1727090 R08: 0000000000000000 R09: 0000000000000000
[   98.193907][ T7466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.193920][ T7466] R13: 0000000000000000 R14: 00007ffba32e5fa0 R15: 00007ffe76be1868
[   98.193939][ T7466]  </TASK>
[   98.248638][ T7464] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.319736][ T7474] loop4: detected capacity change from 0 to 1024
[   98.349607][ T7459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1236'.
[   98.366970][ T7470] loop1: detected capacity change from 0 to 1024
[   98.386333][ T7459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1236'.
[   98.398614][ T7470] EXT4-fs: Ignoring removed oldalloc option
[   98.401708][ T7474] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   98.409465][ T7470] EXT4-fs: dax option not supported
[   98.514545][ T7474] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   98.537489][ T7474] EXT4-fs (loop4): orphan cleanup on readonly fs
[   98.548193][ T7474] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1236: bg 0: block 10: padding at end of block bitmap is not set
[   98.562857][ T7474] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1236: Failed to acquire dquot type 0
[   98.574551][ T7459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1236'.
[   98.584107][ T7459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1236'.
[   98.594764][ T7474] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1236: Failed to acquire dquot type 0
[   98.606607][ T7474] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.1236: Freeing blocks not in datazone - block = 0, count = 4096
[   98.620334][ T7474] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1236: Failed to acquire dquot type 0
[   98.632460][ T7474] EXT4-fs (loop4): 1 orphan inode deleted
[   98.689022][ T7485] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1243'.
[   98.702309][ T7486] loop4: detected capacity change from 0 to 512
[   98.755614][ T7493] loop5: detected capacity change from 0 to 1024
[   98.772798][ T7493] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   98.783721][ T7495] blkio.reset_stats is deprecated
[   98.793170][ T7495] loop4: detected capacity change from 0 to 512
[   98.806550][ T7493] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   98.823925][ T7493] EXT4-fs (loop5): orphan cleanup on readonly fs
[   98.830655][ T7495] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   98.841680][ T7493] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1243: bg 0: block 10: padding at end of block bitmap is not set
[   98.858604][ T7493] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1243: Failed to acquire dquot type 0
[   98.871472][ T7493] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1243: Failed to acquire dquot type 0
[   98.884302][ T7493] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.1243: Freeing blocks not in datazone - block = 0, count = 4096
[   98.898651][ T7495] EXT4-fs (loop4): 1 truncate cleaned up
[   98.904996][ T7493] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1243: Failed to acquire dquot type 0
[   98.918366][ T7493] EXT4-fs (loop5): 1 orphan inode deleted
[   98.969043][ T7507] loop3: detected capacity change from 0 to 2048
[   98.989982][ T7507] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   99.005255][ T7507] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   99.017577][ T7507] EXT4-fs (loop3): This should not happen!! Data will be lost
[   99.017577][ T7507] 
[   99.018804][ T7511] loop5: detected capacity change from 0 to 2048
[   99.027392][ T7507] EXT4-fs (loop3): Total free blocks count 0
[   99.034647][ T7511] EXT4-fs: Ignoring removed mblk_io_submit option
[   99.039711][ T7507] EXT4-fs (loop3): Free/Dirty block details
[   99.052198][ T7507] EXT4-fs (loop3): free_blocks=2415919104
[   99.058065][ T7507] EXT4-fs (loop3): dirty_blocks=16
[   99.063291][ T7507] EXT4-fs (loop3): Block reservation details
[   99.069376][ T7507] EXT4-fs (loop3): i_reserved_data_blocks=1
[   99.104921][ T7516] 9pnet_fd: Insufficient options for proto=fd
[   99.148525][ T7518] loop3: detected capacity change from 0 to 1024
[   99.257925][ T7527] loop3: detected capacity change from 0 to 2048
[   99.265908][ T7529] FAULT_INJECTION: forcing a failure.
[   99.265908][ T7529] name failslab, interval 1, probability 0, space 0, times 0
[   99.278634][ T7529] CPU: 1 UID: 0 PID: 7529 Comm: syz.5.1252 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[   99.278668][ T7529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.278687][ T7529] Call Trace:
[   99.278694][ T7529]  <TASK>
[   99.278702][ T7529]  __dump_stack+0x1d/0x30
[   99.278727][ T7529]  dump_stack_lvl+0xe8/0x140
[   99.278767][ T7529]  dump_stack+0x15/0x1b
[   99.278785][ T7529]  should_fail_ex+0x265/0x280
[   99.278808][ T7529]  ? resv_map_alloc+0x57/0x190
[   99.278838][ T7529]  should_failslab+0x8c/0xb0
[   99.278866][ T7529]  __kmalloc_cache_noprof+0x4c/0x320
[   99.278954][ T7529]  resv_map_alloc+0x57/0x190
[   99.278988][ T7529]  hugetlbfs_get_inode+0x67/0x370
[   99.279034][ T7529]  hugetlb_file_setup+0x192/0x3d0
[   99.279182][ T7529]  ksys_mmap_pgoff+0x157/0x310
[   99.279206][ T7529]  x64_sys_call+0x1602/0x2fb0
[   99.279226][ T7529]  do_syscall_64+0xd2/0x200
[   99.279246][ T7529]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.279270][ T7529]  ? clear_bhb_loop+0x40/0x90
[   99.279331][ T7529]  ? clear_bhb_loop+0x40/0x90
[   99.279350][ T7529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.279501][ T7529] RIP: 0033:0x7ffba30be929
[   99.279522][ T7529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.279538][ T7529] RSP: 002b:00007ffba1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   99.279555][ T7529] RAX: ffffffffffffffda RBX: 00007ffba32e5fa0 RCX: 00007ffba30be929
[   99.279602][ T7529] RDX: 000000000300000c RSI: 0000000000c00000 RDI: 0000200000400000
[   99.279613][ T7529] RBP: 00007ffba1727090 R08: ffffffffffffffff R09: 0000000000000000
[   99.279624][ T7529] R10: 0000000000050032 R11: 0000000000000246 R12: 0000000000000001
[   99.279635][ T7529] R13: 0000000000000000 R14: 00007ffba32e5fa0 R15: 00007ffe76be1868
[   99.279652][ T7529]  </TASK>
[   99.523899][ T7538] loop4: detected capacity change from 0 to 2048
[   99.567482][ T7541] loop5: detected capacity change from 0 to 256
[   99.620724][ T7546] loop4: detected capacity change from 0 to 1024
[   99.628336][ T7546] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   99.640078][ T7546] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   99.648195][ T7546] EXT4-fs (loop4): orphan cleanup on readonly fs
[   99.657216][ T7546] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1259: bg 0: block 10: padding at end of block bitmap is not set
[   99.671928][ T7546] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1259: Failed to acquire dquot type 0
[   99.679020][ T7554] loop3: detected capacity change from 0 to 1024
[   99.690886][ T7546] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1259: Failed to acquire dquot type 0
[   99.703976][ T7546] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.1259: Freeing blocks not in datazone - block = 0, count = 4096
[   99.718158][ T7546] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1259: Failed to acquire dquot type 0
[   99.730797][ T7546] EXT4-fs (loop4): 1 orphan inode deleted
[   99.773748][ T7558] loop3: detected capacity change from 0 to 1024
[   99.794600][ T7558] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   99.794755][ T7560] loop4: detected capacity change from 0 to 2048
[   99.805827][ T7558] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   99.831743][ T7562] FAULT_INJECTION: forcing a failure.
[   99.831743][ T7562] name failslab, interval 1, probability 0, space 0, times 0
[   99.844490][ T7562] CPU: 0 UID: 0 PID: 7562 Comm: syz.0.1265 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[   99.844519][ T7562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.844531][ T7562] Call Trace:
[   99.844537][ T7562]  <TASK>
[   99.844544][ T7562]  __dump_stack+0x1d/0x30
[   99.844587][ T7562]  dump_stack_lvl+0xe8/0x140
[   99.844606][ T7562]  dump_stack+0x15/0x1b
[   99.844682][ T7562]  should_fail_ex+0x265/0x280
[   99.844707][ T7562]  should_failslab+0x8c/0xb0
[   99.844731][ T7562]  kmem_cache_alloc_noprof+0x50/0x310
[   99.844776][ T7562]  ? audit_log_start+0x365/0x6c0
[   99.844817][ T7562]  audit_log_start+0x365/0x6c0
[   99.844866][ T7562]  audit_seccomp+0x48/0x100
[   99.844905][ T7562]  ? __seccomp_filter+0x68c/0x10d0
[   99.844933][ T7562]  __seccomp_filter+0x69d/0x10d0
[   99.844964][ T7562]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   99.845063][ T7562]  ? vfs_write+0x75e/0x8e0
[   99.845089][ T7562]  ? __rcu_read_unlock+0x4f/0x70
[   99.845117][ T7562]  ? __fget_files+0x184/0x1c0
[   99.845228][ T7562]  __secure_computing+0x82/0x150
[   99.845258][ T7562]  syscall_trace_enter+0xcf/0x1e0
[   99.845288][ T7562]  do_syscall_64+0xac/0x200
[   99.845317][ T7562]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.845354][ T7562]  ? clear_bhb_loop+0x40/0x90
[   99.845450][ T7562]  ? clear_bhb_loop+0x40/0x90
[   99.845511][ T7562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.845557][ T7562] RIP: 0033:0x7f830f77e929
[   99.845572][ T7562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.845589][ T7562] RSP: 002b:00007f830dde7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084
[   99.845673][ T7562] RAX: ffffffffffffffda RBX: 00007f830f9a5fa0 RCX: 00007f830f77e929
[   99.845689][ T7562] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[   99.845705][ T7562] RBP: 00007f830dde7090 R08: 0000000000000000 R09: 0000000000000000
[   99.845721][ T7562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.845734][ T7562] R13: 0000000000000000 R14: 00007f830f9a5fa0 R15: 00007fff9c0c8088
[   99.845752][ T7562]  </TASK>
[   99.916422][ T7558] JBD2: no valid journal superblock found
[  100.073400][ T7558] EXT4-fs (loop3): Could not load journal inode
[  100.103286][ T7558] loop3: detected capacity change from 0 to 128
[  100.112380][ T7558] ext4 filesystem being mounted at /274/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  100.195964][ T7585] loop3: detected capacity change from 0 to 2048
[  100.209695][ T7589] loop0: detected capacity change from 0 to 512
[  100.216596][ T7587] 9pnet_fd: Insufficient options for proto=fd
[  100.236656][ T7589] ext4 filesystem being mounted at /241/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.257680][ T7593] loop1: detected capacity change from 0 to 1024
[  100.281944][ T7597] loop0: detected capacity change from 0 to 1024
[  100.289242][ T7597] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  100.307808][ T7597] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  100.317457][ T7597] EXT4-fs (loop0): orphan cleanup on readonly fs
[  100.324916][ T7597] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1274: bg 0: block 10: padding at end of block bitmap is not set
[  100.340470][ T7597] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1274: Failed to acquire dquot type 0
[  100.348679][ T7606] loop1: detected capacity change from 0 to 1024
[  100.352230][ T7597] __quota_error: 448 callbacks suppressed
[  100.352247][ T7597] Quota error (device loop0): write_blk: dquota write failed
[  100.368427][ T7606] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, 
[  100.371778][ T7597] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3
[  100.371960][ T7597] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  100.380106][ T7606] block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  100.389362][ T7597] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1274: Failed to acquire dquot type 0
[  100.419703][ T7597] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.1274: Freeing blocks not in datazone - block = 0, count = 4096
[  100.433700][ T7597] Quota error (device loop0): write_blk: dquota write failed
[  100.441305][ T7597] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3
[  100.450548][ T7597] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  100.461245][ T7597] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1274: Failed to acquire dquot type 0
[  100.473429][ T7597] EXT4-fs (loop0): 1 orphan inode deleted
[  100.535834][ T7613] FAULT_INJECTION: forcing a failure.
[  100.535834][ T7613] name failslab, interval 1, probability 0, space 0, times 0
[  100.548592][ T7613] CPU: 1 UID: 0 PID: 7613 Comm: syz.5.1278 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[  100.548621][ T7613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.548633][ T7613] Call Trace:
[  100.548639][ T7613]  <TASK>
[  100.548649][ T7613]  __dump_stack+0x1d/0x30
[  100.548690][ T7613]  dump_stack_lvl+0xe8/0x140
[  100.548795][ T7613]  dump_stack+0x15/0x1b
[  100.548815][ T7613]  should_fail_ex+0x265/0x280
[  100.548840][ T7613]  should_failslab+0x8c/0xb0
[  100.548869][ T7613]  kmem_cache_alloc_noprof+0x50/0x310
[  100.548947][ T7613]  ? getname_flags+0x80/0x3b0
[  100.548990][ T7613]  getname_flags+0x80/0x3b0
[  100.549030][ T7613]  __x64_sys_mkdir+0x33/0x50
[  100.549054][ T7613]  x64_sys_call+0x2289/0x2fb0
[  100.549119][ T7613]  do_syscall_64+0xd2/0x200
[  100.549146][ T7613]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.549229][ T7613]  ? clear_bhb_loop+0x40/0x90
[  100.549250][ T7613]  ? clear_bhb_loop+0x40/0x90
[  100.549278][ T7613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.549304][ T7613] RIP: 0033:0x7ffba30be929
[  100.549322][ T7613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.549343][ T7613] RSP: 002b:00007ffba1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  100.549446][ T7613] RAX: ffffffffffffffda RBX: 00007ffba32e5fa0 RCX: 00007ffba30be929
[  100.549461][ T7613] RDX: 0000000000000000 RSI: d0939199c36b4d28 RDI: 0000200000000000
[  100.549475][ T7613] RBP: 00007ffba1727090 R08: 0000000000000000 R09: 0000000000000000
[  100.549489][ T7613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.549503][ T7613] R13: 0000000000000000 R14: 00007ffba32e5fa0 R15: 00007ffe76be1868
[  100.549569][ T7613]  </TASK>
[  100.777943][ T7628] can: request_module (can-proto-0) failed.
[  100.784889][ T7631] loop4: detected capacity change from 0 to 512
[  100.792932][   T29] audit: type=1400 audit(1749350714.324:4601): avc:  denied  { unmount } for  pid=7627 comm="syz.5.1284" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  100.830218][ T7631] EXT4-fs mount: 212 callbacks suppressed
[  100.830237][ T7631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.849248][ T7631] ext4 filesystem being mounted at /256/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.872349][ T7639] loop5: detected capacity change from 0 to 128
[  100.882683][ T7639] msdos: Unknown parameter ''
[  100.887953][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.889755][ T7641] loop1: detected capacity change from 0 to 1024
[  100.904066][ T7641] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  100.916818][ T7641] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  100.925358][ T7641] EXT4-fs (loop1): orphan cleanup on readonly fs
[  100.933902][ T7641] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1290: bg 0: block 10: padding at end of block bitmap is not set
[  100.949916][ T7641] Quota error (device loop1): write_blk: dquota write failed
[  100.953330][ T7650] loop4: detected capacity change from 0 to 512
[  100.957395][ T7641] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3
[  100.972952][ T7641] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  100.976098][ T7650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.983099][ T7641] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1290: Failed to acquire dquot type 0
[  100.995860][ T7650] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.008378][ T7641] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1290: Failed to acquire dquot type 0
[  101.029167][ T7641] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1290: Freeing blocks not in datazone - block = 0, count = 4096
[  101.043024][ T7641] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1290: Failed to acquire dquot type 0
[  101.055928][ T7641] EXT4-fs (loop1): 1 orphan inode deleted
[  101.062767][ T7641] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.093437][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.173428][ T7660] 9pnet_fd: Insufficient options for proto=fd
[  101.231419][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.421672][ T7680] loop0: detected capacity change from 0 to 4096
[  101.430751][ T7680] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.637753][ T7703] loop1: detected capacity change from 0 to 1024
[  101.644943][ T7703] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  101.655961][ T7703] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  101.664077][ T7703] EXT4-fs (loop1): orphan cleanup on readonly fs
[  101.671426][ T7703] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1305: bg 0: block 10: padding at end of block bitmap is not set
[  101.686012][ T7703] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1305: Failed to acquire dquot type 0
[  101.697665][ T7703] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1305: Failed to acquire dquot type 0
[  101.709300][ T7703] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1305: Freeing blocks not in datazone - block = 0, count = 4096
[  101.723002][ T7703] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1305: Failed to acquire dquot type 0
[  101.734475][ T7703] EXT4-fs (loop1): 1 orphan inode deleted
[  101.740754][ T7703] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.765289][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.787707][ T7711] Falling back ldisc for ptm0.
[  101.810203][ T7714] loop5: detected capacity change from 0 to 512
[  101.826680][ T7714] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.839353][ T7714] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.026990][ T5238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.225517][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.356838][ T7738] loop1: detected capacity change from 0 to 512
[  102.359522][ T7736] loop4: detected capacity change from 0 to 2048
[  102.371089][ T7738] EXT4-fs (loop1): orphan cleanup on readonly fs
[  102.379434][ T7733] loop7: detected capacity change from 0 to 16384
[  102.380256][ T7738] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.1316: bad orphan inode 13
[  102.397186][ T7738] ext4_test_bit(bit=12, block=18) = 1
[  102.402639][ T7738] is_bad_inode(inode)=0
[  102.406975][ T7738] NEXT_ORPHAN(inode)=2130706432
[  102.411930][ T7738] max_ino=32
[  102.415209][ T7738] i_nlink=1
[  102.419537][ T7738] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.474527][ T7747] loop0: detected capacity change from 0 to 512
[  102.476971][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.481568][ T7747] ext4: Bad value for 'init_itable'
[  102.489888][ T7741] __nla_validate_parse: 39 callbacks suppressed
[  102.489905][ T7741] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1317'.
[  102.514417][ T7741] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1317'.
[  102.523799][ T7750] loop3: detected capacity change from 0 to 1024
[  102.531488][ T7750] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  102.552080][ T7750] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  102.561350][ T7750] EXT4-fs (loop3): orphan cleanup on readonly fs
[  102.578266][ T7750] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1317: bg 0: block 10: padding at end of block bitmap is not set
[  102.598036][ T7750] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1317: Failed to acquire dquot type 0
[  102.610207][ T7750] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1317: Failed to acquire dquot type 0
[  102.621979][ T7750] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.1317: Freeing blocks not in datazone - block = 0, count = 4096
[  102.639579][ T7750] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1317: Failed to acquire dquot type 0
[  102.651423][ T7750] EXT4-fs (loop3): 1 orphan inode deleted
[  102.658447][ T7750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.685338][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.903721][ T7784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1326'.
[  102.945594][ T7786] IPv6: Can't replace route, no match found
[  102.952495][ T7786] netlink: 'syz.3.1328': attribute type 10 has an invalid length.
[  102.968663][ T7786] batman_adv: batadv0: Adding interface: team0
[  102.974920][ T7786] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.990754][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1329'.
[  103.000241][ T7786] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  103.021653][ T7789] netlink: 'syz.3.1328': attribute type 10 has an invalid length.
[  103.029546][ T7789] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1328'.
[  103.039054][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1329'.
[  103.055931][ T7790] loop5: detected capacity change from 0 to 1024
[  103.056682][ T7789] team0: entered promiscuous mode
[  103.063453][ T7790] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  103.077803][ T7789] team_slave_0: entered promiscuous mode
[  103.083662][ T7789] team_slave_1: entered promiscuous mode
[  103.084167][ T7790] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  103.098168][ T7790] EXT4-fs (loop5): orphan cleanup on readonly fs
[  103.104710][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1329'.
[  103.113900][ T7792] loop0: detected capacity change from 0 to 512
[  103.114167][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1329'.
[  103.121740][ T7789] 8021q: adding VLAN 0 to HW filter on device team0
[  103.130012][ T7792] EXT4-fs: Ignoring removed nomblk_io_submit option
[  103.137956][ T7790] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1329: bg 0: block 10: padding at end of block bitmap is not set
[  103.143603][ T7789] batman_adv: batadv0: Interface activated: team0
[  103.163578][ T7789] batman_adv: batadv0: Interface deactivated: team0
[  103.164739][ T7790] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1329: Failed to acquire dquot type 0
[  103.170290][ T7789] batman_adv: batadv0: Removing interface: team0
[  103.182495][ T7790] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1329: Failed to acquire dquot type 0
[  103.200190][ T7789] bridge0: port 3(team0) entered blocking state
[  103.200527][ T7790] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.1329: Freeing blocks not in datazone - block = 0, count = 4096
[  103.206577][ T7789] bridge0: port 3(team0) entered disabled state
[  103.225051][ T7790] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1329: Failed to acquire dquot type 0
[  103.227060][ T7789] team0: entered allmulticast mode
[  103.242563][ T7789] team_slave_0: entered allmulticast mode
[  103.243915][ T7792] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.248526][ T7789] team_slave_1: entered allmulticast mode
[  103.266049][ T7790] EXT4-fs (loop5): 1 orphan inode deleted
[  103.272693][ T7792] ext4 filesystem being mounted at /250/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.275890][ T7789] bridge0: port 3(team0) entered blocking state
[  103.283629][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1329'.
[  103.289340][ T7789] bridge0: port 3(team0) entered forwarding state
[  103.305690][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1329'.
[  103.324721][ T7790] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.325175][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.368314][ T5238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.735910][ T7814] loop1: detected capacity change from 0 to 1024
[  103.745846][ T7814] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  103.770025][ T7814] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  103.833533][ T7814] EXT4-fs (loop1): orphan cleanup on readonly fs
[  103.904594][ T7814] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1334: bg 0: block 10: padding at end of block bitmap is not set
[  103.961925][ T7819] loop4: detected capacity change from 0 to 2048
[  104.063585][ T7814] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1334: Failed to acquire dquot type 0
[  104.286481][ T7814] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1334: Failed to acquire dquot type 0
[  104.354880][ T7814] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1334: Freeing blocks not in datazone - block = 0, count = 4096
[  104.371176][ T7832] netlink: 'syz.4.1339': attribute type 1 has an invalid length.
[  104.387369][ T7837] loop3: detected capacity change from 0 to 512
[  104.420190][ T7837] EXT4-fs (loop3): orphan cleanup on readonly fs
[  104.420278][ T7814] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1334: Failed to acquire dquot type 0
[  104.439038][ T7814] EXT4-fs (loop1): 1 orphan inode deleted
[  104.439124][ T7837] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.1340: bad orphan inode 13
[  104.447720][ T7814] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.474188][ T7837] ext4_test_bit(bit=12, block=18) = 1
[  104.479630][ T7837] is_bad_inode(inode)=0
[  104.483804][ T7837] NEXT_ORPHAN(inode)=2130706432
[  104.483817][ T7837] max_ino=32
[  104.483827][ T7837] i_nlink=1
[  104.486563][ T7837] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.497717][ T7845] loop5: detected capacity change from 0 to 512
[  104.540651][ T7845] EXT4-fs (loop5): orphan cleanup on readonly fs
[  104.548385][ T7845] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.1342: bad orphan inode 13
[  104.548476][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.569357][ T7845] ext4_test_bit(bit=12, block=18) = 1
[  104.575006][ T7845] is_bad_inode(inode)=0
[  104.579200][ T7845] NEXT_ORPHAN(inode)=2130706432
[  104.584079][ T7845] max_ino=32
[  104.587363][ T7845] i_nlink=1
[  104.599651][ T7845] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.620201][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.644388][ T7858] loop0: detected capacity change from 0 to 2048
[  104.653876][ T5238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.784221][ T7880] lo speed is unknown, defaulting to 1000
[  105.001500][ T7916] loop1: detected capacity change from 0 to 1024
[  105.020563][ T7916] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.036795][ T7916] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  105.066396][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.522641][ T7935] loop0: detected capacity change from 0 to 1024
[  105.540421][ T7940] loop3: detected capacity change from 0 to 2048
[  105.540612][ T7935] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  105.558821][ T7935] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  105.567290][ T7935] EXT4-fs (loop0): orphan cleanup on readonly fs
[  105.576038][ T7940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.588968][ T7935] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1354: bg 0: block 10: padding at end of block bitmap is not set
[  105.638798][ T7935] __quota_error: 198 callbacks suppressed
[  105.638817][ T7935] Quota error (device loop0): write_blk: dquota write failed
[  105.652089][ T7935] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3
[  105.670559][ T7940] smc: net device bond0 applied user defined pnetid SYZ0
[  105.678563][ T7940] smc: net device bond0 erased user defined pnetid SYZ0
[  105.696093][ T7935] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  105.706588][ T7935] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1354: Failed to acquire dquot type 0
[  105.714916][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.719823][ T7935] Quota error (device loop0): write_blk: dquota write failed
[  105.734361][ T7935] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3
[  105.744367][ T7935] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  105.754769][ T7935] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1354: Failed to acquire dquot type 0
[  105.766826][ T7935] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.1354: Freeing blocks not in datazone - block = 0, count = 4096
[  105.780707][ T7948] loop1: detected capacity change from 0 to 512
[  105.787222][ T7935] Quota error (device loop0): write_blk: dquota write failed
[  105.794746][ T7935] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3
[  105.804039][ T7935] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  105.814644][ T7935] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1354: Failed to acquire dquot type 0
[  105.830988][ T7948] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  105.842623][ T7948] EXT4-fs (loop1): 1 truncate cleaned up
[  105.848817][ T7948] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.861402][ T7935] EXT4-fs (loop0): 1 orphan inode deleted
[  105.868236][ T7935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  105.901190][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.975237][ T7953] loop3: detected capacity change from 0 to 512
[  106.084188][   T29] audit: type=1400 audit(1749350719.544:4758): avc:  denied  { read } for  pid=7947 comm="syz.1.1358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  106.117526][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.159543][ T7959] loop0: detected capacity change from 0 to 2048
[  106.175884][ T7963] loop1: detected capacity change from 0 to 512
[  106.196118][ T7963] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.227480][ T7963] ext4 filesystem being mounted at /301/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.297367][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.312420][ T7970] loop0: detected capacity change from 0 to 2048
[  106.408052][ T7974] loop4: detected capacity change from 0 to 512
[  106.441031][ T7981] loop3: detected capacity change from 0 to 512
[  106.449614][ T7974] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.462933][ T7974] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.476024][ T7981] EXT4-fs (loop3): orphan cleanup on readonly fs
[  106.484609][ T7981] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.1369: bad orphan inode 13
[  106.496489][ T7981] ext4_test_bit(bit=12, block=18) = 1
[  106.501968][ T7981] is_bad_inode(inode)=0
[  106.506273][ T7981] NEXT_ORPHAN(inode)=2130706432
[  106.511128][ T7981] max_ino=32
[  106.514386][ T7981] i_nlink=1
[  106.519723][ T7981] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  106.584711][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.613843][ T7993] loop5: detected capacity change from 0 to 1024
[  106.638488][ T7989] 9pnet_fd: Insufficient options for proto=fd
[  106.643157][ T7993] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.660332][ T7993] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  106.689541][ T5238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.748984][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.774688][ T8008] loop5: detected capacity change from 0 to 2048
[  106.797632][ T8008] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.813723][ T8016] bridge_slave_1: left allmulticast mode
[  106.819519][ T8016] bridge_slave_1: left promiscuous mode
[  106.825329][ T8016] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.835775][ T8016] bridge_slave_0: left allmulticast mode
[  106.841555][ T8016] bridge_slave_0: left promiscuous mode
[  106.847486][ T8016] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.859946][ T8012] loop3: detected capacity change from 0 to 1024
[  106.867179][ T8012] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  106.878185][ T8012] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  106.886754][ T8012] EXT4-fs (loop3): orphan cleanup on readonly fs
[  106.893336][ T8008] smc: net device bond0 applied user defined pnetid SYZ0
[  106.894875][ T8012] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1381: bg 0: block 10: padding at end of block bitmap is not set
[  106.900562][ T8025] smc: net device bond0 erased user defined pnetid SYZ0
[  106.925408][ T8012] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1381: Failed to acquire dquot type 0
[  106.938319][ T8012] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1381: Failed to acquire dquot type 0
[  106.950854][ T8012] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.1381: Freeing blocks not in datazone - block = 0, count = 4096
[  106.966996][ T8012] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1381: Failed to acquire dquot type 0
[  106.984552][ T8012] EXT4-fs (loop3): 1 orphan inode deleted
[  106.991309][ T8012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  107.011697][ T5238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.040082][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.070895][ T8036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.080583][ T8036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.093238][ T8036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.096486][ T8042] loop4: detected capacity change from 0 to 512
[  107.110149][ T8036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.119274][ T8036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.128151][ T8036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.179085][ T8045] loop5: detected capacity change from 0 to 2048
[  107.188505][ T8042] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.202528][ T8042] ext4 filesystem being mounted at /274/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.232739][ T8050] loop0: detected capacity change from 0 to 256
[  107.446719][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.701769][ T8055] __nla_validate_parse: 32 callbacks suppressed
[  107.701791][ T8055] netlink: 232 bytes leftover after parsing attributes in process `syz.3.1394'.
[  107.748151][ T8055] loop3: detected capacity change from 0 to 2048
[  107.825211][ T8056] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1394'.
[  107.839419][ T8055] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1394'.
[  107.943929][ T8058] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1395'.
[  107.956033][ T8058] ALSA: seq fatal error: cannot create timer (-22)
[  107.962868][ T8058] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8058 comm=syz.3.1395
[  108.051334][ T8064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1397'.
[  108.060706][ T8064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1397'.
[  108.090305][ T8064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1397'.
[  108.100371][ T8064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1397'.
[  108.118321][ T8071] loop1: detected capacity change from 0 to 1024
[  108.136750][ T8072] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1396'.
[  108.146336][ T8071] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  108.157770][ T8062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1396'.
[  108.187606][ T8071] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  108.208598][ T8071] EXT4-fs (loop1): orphan cleanup on readonly fs
[  108.239680][ T8092] loop0: detected capacity change from 0 to 2048
[  108.244691][ T8071] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1397: bg 0: block 10: padding at end of block bitmap is not set
[  108.270815][ T8071] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1397: Failed to acquire dquot type 0
[  108.283130][ T8071] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1397: Failed to acquire dquot type 0
[  108.283918][ T8097] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  108.283918][ T8097]    program syz.3.1406 not setting count and/or reply_len properly
[  108.296051][ T8071] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1397: Freeing blocks not in datazone - block = 0, count = 4096
[  108.327440][ T8071] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1397: Failed to acquire dquot type 0
[  108.341532][ T8071] EXT4-fs (loop1): 1 orphan inode deleted
[  108.361207][ T8071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  108.403618][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.412896][ T8106] loop0: detected capacity change from 0 to 1024
[  108.432718][ T8106] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.469308][ T8106] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  108.554024][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.575350][ T8121] netlink: 'syz.3.1413': attribute type 10 has an invalid length.
[  108.587445][ T8121] dummy0: entered promiscuous mode
[  108.592858][ T8121] $H�: (slave dummy0): Enslaving as an active interface with an up link
[  108.660713][ T8137] loop0: detected capacity change from 0 to 512
[  108.717960][ T8139] loop4: detected capacity change from 0 to 2048
[  108.796524][ T8139] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.044086][ T8139] smc: net device bond0 applied user defined pnetid SYZ0
[  109.089640][ T8156] smc: net device bond0 erased user defined pnetid SYZ0
[  109.288903][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.301129][ T8160] loop1: detected capacity change from 0 to 1024
[  109.324809][ T8160] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  109.367334][ T8160] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  109.404511][ T8160] EXT4-fs (loop1): orphan cleanup on readonly fs
[  109.421862][ T8168] loop4: detected capacity change from 0 to 1024
[  109.438558][ T8170] ==================================================================
[  109.446798][ T8170] BUG: KCSAN: data-race in memcpy_and_pad / release_task
[  109.451569][ T8160] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1421: bg 0: block 10: padding at end of block bitmap is not set
[  109.453862][ T8170] 
[  109.453871][ T8170] write to 0xffff88810982a548 of 8 bytes by task 2010 on cpu 1:
[  109.478007][ T8170]  release_task+0x6f9/0xb60
[  109.482545][ T8170]  wait_consider_task+0x113f/0x1650
[  109.487872][ T8170]  __do_wait+0x34a/0x510
[  109.492153][ T8170]  do_wait+0xb7/0x260
[  109.496173][ T8170]  kernel_wait+0x51/0xc0
[  109.500213][ T8160] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1421: Failed to acquire dquot type 0
[  109.500520][ T8170]  call_usermodehelper_exec_work+0x9c/0x160
[  109.512934][ T8160] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1421: Failed to acquire dquot type 0
[  109.517592][ T8170]  process_scheduled_works+0x4cb/0x9d0
[  109.529074][ T8160] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1421: Freeing blocks not in datazone - block = 0, count = 4096
[  109.534239][ T8170]  worker_thread+0x582/0x770
[  109.548096][ T8160] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1421: Failed to acquire dquot type 0
[  109.552182][ T8170]  kthread+0x486/0x510
[  109.552210][ T8170]  ret_from_fork+0xda/0x150
[  109.572023][ T8170]  ret_from_fork_asm+0x1a/0x30
[  109.576807][ T8170] 
[  109.579133][ T8170] read to 0xffff88810982a080 of 3200 bytes by task 8170 on cpu 0:
[  109.587038][ T8170]  memcpy_and_pad+0x48/0x80
[  109.591648][ T8170]  arch_dup_task_struct+0x2c/0x40
[  109.596684][ T8170]  dup_task_struct+0x83/0x6a0
[  109.601378][ T8170]  copy_process+0x399/0x1fe0
[  109.606067][ T8170]  kernel_clone+0x16c/0x5b0
[  109.610587][ T8170]  __se_sys_clone3+0x1c2/0x200
[  109.615365][ T8170]  __x64_sys_clone3+0x31/0x40
[  109.620063][ T8170]  x64_sys_call+0x10c9/0x2fb0
[  109.624748][ T8170]  do_syscall_64+0xd2/0x200
[  109.629261][ T8170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.635181][ T8170] 
[  109.637502][ T8170] Reported by Kernel Concurrency Sanitizer on:
[  109.643653][ T8170] CPU: 0 UID: 0 PID: 8170 Comm: syz.5.1423 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) 
[  109.655729][ T8170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.665791][ T8170] ==================================================================
[  109.674210][ T8168] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  109.698420][ T8160] EXT4-fs (loop1): 1 orphan inode deleted
[  109.704443][ T8168] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  109.712689][ T8168] EXT4-fs (loop4): orphan cleanup on readonly fs
[  109.714880][ T8160] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  109.734724][ T8168] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1422: bg 0: block 10: padding at end of block bitmap is not set
[  109.761665][ T8168] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1422: Failed to acquire dquot type 0
[  109.782449][ T8168] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1422: Failed to acquire dquot type 0
[  109.805697][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.815119][ T8168] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.1422: Freeing blocks not in datazone - block = 0, count = 4096
[  109.829172][ T8168] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1422: Failed to acquire dquot type 0
[  109.844932][ T8168] EXT4-fs (loop4): 1 orphan inode deleted
[  109.851496][ T8168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  109.877275][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.