last executing test programs:

3m34.515622531s ago: executing program 0 (id=72):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b80000001900010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0xb8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b800000014000100"/23], 0xb8}}, 0x0)

3m34.477557814s ago: executing program 0 (id=76):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r2, 0x1, 0x7fff}, 0xc)

3m34.416073708s ago: executing program 0 (id=78):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKa8chdkoTIpH+DSCBxAn+BA5IHJB64sCNIxIHVFEOSAUi0AaJg9GMnaw3sVmzdmw2/nyk2Zk3b2a+7zk7816eHb8AptbViNiPiPmIeCsiFjv7k84Sr7WX7Lj7B3srhwd7K0m0Wm/+Lcnzs33RdU7m6c41CxHx9a9EfDs5Hbexs3tvuVqtbHXSpWZts9TY2b2xXlteq6xVNsrl20u3b75866XyyOp6pfaLD7+8/vo3fv2rT37wu/0vfj8r1sVOXnc9Rqld9bmH9s1GxOtnEWwCZjrr+QmXg8eTRsRHIuIz+f2/GDP5/04A4DxrtRajtdidBgDOuzQfA0vSYkSkaacTUGyP4T0XF9JqvdG8fre+vbHaHiu7FHPp3fVq5eblhT98Nz94LsnSS3lenp+nyyfStyLickT8aOGpPF1cqVdXJ9PlAYCp93R3+x8R/1xI02JxoFN7vKsHADwxCpMuAAAwdtp/AJg+2n8AmD4DtP+dN/v3z7wsAMBYtGYmXQIAYOyM/wPA9NH+A8BU+dobb2TL+4ed779efXtn+1797Rurlca9Ym17pbhS39osrtXra/l39tQedb1qvb659GJsv1NqVhrNUmNn906tvr3RvJN/r/edytxYagUA/DeXr7z3+yQi9l95Kl+iay4HbTWcb+kIjwKeLEN99E8HAZ5oZvuC6TVQE553En575mUBJqPnl3kXem4+7Cf/QxCfM4L/K9c+Pvj4vzme4Xwxsg/T6/HG/18deTmA8TP+D9Or1UpOzvk/f5wFAJxLQ3yEr/WDUXVCgIl61GTeI3n/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM6ZixHxnUjSYj4XeJr9mxaLEc9ExKWYS+6uVys3I+LZuBIRcwtZemnShQYAhpT+JenM/3Vt8YWLJ3Pnk38t5OuI+N5P3/zxO8vN5tZStv/vx/sXjqYPKz84b4h5BQGAwf1pkIPy9rvcWXf9In//YG/laDnDMp7y4ZeOJx9dOTzYy5d2zmy0Wq1WRCHvS1z4RxKznXMKEfF8RMyMIP7+uxHxsV71T/KxkUudmU+740cn9jNjjZ8+FD/N89rr7OX76AjKAtPmvez581qv+y+Nq/m69/1fyJ9Qw8uff4WIo2ffYVf82U6kmR7xs3v+6qAxXvzNV0/tbC22896NeH62V/zkOH7SJ/4LA8b/4yc+9cNX++S1fhZxLXrH745VatY2S42d3RvrteW1ylplo1y+vXT75su3XiqX8jHq0tFI9Wl/feX6s/3KltX/Qp/4hZ71nz8+93MD1v/n/37rW59+kFw4Gf8Ln+3983+uZ/y2rE38/IDxly/8su/03Vn81T71f9TP//qA8T/48+7qgIcCAGPQ2Nm9t1ytVraG2sh+Cx3FdU5tZEUc7OCj7uJwQd+PfGNEL0ufjawzNsjBc2f1qp75xuxxX3G0V/5mdsUxVycdeS2G2rg/rliTeyYB4/Hgpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59d/AgAA//85c8Sd")

3m34.301667207s ago: executing program 0 (id=83):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000240)={[{@noload}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x434, &(0x7f00000002c0)="$eJzs289rHFUcAPDv7CataVMTS/3RtGq0isEfSZPW2oMXRcGDgqCHeoxJWmK3jTQRbAkaRepRCt7Fo+Bf4Ekvop4Er3qXQpFcWj2tzO5MsrvZTbPpJlvdzwcmeW/mLe99d+btvjdvJ4CeNZr+SSIGI+L3iBiqZusLjFb/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvzTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmR0s4NPlssdrq67DtSkk74uNoS2FKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNRm/Y2LJBvHP4Xr2wpsi9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96Tsejfm+YnN6njh1d++6LVsdrxX7ql9edjwawd1/v21r9mdnpp+k5irnXjk4iRvmbxJ2srAUlEHI6IkW3WMf/0N0dbHbt9/JvowDpT+euIp6rnfyUa4s8lm69PTtwTpbnjE/lVsdEvv159s1X9dxR/B6Tnf1/T638t/uGkdr12sf06rv7xecs5zXav/z3J23X7PpxeWro0GbEneb3a6Nr9Uw3lptbLp/GPHWve/w/G+jtxJCLSi/jhiHgkIh7N2v5YRDweEcc2if+nl594r27H2GAb8e+sNP7Zts7/emJPNO5pniie//G7ukqHo4340/N/spIay/Zs5fNvK+3a3tUMAAAA/z2FiBiMpDC+li4Uxserv+E/FPsKpYXFpWfOLnxwcbb6jMBw9BfyO11DNfdDJ7NpfZ6fasifyO4bf1kcqOTHZxZKs90OHnrc/hb9P/VnsdutA3ac57Wgd+n/0Lv0f+hd+j/0rib9f6Ab7QB2X7Pv/4+70A5g9zX0f8t+0EPM/6F36f/Qu/R/6EmLA3H7h+QlJDYkonBXNENihxLd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojH8DAAD//ygv5wk=")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x40}}, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x62142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x200, 0x1, 0x0, 0x0, 0xa, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc097fce47d85272036dc78388e3dc177e9b496", "b732676c181c2082669dd06388bd21aa45a7fea61800", [0xffffffffffffffff, 0x5]})
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000100), &(0x7f00000001c0)=ANY=[], 0x386, 0x0)

3m34.007501888s ago: executing program 0 (id=96):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x14, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x4, 0x10}}]}}]}, 0x48}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3m33.297658841s ago: executing program 0 (id=122):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x4)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendmmsg$inet6(r1, &(0x7f00000029c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000014)

3m33.297448021s ago: executing program 32 (id=122):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x4)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendmmsg$inet6(r1, &(0x7f00000029c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000014)

2m10.199064051s ago: executing program 1 (id=1721):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="7000000010000100"/20, @ANYRES32, @ANYBLOB="0006000000000000500012800b00010067656e65766500004000028005000900"], 0x70}, 0x1, 0x2, 0x0, 0x8081}, 0x0)

2m10.157991244s ago: executing program 1 (id=1722):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_USE_CARRIER={0x5}, @IFLA_BOND_RESEND_IGMP={0x8}]}}}]}, 0x44}}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0, 0x6})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008000000b70400008f2000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_user(r7, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t root'], 0x27)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x0)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1050f0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2904, 0x2, 0x804, 0x364798437b528e0e, 0x0, 0xfffffffe, 0xffff, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x1)

2m9.883791634s ago: executing program 1 (id=1723):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x28, 0x5, 0x0)
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r0, 0x0)
accept4$unix(r0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fc000000080011000000000008000e00800000000800", @ANYRES64=r1], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2m9.852098566s ago: executing program 1 (id=1724):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_USE_CARRIER={0x5}, @IFLA_BOND_RESEND_IGMP={0x8}]}}}]}, 0x44}}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008000000b70400008f2000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_user(r7, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t root'], 0x27)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x0)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1050f0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2904, 0x2, 0x804, 0x364798437b528e0e, 0x0, 0xfffffffe, 0xffff, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x1)

2m9.673372889s ago: executing program 1 (id=1725):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000004c0)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000500)='./bus\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=@base={0x2, 0x4, 0x4, 0xbf22, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x82011, r1, 0x0)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'vcan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a31000000007c000000060a010400000000000000000100000008000b400000000054000480200001800e000100636f6e6e6c696d69740000000c00028008000140000000003000018008000100636d70002400028008000240000000001000038009000100efbb17b79900000008000140000000000900010073797a30"], 0xf0}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081c, &(0x7f0000000000)={[{@grpquota}, {@max_batch_time}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")

2m9.052967735s ago: executing program 1 (id=1737):
pipe(&(0x7f0000000200))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r1, 0x0, 0x0)
connect$inet(r1, 0x0, 0x0)
sendmmsg(r1, 0x0, 0x0, 0x0)
setsockopt$inet_int(r1, 0x0, 0x14, &(0x7f0000000180)=0x40000000, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000002480)=ANY=[@ANYBLOB="440000001900010000000000000000001d01004015000d000000000000000000dc6a6bd5fe03d26c000000e03000020000000000000000000ffca929cd7e5abe00000000"], 0x44}}, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
sendto$inet6(r0, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)

2m8.98189913s ago: executing program 33 (id=1737):
pipe(&(0x7f0000000200))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r1, 0x0, 0x0)
connect$inet(r1, 0x0, 0x0)
sendmmsg(r1, 0x0, 0x0, 0x0)
setsockopt$inet_int(r1, 0x0, 0x14, &(0x7f0000000180)=0x40000000, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000002480)=ANY=[@ANYBLOB="440000001900010000000000000000001d01004015000d000000000000000000dc6a6bd5fe03d26c000000e03000020000000000000000000ffca929cd7e5abe00000000"], 0x44}}, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
sendto$inet6(r0, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)

4.768061229s ago: executing program 6 (id=3153):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x40004}, @IFLA_BOND_USE_CARRIER={0x5}, @IFLA_BOND_RESEND_IGMP={0x8}]}}}]}, 0x4c}}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0, 0x6})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008000000b70400008f2000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_user(r7, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t root'], 0x27)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x0)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1050f0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2904, 0x2, 0x804, 0x364798437b528e0e, 0x0, 0xfffffffe, 0xffff, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000140)={'tunl0\x00', {0x2, 0x4e21, @multicast2}})

3.763856172s ago: executing program 6 (id=3163):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x9, 0xff, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000340)={r0, &(0x7f0000000680), &(0x7f0000000600)=""/122}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r4}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r6, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})

3.268598709s ago: executing program 6 (id=3169):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000580)={[{@nolazytime}]}, 0xfe, 0x507, &(0x7f0000000f40)="$eJzs3U9vG2kZAPBnJna2abM4CxyWldhdsUVJBHWahrYRhwISglOlQrmXkLhRFCeuEqdtogpS8QGQEAIkLnDigsQHQEL9CAipEtwRIFAFLRw4FAbZHoc0tdNEdWw2/v2kt/PXfp6n7oznnZl6Ahha70fEVERkWZZNR0Qpn5/mLXZbrbHes6cPFhstiSy7+bckknxe+73eyIfn8pediYivfzXiW8nLcTe3d1YXqtXKRj49U19LnmfZzoWVtYXlynJlfW5u9sr81fnL8xd7UudERFz78p9/+L2ff+Xarz977w+3/jr17VaBLfvr6KVW6cXm30VbISI2TiLYgBSaFbZcHnAuAAAcrnG8/9GI+FRETEcpRppHc03Tg80MAAAA6JXsC+PxPGld/wMAAABOpzQixuPGaDm/33c80rRcbt3D+/E4m1Zrm/XPZKW98wUTUUxvr1QrF/N7ByaimDSmZ/N7bNvTlw5Mz0XEWxHxg9JYc7q8WKsuDfTMBwAAAAyPc80+f5K2+///LLX6/wAAAMApMzHoBAAAAIATp/8PAAAAp5/+PwAAAJxqN65fb7Ss/fzrpbvbW6u1uxeWKpur5bWtxfJibeNOeblWW35SiKitver9qrXanc/F+tb9mXplsz6zub1za622tV6/tfLCI7ABAACAPnrrvUe/TyJi9/NjaURkyb5lxYhsZP/Khf7nB5yc9Dgr/+nk8gD6b2TQCQAD45Aehldx0AkAA/eq/UDXm3d+0/tcAACAkzH5ib3r/83WMJovSwaaGXDS8uv/iW0dho/r/zC8XP+D4VU87AhApwBOvfQIm/rrX//PsmMlBQAA9Nx4syVpOe8HjEealssRbzYfC/C//x30kYj4Xan4xu2VamW2OSdxegAAAAAAAAAAAAAAAAAAAAAAAAAAjijLksi6aD0NMEa7LQcAAAA+HCLSvyT5878mS+fHD54fGE3+VWoOI+LeT27+6P5Cvb4x25j/97359R/n8y/1/fQFAAAA0EG7n97uxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALz17+mCx3foZ98mXImKiU/xCnGkOz0QxIs7+I4nCvtclETHSg/i7DyPi7U7xk0ZaMZFncTB+GhFjA45/rgfxYZg9aux/vthp+0vj/eaw8/ZXyNvrau3/RjrGb+//Rrrs/97s9Ibpy7PeefzLma7xH0a8U+i8/2nHTw7ET/L2wRFr/OY3dna6Lct+FjHZ8fsneaHWmaRwZ2Zze+fCytrCcmW5sj43N3tl/ur85fmLM7dXqpX8z44xvv/JX/3nsPrPdok/0aX+dk7nj1j/vx/ff/qx1mjxwKJi/DTLpj7o/O/v7S7x2999n84/7sb0ZHt8tzW+37u/+O277x1S/1KX+rt9/u0cpo5Y//TXvvvHI64KAPTB5vbO6kK1Wtk43kgSsfsaLzcyXCNj0cegC3HYOu2D2D7k85081P/FR3DskcHtkwAAgJOR7B30DzoTAAAAAAAAAAAAAAAAAAAAGF6v+hmw6MHPiR2MuTuYUgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADvXfAAAA///ST8Yo")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc1}})

3.084550033s ago: executing program 4 (id=3171):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00'}, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00T\x00=\t\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', @ANYRES32=r2], 0x38}}, 0x0)

3.010097918s ago: executing program 4 (id=3173):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000840)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000880)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000001c0)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000)

2.891843357s ago: executing program 6 (id=3176):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0900000004000000010000000b00000000000000", @ANYRES32, @ANYBLOB="00000010000000000000002377000000000000003b0b8950fd6a456c5e33d86b9adef90eb49d8b352b9f62e59a0d365067", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001800), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001840)={&(0x7f00000019c0)={0x20, r2, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x85}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa1", @ANYRES32=r0], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x41, &(0x7f0000000300)={[{@bsdgroups}, {@nodiscard}, {@noinit_itable}, {@grpjquota}, {@grpjquota}, {@orlov}, {@discard}, {@grpid}, {@barrier}]}, 0x64, 0x510, &(0x7f0000000f80)="$eJzs3UFvG1kdAPD/OHZJ2nSTBQ6wEssuuyitoHayYduIQykSglMloNxLSJwoihNHsdM2UQWp+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIWjhwAE6yPYkTVM7cVsnTuPfT5rMe29m/H/P0YznzTzNBDCw3oqIaxHxOE3TixExlpXnsim2W1NjvUcP7841piTS9MY/kkiysp3PSrJNzmWbDUfEV78U8Y3k2bi1za3l2UqlvJ7lS/WVtVJtc+vS0srsYnmxvDo9PXV55srM+zOTPWnn+Yi4+oW/fP87P/3i1V9++vYfb/7twjcb1RrNlu9tx3PKH7Sw1fRC87vYu8H6CwY7ifLNFmZG2q0x9EzJvSOuEwAA7TVO2D8YEZ+IiIsxFkMHn84CAAAAr6D0c6Px3yQibe9Mh3IAAADgFZJrjoFNcsVsLMBo5HLFYmsM74fjbK5SrdU/tVDdWJ1vjZUdj0JuYalSnszGCo9HIWnkp5rpJ/n39uWnI+L1iPje2EgzX5yrVub7ffEDAAAABsS5ff3/f4+1+v8AAADAKTPe7woAAAAAR07/HwAAAE4//X8AAAA41b58/XpjSnfefz1/a3NjuXrr0ny5tlxc2ZgrzlXX14qL1epi85l9K4d9XqVaXftMrG7cKdXLtXqptrl1c6W6sVq/ufTUK7ABAACAY/T6x+//PomI7c+ONKeGM91t2uVqwEmV300l2bzNbv2H11rzPx9TpYBjMdTvCgB9k+93BYC+KfS7AkDfJYcs7zh45zfZ/O3e1gcAAOi9iY++6P3/7dwRVw04YnZiGFzu/8Pgat7/73Ykr5MFOFUKzgBg4L30/f9DpelzVQgAAOi50eaU5IrZ5b3RyOWKxYjzzdcCFJKFpUp5MiJei4jfjRU+0MhPNbdMDu0zAAAAAAAAAAAAAAAAAAAAAAAAAAAtaZpECgAAAJxqEbm/Jr9qPct/Yuzd0f3XB84k/xmL7BWht3904wd3Zuv19alG+T93y+s/zMrf68cVDAAAABgIz/UC/51++k4/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB65O3hiHj08O7cznScwf/++YgYbxc/H8PN+XAUIuLsv5LI79kuiYihHsQfafz5SLv4SaNauyHbxR/pQfztewfGj/HsW2gX/1wP4sMgu984/lxrt//l4q3mvP3+l494Kv+iOh//Yvf4N9Rh/z/fZYw3Hvy81DH+vYg38u2PPzvxkw7x3+ky/te/trXVaVn644iJtr8/yVOxSvWVtVJtc+vS0srsYnmxvDo9PXV55srM+zOTpYWlSjn72zbGdz/2i8cHtf9sh/jjh7T/3S7b/78Hdx5+qJUstIt/4Z028X/9k2yNZ+Pnst++T2bpxvKJnfR2K73Xmz/77ZsHtX++Q/sP+/9f6LL9F7/y7T91uSoAcAxqm1vLs5VKef3UJhq99BNQDYkTmPhWTz8wTdO0sU+9xOckcRK+lmai30cmAACg156c9Pe7JgAAAAAAAAAAAAAAAAAAADC4juDhYbG/ZH/M7d1U0otHaAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MT/AwAA///ef9kE")

2.643652965s ago: executing program 4 (id=3178):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000004c0), 0x10)
recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}, 0x1000}, {{0x0, 0x0, 0x0}, 0xffffffff}], 0x2, 0x600100a2, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x4, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x0)

2.481609287s ago: executing program 6 (id=3180):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x1, 0x23, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
request_key(&(0x7f0000000040)='asymmetric\x00', 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='thermal_power_devfreq_get_power\x00', r3}, 0x18)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x8, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
ioctl$EVIOCGBITSW(r4, 0x40095505, 0x0)

2.450667729s ago: executing program 4 (id=3181):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x48, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'team0\x00'}]}]}]}], {0x14, 0x10}}, 0xd0}}, 0x800)
bind$can_raw(r0, &(0x7f00000004c0), 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r3, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1=0xe0000064}, 0x10, 0x0, 0x0, &(0x7f0000000900)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @empty}}}], 0x20}}], 0x1, 0x4000804)
recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}, 0x1000}, {{0x0, 0x0, 0x0}, 0xffffffff}], 0x2, 0x600100a2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x4c, 0x232, 0x0, 0x0, 0x388, 0x2e8, 0x2e8, 0x388, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [], [], 'veth1_to_bond\x00', 'ip6gre0\x00', {}, {}, 0x6, 0x0, 0x3}, 0x0, 0x230, 0x258, 0x0, {}, [@common=@unspec=@cluster={{0x30}}, @common=@inet=@policy={{0x158}, {[{@ipv4=@dev, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@ipv4, [], @ipv4=@broadcast}, {@ipv4=@multicast2, [], @ipv4=@dev, [0xffffffff]}, {@ipv6=@loopback, [], @ipv6=@private2}], 0x1}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0xf8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
futex(&(0x7f0000004000), 0x5, 0x0, 0x0, 0x0, 0xb0024000)
socketpair(0x8, 0x4, 0xf8, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
ioctl$SIOCGSTAMPNS(r5, 0x8907, &(0x7f0000000040))
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x4, 0xfffffffffffffe49)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x0)

2.376966774s ago: executing program 2 (id=3186):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
accept(r0, 0x0, 0x0)

2.30550501s ago: executing program 2 (id=3187):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)

1.694272115s ago: executing program 5 (id=3189):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_USE_CARRIER={0x5}, @IFLA_BOND_RESEND_IGMP={0x8}]}}}]}, 0x44}}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0, 0x6})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008000000b70400008f2000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_user(r7, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t root'], 0x27)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x0)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1050f0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2904, 0x2, 0x804, 0x364798437b528e0e, 0x0, 0xfffffffe, 0xffff, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x1)

1.529380517s ago: executing program 4 (id=3193):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000840)={{r0}, &(0x7f0000000580), &(0x7f0000000880)}, 0x20)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000001c0)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

1.510791698s ago: executing program 3 (id=3195):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x2, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x18)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)

1.483026641s ago: executing program 3 (id=3196):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d85"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) (async)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0) (async)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) (async)
close_range(r1, r2, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
r4 = socket$netlink(0x10, 0x3, 0x10) (async)
r5 = io_uring_setup(0x7975, &(0x7f00000002c0)={0x0, 0x67d, 0x40, 0x1, 0x1c7})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r5, 0xb, &(0x7f00000004c0)=[@ioring_restriction_sqe_flags_allowed={0x2, 0xf}], 0x1) (async)
pipe(&(0x7f0000000000)={<r6=>0xffffffffffffffff})
vmsplice(r6, 0x0, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r6) (async, rerun: 32)
bind$netlink(r4, 0x0, 0x0) (async, rerun: 32)
setsockopt$sock_int(r4, 0x1, 0x8, 0x0, 0x0) (async)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) (async)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") (async)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r7, 0x0, 0x0, 0x1001f0)
lseek(r7, 0x0, 0x4) (async)
io_setup(0x8, &(0x7f00000002c0)=<r8=>0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000b00), 0x4) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r9, 0x0) (async, rerun: 64)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000fdef1f00810000004000000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={r10, &(0x7f0000001600), 0x0}, 0x20) (async, rerun: 32)
r11 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0) (rerun: 32)
io_submit(r8, 0x1, &(0x7f0000000140)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r11, 0x0, 0x0, 0x0, 0x0, 0x0, r11}])

1.447959513s ago: executing program 2 (id=3197):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = add_key$user(&(0x7f0000000000), &(0x7f00000002c0)={'syz', 0x2}, &(0x7f0000000300)="eac44f26606006acbfd0d91cdc2e7533b42fc368d93af2227814eb66ab95cb315b350367e95f1301111b8632d7e1c760d0b1338ba05b7685249213ad3a5835bf4303584086e54d1a0d8bc945acfa15ffc3", 0x51, 0xfffffffffffffff9)
keyctl$setperm(0x5, r1, 0x8000000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSW2(r3, 0x5453, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket(0xa, 0x3, 0x3a)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0xfffffffd)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup3(r4, r5, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24532a0856225ab8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000001380)=0x40)

1.390375328s ago: executing program 3 (id=3198):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000380)={0x1})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x0, 0x0, 0x103ff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x7, &(0x7f0000000000))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x7, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x28031, 0xffffffffffffffff, 0x8000)

1.389805168s ago: executing program 6 (id=3199):
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x82011, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a31000000007c000000060a010400000000000000000100000008000b400000000054000480200001800e000100636f6e6e6c696d69740000000c00028008000140000000003000018008000100636d70002400028008000240000000001000038009000100efbb17b79900000008000140000000000900010073797a30"], 0xf0}}, 0x0)

1.378140058s ago: executing program 4 (id=3200):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
bpf$MAP_CREATE(0x0, &(0x7f0000004080)=@base={0x2, 0x4, 0x4, 0xbf22, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'vcan0\x00'})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a31000000007c000000060a010400000000000000000100000008000b400000000054000480200001800e000100636f6e6e6c696d69740000000c00028008000140000000003000018008000100636d70002400028008000240000000001000038009000100efbb17b79900000008000140000000000900010073797a30"], 0xf0}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081c, &(0x7f0000000000)={[{@grpquota}, {@max_batch_time}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")

1.291591655s ago: executing program 5 (id=3201):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0900000004000000010000000b0000", @ANYRES32, @ANYBLOB="00000010000000000000002377000000000000003b0b8950fd6a456c5e33d86b9adef90eb49d8b352b9f62e59a0d365067", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001800), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001840)={&(0x7f00000019c0)={0x20, r2, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x85}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="f0e1969ee2ebaa6da64a64fc2398a8907643944485a90998489d335533e14abc1b4408c494b247fe447ad4dc141584"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x41, &(0x7f0000000300)={[{@bsdgroups}, {@nodiscard}, {@noinit_itable}, {@grpjquota}, {@grpjquota}, {@orlov}, {@discard}, {@grpid}, {@barrier}]}, 0x64, 0x510, &(0x7f0000000f80)="$eJzs3UFvG1kdAPD/OHZJ2nSTBQ6wEssuuyitoHayYduIQykSglMloNxLSJwoihNHsdM2UQWp+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIWjhwAE6yPYkTVM7cVsnTuPfT5rMe29m/H/P0YznzTzNBDCw3oqIaxHxOE3TixExlpXnsim2W1NjvUcP7841piTS9MY/kkiysp3PSrJNzmWbDUfEV78U8Y3k2bi1za3l2UqlvJ7lS/WVtVJtc+vS0srsYnmxvDo9PXV55srM+zOTPWnn+Yi4+oW/fP87P/3i1V9++vYfb/7twjcb1RrNlu9tx3PKH7Sw1fRC87vYu8H6CwY7ifLNFmZG2q0x9EzJvSOuEwAA7TVO2D8YEZ+IiIsxFkMHn84CAAAAr6D0c6Px3yQibe9Mh3IAAADgFZJrjoFNcsVsLMBo5HLFYmsM74fjbK5SrdU/tVDdWJ1vjZUdj0JuYalSnszGCo9HIWnkp5rpJ/n39uWnI+L1iPje2EgzX5yrVub7ffEDAAAABsS5ff3/f4+1+v8AAADAKTPe7woAAAAAR07/HwAAAE4//X8AAAA41b58/XpjSnfefz1/a3NjuXrr0ny5tlxc2ZgrzlXX14qL1epi85l9K4d9XqVaXftMrG7cKdXLtXqptrl1c6W6sVq/ufTUK7ABAACAY/T6x+//PomI7c+ONKeGM91t2uVqwEmV300l2bzNbv2H11rzPx9TpYBjMdTvCgB9k+93BYC+KfS7AkDfJYcs7zh45zfZ/O3e1gcAAOi9iY++6P3/7dwRVw04YnZiGFzu/8Pgat7/73Ykr5MFOFUKzgBg4L30/f9DpelzVQgAAOi50eaU5IrZ5b3RyOWKxYjzzdcCFJKFpUp5MiJei4jfjRU+0MhPNbdMDu0zAAAAAAAAAAAAAAAAAAAAAAAAAAAtaZpECgAAAJxqEbm/Jr9qPct/Yuzd0f3XB84k/xmL7BWht3904wd3Zuv19alG+T93y+s/zMrf68cVDAAAABgIz/UC/51++k4/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB65O3hiHj08O7cznScwf/++YgYbxc/H8PN+XAUIuLsv5LI79kuiYihHsQfafz5SLv4SaNauyHbxR/pQfztewfGj/HsW2gX/1wP4sMgu984/lxrt//l4q3mvP3+l494Kv+iOh//Yvf4N9Rh/z/fZYw3Hvy81DH+vYg38u2PPzvxkw7x3+ky/te/trXVaVn644iJtr8/yVOxSvWVtVJtc+vS0srsYnmxvDo9PXV55srM+zOTpYWlSjn72zbGdz/2i8cHtf9sh/jjh7T/3S7b/78Hdx5+qJUstIt/4Z028X/9k2yNZ+Pnst++T2bpxvKJnfR2K73Xmz/77ZsHtX++Q/sP+/9f6LL9F7/y7T91uSoAcAxqm1vLs5VKef3UJhq99BNQDYkTmPhWTz8wTdO0sU+9xOckcRK+lmai30cmAACg156c9Pe7JgAAAAAAAAAAAAAAAAAAADC4juDhYbG/ZH/M7d1U0otHaAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MT/AwAA///ef9kE")

1.059360361s ago: executing program 5 (id=3202):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0x2}, 'port0\x00', 0x72, 0x11cfa, 0x100, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810dc})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000000c0)={0x800000, 0x0, 0x0, 0x0, 0x0, 0x55a})
close_range(r1, 0xffffffffffffffff, 0x0)

918.462652ms ago: executing program 5 (id=3203):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
accept(r0, 0x0, 0x0)

841.531658ms ago: executing program 5 (id=3204):
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000180)=0x40000000, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20)
faccessat2(0xffffffffffffffff, &(0x7f0000001400)='\x00', 0x0, 0x1100)
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)

451.248827ms ago: executing program 2 (id=3205):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
ioprio_get$pid(0x2, 0x0)

423.535709ms ago: executing program 3 (id=3206):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x2, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x18)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)

408.38156ms ago: executing program 2 (id=3207):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @typedef={0x3}, @ptr={0x0, 0x0, 0x0, 0x2, 0x4}, @volatile={0x0, 0x0, 0x0, 0xa, 0x2}]}, {0x0, [0x0, 0x0, 0x61, 0x5f]}}, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

391.783181ms ago: executing program 2 (id=3208):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = add_key$user(&(0x7f0000000000), &(0x7f00000002c0)={'syz', 0x2}, &(0x7f0000000300)="eac44f26606006acbfd0d91cdc2e7533b42fc368d93af2227814eb66ab95cb315b350367e95f1301111b8632d7e1c760d0b1338ba05b7685249213ad3a5835bf4303584086e54d1a0d8bc945acfa15ffc3", 0x51, 0xfffffffffffffff9)
keyctl$setperm(0x5, r1, 0x8000000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSW2(r3, 0x5453, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket(0xa, 0x3, 0x3a)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0xfffffffd)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r4, r5, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24532a0856225ab8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

344.621675ms ago: executing program 3 (id=3209):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', 0x0, 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)

343.996044ms ago: executing program 3 (id=3210):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x1, 0x23, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
request_key(&(0x7f0000000040)='asymmetric\x00', 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='thermal_power_devfreq_get_power\x00', r3}, 0x18)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x8, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
ioctl$EVIOCGBITSW(r4, 0x40095505, 0x0)

0s ago: executing program 5 (id=3211):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f00000003c0)=[{0x3, 0x26, 0x9, 0x8}, {0x101, 0x8, 0x7f, 0x69}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=0x0, @ANYRES32=r2, @ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x82000, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000004280)=ANY=[@ANYRES32=0x0, @ANYRES16=0x0, @ANYRESDEC=r2, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES16=r4], 0x1, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000040), 0x208e24b)
ioctl$SIOCX25CALLACCPTAPPRV(r5, 0x89e8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
fdatasync(r5)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)
socket(0x10, 0x3, 0x0)
r7 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0xc, 0x0, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
unshare(0x0)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3, 0x0, 0x0, 0x4)
ioctl$MON_IOCQ_URB_LEN(0xffffffffffffffff, 0x9201)
ioctl$SG_IO(r8, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x4, @scatter={0x1, 0xcc, &(0x7f00000000c0)=[{&(0x7f0000000800)=""/215, 0xffffffde}]}, &(0x7f0000000040)="0000501ef663", 0x0, 0x4, 0x10030, 0x0, 0x0})

kernel console output (not intermixed with test programs):

p=0x7fa746e7cde9 code=0x7ffc0000
[  217.965280][T11282] EXT4-fs (loop2): orphan cleanup on readonly fs
[  217.992706][   T29] audit: type=1326 audit(1739295783.823:12243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11285 comm="syz.5.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  218.015239][T11282] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  218.016314][   T29] audit: type=1326 audit(1739295783.823:12244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11285 comm="syz.5.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  218.031158][T11282] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  218.050217][   T29] audit: type=1326 audit(1739295783.823:12245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11285 comm="syz.5.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  218.088653][   T29] audit: type=1326 audit(1739295783.823:12246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11285 comm="syz.5.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  218.111827][T11282] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  218.112208][   T29] audit: type=1326 audit(1739295783.823:12247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11285 comm="syz.5.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  218.129881][T11282] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2710: bg 0: block 40: padding at end of block bitmap is not set
[  218.142524][   T29] audit: type=1326 audit(1739295783.823:12248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11285 comm="syz.5.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  218.180356][   T29] audit: type=1326 audit(1739295783.823:12249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11285 comm="syz.5.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  218.184836][T11282] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  218.203936][   T29] audit: type=1326 audit(1739295783.823:12250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11285 comm="syz.5.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  218.241425][T11282] EXT4-fs (loop2): 1 truncate cleaned up
[  218.247536][T11282] EXT4-fs mount: 30 callbacks suppressed
[  218.247554][T11282] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  218.301086][T11282] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #16: comm syz.2.2710: corrupted xattr block 31: invalid header
[  218.317364][T11282] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[  218.359661][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.369869][T11295] loop3: detected capacity change from 0 to 128
[  218.510893][T11306] loop5: detected capacity change from 0 to 256
[  218.562292][T11199] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  218.595836][T11199] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  218.617144][T11199] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  218.628995][T11199] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  218.670989][T11199] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.683806][T11199] 8021q: adding VLAN 0 to HW filter on device team0
[  218.693371][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.700463][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  218.722702][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.729895][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  218.730317][T11313] FAULT_INJECTION: forcing a failure.
[  218.730317][T11313] name failslab, interval 1, probability 0, space 0, times 0
[  218.749840][T11313] CPU: 1 UID: 0 PID: 11313 Comm: syz.2.2723 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  218.749867][T11313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  218.749882][T11313] Call Trace:
[  218.749888][T11313]  <TASK>
[  218.749895][T11313]  dump_stack_lvl+0xf2/0x150
[  218.749928][T11313]  dump_stack+0x15/0x1a
[  218.749953][T11313]  should_fail_ex+0x24a/0x260
[  218.750056][T11313]  should_failslab+0x8f/0xb0
[  218.750160][T11313]  kmem_cache_alloc_node_noprof+0x59/0x320
[  218.750273][T11313]  ? __alloc_skb+0x10b/0x310
[  218.750305][T11313]  __alloc_skb+0x10b/0x310
[  218.750334][T11313]  netlink_alloc_large_skb+0xad/0xe0
[  218.750420][T11313]  netlink_sendmsg+0x3b4/0x6e0
[  218.750488][T11313]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.750565][T11313]  __sock_sendmsg+0x140/0x180
[  218.750657][T11313]  ____sys_sendmsg+0x312/0x410
[  218.750690][T11313]  __sys_sendmsg+0x19d/0x230
[  218.750774][T11313]  __x64_sys_sendmsg+0x46/0x50
[  218.750808][T11313]  x64_sys_call+0x2734/0x2dc0
[  218.750870][T11313]  do_syscall_64+0xc9/0x1c0
[  218.750912][T11313]  ? clear_bhb_loop+0x55/0xb0
[  218.750952][T11313]  ? clear_bhb_loop+0x55/0xb0
[  218.750985][T11313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.751075][T11313] RIP: 0033:0x7f803662cde9
[  218.751088][T11313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.751105][T11313] RSP: 002b:00007f8034c91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.751123][T11313] RAX: ffffffffffffffda RBX: 00007f8036845fa0 RCX: 00007f803662cde9
[  218.751136][T11313] RDX: 0000000000000080 RSI: 0000400000000480 RDI: 0000000000000003
[  218.751221][T11313] RBP: 00007f8034c91090 R08: 0000000000000000 R09: 0000000000000000
[  218.751235][T11313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.751248][T11313] R13: 0000000000000000 R14: 00007f8036845fa0 R15: 00007ffd05e61e78
[  218.751340][T11313]  </TASK>
[  218.956625][T11199] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  218.967060][T11199] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  218.974457][T11315] loop2: detected capacity change from 0 to 1024
[  219.034327][T11315] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.035084][T11199] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.049404][T11323] loop6: detected capacity change from 0 to 512
[  219.079025][T11323] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  219.087312][T11323] EXT4-fs (loop6): orphan cleanup on readonly fs
[  219.093909][T11323] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  219.096548][T11315] netlink: 'syz.2.2724': attribute type 10 has an invalid length.
[  219.117390][T11315] bridge0: port 3(vlan2) entered blocking state
[  219.118151][T11323] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  219.123705][T11315] bridge0: port 3(vlan2) entered forwarding state
[  219.132608][T11323] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2725: bg 0: block 40: padding at end of block bitmap is not set
[  219.136931][T11315] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.158220][T11315] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.165599][T11315] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.172856][T11315] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.181465][T11323] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  219.190643][T11315] bridge0: port 3(vlan2) entered disabled state
[  219.190782][T11323] EXT4-fs (loop6): 1 truncate cleaned up
[  219.196984][T11315] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.203397][T11323] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  219.209843][T11315] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.236597][T11323] EXT4-fs error (device loop6): ext4_xattr_block_get:596: inode #16: comm syz.6.2725: corrupted xattr block 31: invalid header
[  219.240489][T11315] SELinux: syz.2.2724 (11315) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  219.268875][T11323] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=16
[  219.308671][ T8220] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.334294][T11345] loop6: detected capacity change from 0 to 128
[  219.354868][T11348] loop3: detected capacity change from 0 to 512
[  219.370208][T11348] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  219.407562][T11199] veth0_vlan: entered promiscuous mode
[  219.426547][T11199] veth1_vlan: entered promiscuous mode
[  219.457427][T11199] veth0_macvtap: entered promiscuous mode
[  219.466113][T11199] veth1_macvtap: entered promiscuous mode
[  219.486949][T11348] EXT4-fs (loop3): orphan cleanup on readonly fs
[  219.487414][T11199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.503832][T11199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.509344][T11348] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2729: Failed to acquire dquot type 1
[  219.513783][T11199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.529358][T11348] EXT4-fs (loop3): 1 truncate cleaned up
[  219.535461][T11199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.542063][T11348] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  219.550844][T11199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.573940][T11199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.583842][T11199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.594335][T11199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.608887][T11199] batman_adv: batadv0: Interface activated: batadv_slave_0
[  219.616458][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.629566][T11199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.640457][T11199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.650367][T11199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.660836][T11199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.670848][T11199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.681403][T11199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.691417][T11199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.702301][T11199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.759964][T11199] batman_adv: batadv0: Interface activated: batadv_slave_1
[  219.769005][T11361] lo speed is unknown, defaulting to 1000
[  219.776892][T11199] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.785907][T11199] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.794659][T11199] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.803532][T11199] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.812598][T11366] loop6: detected capacity change from 0 to 512
[  219.854864][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.868925][T11366] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  219.890680][T11366] EXT4-fs (loop6): orphan cleanup on readonly fs
[  219.901120][T11366] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  219.920125][T11366] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  219.937368][T11379] __nla_validate_parse: 5 callbacks suppressed
[  219.937384][T11379] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2737'.
[  219.954115][T11381] loop4: detected capacity change from 0 to 128
[  219.960675][T11366] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2736: bg 0: block 40: padding at end of block bitmap is not set
[  219.981649][T11366] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  220.001900][T11366] EXT4-fs (loop6): 1 truncate cleaned up
[  220.021948][T11366] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  220.040363][T11366] EXT4-fs error (device loop6): ext4_xattr_block_get:596: inode #16: comm syz.6.2736: corrupted xattr block 31: invalid header
[  220.054668][T11366] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=16
[  220.097276][T11389] loop5: detected capacity change from 0 to 8192
[  220.108995][ T8220] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.171738][T11393] loop6: detected capacity change from 0 to 512
[  220.179846][T11393] EXT4-fs: Ignoring removed orlov option
[  220.187972][T11393] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.223083][T11393] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  220.231949][T11393] EXT4-fs (loop6): orphan cleanup on readonly fs
[  220.239253][T11393] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2745: bg 0: block 248: padding at end of block bitmap is not set
[  220.254956][T11393] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2745: Failed to acquire dquot type 1
[  220.270033][T11393] EXT4-fs (loop6): 1 truncate cleaned up
[  220.282940][T11393] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  220.323766][ T8220] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.397483][T11400] loop6: detected capacity change from 0 to 512
[  220.408093][T11400] EXT4-fs: quotafile must be on filesystem root
[  220.438943][T11401] loop4: detected capacity change from 0 to 512
[  220.468421][T11401] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.482424][T11401] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  220.903217][T11406] loop3: detected capacity change from 0 to 1024
[  220.996921][T11406] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.074651][T11406] netlink: 'syz.3.2747': attribute type 10 has an invalid length.
[  221.087991][T11417] loop5: detected capacity change from 0 to 512
[  221.094952][T11406] bridge0: port 3(vlan2) entered blocking state
[  221.101334][T11406] bridge0: port 3(vlan2) entered forwarding state
[  221.108020][T11406] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.115225][T11406] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.122539][T11406] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.129645][T11406] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.156173][T11406] bridge0: port 3(vlan2) entered disabled state
[  221.162565][T11406] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.162858][T11417] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  221.169728][T11406] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.195462][T11417] EXT4-fs (loop5): orphan cleanup on readonly fs
[  221.224475][T11417] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  221.251317][T11406] SELinux: syz.3.2747 (11406) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  221.271060][T11417] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  221.286921][T11417] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2750: bg 0: block 40: padding at end of block bitmap is not set
[  221.304101][T11417] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  221.317402][T11417] EXT4-fs (loop5): 1 truncate cleaned up
[  221.329074][T11417] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  221.346808][T11417] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.2750: corrupted xattr block 31: invalid header
[  221.363159][T11417] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  221.429040][ T3715] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.531916][T11439] loop5: detected capacity change from 0 to 1024
[  221.578232][T11439] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.657725][T11446] loop6: detected capacity change from 0 to 512
[  221.666838][T11446] EXT4-fs (loop6): orphan cleanup on readonly fs
[  221.674669][T11446] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2759: bg 0: block 248: padding at end of block bitmap is not set
[  221.690091][T11448] SELinux: syz.5.2758 (11448) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  221.707866][T11446] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2759: Failed to acquire dquot type 1
[  221.721100][T11446] EXT4-fs (loop6): 1 truncate cleaned up
[  221.728191][T11446] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  221.745078][T11446] EXT4-fs error (device loop6): ext4_lookup:1817: inode #2: comm syz.6.2759: deleted inode referenced: 12
[  221.771022][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.794237][T11452] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.811794][T11454] loop3: detected capacity change from 0 to 512
[  221.812993][T11452] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.819618][T11446] EXT4-fs error (device loop6): ext4_lookup:1817: inode #2: comm syz.6.2759: deleted inode referenced: 12
[  221.839509][T11454] EXT4-fs: Ignoring removed orlov option
[  221.855927][T11454] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  221.868052][ T8220] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.885239][T11454] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  221.893383][T11454] EXT4-fs (loop3): orphan cleanup on readonly fs
[  221.901660][T11454] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2761: bg 0: block 248: padding at end of block bitmap is not set
[  221.921009][ T3715] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.936399][T11454] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2761: Failed to acquire dquot type 1
[  221.972027][T11454] EXT4-fs (loop3): 1 truncate cleaned up
[  221.992738][T11454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  222.039114][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.094034][T11465] loop6: detected capacity change from 0 to 256
[  222.101964][T11465] FAT-fs (loop6): bogus sectors per cluster 223
[  222.108467][T11465] FAT-fs (loop6): Can't find a valid FAT filesystem
[  222.428710][T11492] loop2: detected capacity change from 0 to 512
[  222.436770][T11492] EXT4-fs (loop2): orphan cleanup on readonly fs
[  222.443738][T11492] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2774: bg 0: block 248: padding at end of block bitmap is not set
[  222.459402][T11492] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.2774: Failed to acquire dquot type 1
[  222.476556][T11492] EXT4-fs (loop2): 1 truncate cleaned up
[  222.484440][T11492] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  222.499680][T11496] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2776'.
[  222.526993][T11492] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.2774: deleted inode referenced: 12
[  222.540590][T11492] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.2774: deleted inode referenced: 12
[  222.599628][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.611512][T11199] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.627160][T11502] loop2: detected capacity change from 0 to 512
[  222.656340][T11502] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.676146][T11502] ext4 filesystem being mounted at /572/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  222.704118][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.765652][T11522] loop2: detected capacity change from 0 to 512
[  222.772301][T11522] EXT4-fs: Ignoring removed orlov option
[  222.779338][T11522] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  222.799815][T11522] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  222.807954][T11522] EXT4-fs (loop2): orphan cleanup on readonly fs
[  222.810225][T11525] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2788'.
[  222.837628][T11522] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2787: bg 0: block 248: padding at end of block bitmap is not set
[  222.876122][T11522] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.2787: Failed to acquire dquot type 1
[  222.897296][T11530] loop6: detected capacity change from 0 to 512
[  222.906033][T11522] EXT4-fs (loop2): 1 truncate cleaned up
[  222.912506][T11522] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  222.937358][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.994849][T11530] EXT4-fs (loop6): orphan cleanup on readonly fs
[  223.005063][T11530] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2790: bg 0: block 248: padding at end of block bitmap is not set
[  223.021333][T11530] __quota_error: 366 callbacks suppressed
[  223.021410][T11530] Quota error (device loop6): write_blk: dquota write failed
[  223.034567][T11530] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  223.044610][T11530] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2790: Failed to acquire dquot type 1
[  223.075328][T11530] EXT4-fs (loop6): 1 truncate cleaned up
[  223.092874][T11530] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  223.105952][   T29] audit: type=1326 audit(1739295788.920:12602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11540 comm="syz.2.2792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803662cde9 code=0x7ffc0000
[  223.129661][   T29] audit: type=1326 audit(1739295788.920:12603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11540 comm="syz.2.2792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f803662cde9 code=0x7ffc0000
[  223.153293][   T29] audit: type=1326 audit(1739295788.920:12604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11540 comm="syz.2.2792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803662cde9 code=0x7ffc0000
[  223.176972][   T29] audit: type=1326 audit(1739295788.920:12605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11540 comm="syz.2.2792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f803662cde9 code=0x7ffc0000
[  223.184502][T11530] EXT4-fs error (device loop6): ext4_lookup:1817: inode #2: comm syz.6.2790: deleted inode referenced: 12
[  223.200622][   T29] audit: type=1326 audit(1739295788.920:12606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11540 comm="syz.2.2792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803662cde9 code=0x7ffc0000
[  223.200657][   T29] audit: type=1326 audit(1739295788.920:12607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11540 comm="syz.2.2792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f803662cde9 code=0x7ffc0000
[  223.259677][   T29] audit: type=1326 audit(1739295788.920:12608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11540 comm="syz.2.2792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803662cde9 code=0x7ffc0000
[  223.261450][T11530] EXT4-fs error (device loop6): ext4_lookup:1817: inode #2: comm syz.6.2790: deleted inode referenced: 12
[  223.283357][   T29] audit: type=1326 audit(1739295788.920:12609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11540 comm="syz.2.2792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f803662cde9 code=0x7ffc0000
[  223.338617][T11547] loop3: detected capacity change from 0 to 512
[  223.370158][ T8220] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.386087][T11547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.400298][T11547] ext4 filesystem being mounted at /464/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  223.419108][T11564] loop2: detected capacity change from 0 to 512
[  223.428590][T11564] EXT4-fs: Ignoring removed orlov option
[  223.434397][T11557] loop4: detected capacity change from 0 to 8192
[  223.442365][T11564] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  223.452681][T11564] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  223.453654][T11569] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2804'.
[  223.462016][T11564] EXT4-fs (loop2): orphan cleanup on readonly fs
[  223.477660][T11564] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2803: bg 0: block 248: padding at end of block bitmap is not set
[  223.502360][T11564] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.2803: Failed to acquire dquot type 1
[  223.531552][T11564] EXT4-fs (loop2): 1 truncate cleaned up
[  223.575643][T11564] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  223.673136][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.763568][T11587] loop2: detected capacity change from 0 to 8192
[  223.814691][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.870755][T11593] loop3: detected capacity change from 0 to 512
[  223.892409][T11593] EXT4-fs (loop3): orphan cleanup on readonly fs
[  223.905977][T11593] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2813: bg 0: block 248: padding at end of block bitmap is not set
[  223.922138][T11593] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2813: Failed to acquire dquot type 1
[  223.934720][T11593] EXT4-fs (loop3): 1 truncate cleaned up
[  223.941149][T11593] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  223.958291][T11593] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz.3.2813: deleted inode referenced: 12
[  223.970403][T11593] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz.3.2813: deleted inode referenced: 12
[  223.997403][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.044574][T11600] tmpfs: Bad value for 'mpol'
[  224.153847][T11604] loop3: detected capacity change from 0 to 128
[  224.219982][T11607] loop2: detected capacity change from 0 to 512
[  224.229473][T11604] syz.3.2819: attempt to access beyond end of device
[  224.229473][T11604] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  224.247206][T11607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.314186][T11607] ext4 filesystem being mounted at /580/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  224.545721][T11622] loop6: detected capacity change from 0 to 128
[  224.632238][ T2172] kworker/u8:6: attempt to access beyond end of device
[  224.632238][ T2172] loop6: rw=1, sector=145, nr_sectors = 896 limit=128
[  224.939547][T11632] random: crng reseeded on system resumption
[  225.032504][T11627] loop6: detected capacity change from 0 to 128
[  225.129275][T11627] syz.6.2826: attempt to access beyond end of device
[  225.129275][T11627] loop6: rw=2049, sector=145, nr_sectors = 896 limit=128
[  225.190545][T11639] loop4: detected capacity change from 0 to 128
[  225.260184][T11641] loop5: detected capacity change from 0 to 8192
[  225.306056][T11647] netlink: 112 bytes leftover after parsing attributes in process `syz.6.2833'.
[  225.315462][T11647] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2833'.
[  225.423576][T11655] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2837'.
[  225.504677][T11651] loop6: detected capacity change from 0 to 128
[  225.608228][T11660] FAULT_INJECTION: forcing a failure.
[  225.608228][T11660] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.621346][T11660] CPU: 0 UID: 0 PID: 11660 Comm: syz.3.2838 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  225.621454][T11660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  225.621466][T11660] Call Trace:
[  225.621473][T11660]  <TASK>
[  225.621481][T11660]  dump_stack_lvl+0xf2/0x150
[  225.621514][T11660]  dump_stack+0x15/0x1a
[  225.621541][T11660]  should_fail_ex+0x24a/0x260
[  225.621606][T11660]  should_fail+0xb/0x10
[  225.621642][T11660]  should_fail_usercopy+0x1a/0x20
[  225.621690][T11660]  _copy_from_user+0x1c/0xa0
[  225.621719][T11660]  copy_msghdr_from_user+0x54/0x2a0
[  225.621745][T11660]  ? __fget_files+0x17c/0x1c0
[  225.621784][T11660]  __sys_sendmsg+0x13e/0x230
[  225.621860][T11660]  __x64_sys_sendmsg+0x46/0x50
[  225.621897][T11660]  x64_sys_call+0x2734/0x2dc0
[  225.621997][T11660]  do_syscall_64+0xc9/0x1c0
[  225.622022][T11660]  ? clear_bhb_loop+0x55/0xb0
[  225.622053][T11660]  ? clear_bhb_loop+0x55/0xb0
[  225.622097][T11660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.622130][T11660] RIP: 0033:0x7fe451b3cde9
[  225.622146][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.622163][T11660] RSP: 002b:00007fe4501a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.622181][T11660] RAX: ffffffffffffffda RBX: 00007fe451d55fa0 RCX: 00007fe451b3cde9
[  225.622193][T11660] RDX: 0000000000000000 RSI: 00004000000001c0 RDI: 0000000000000005
[  225.622204][T11660] RBP: 00007fe4501a1090 R08: 0000000000000000 R09: 0000000000000000
[  225.622234][T11660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.622270][T11660] R13: 0000000000000000 R14: 00007fe451d55fa0 R15: 00007ffda8eea3b8
[  225.622292][T11660]  </TASK>
[  225.816746][T11661] loop4: detected capacity change from 0 to 512
[  225.845950][   T40] kworker/u8:2: attempt to access beyond end of device
[  225.845950][   T40] loop6: rw=1, sector=145, nr_sectors = 432 limit=128
[  225.870975][T11661] EXT4-fs (loop4): orphan cleanup on readonly fs
[  225.889308][T11661] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2839: bg 0: block 248: padding at end of block bitmap is not set
[  225.922433][T11666] loop3: detected capacity change from 0 to 256
[  225.929402][T11661] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2839: Failed to acquire dquot type 1
[  225.942374][T11666] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  225.960079][T11661] EXT4-fs (loop4): 1 truncate cleaned up
[  225.967764][T11661] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  226.007336][T11666] FAULT_INJECTION: forcing a failure.
[  226.007336][T11666] name failslab, interval 1, probability 0, space 0, times 0
[  226.020032][T11666] CPU: 1 UID: 0 PID: 11666 Comm: syz.3.2842 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  226.020062][T11666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  226.020077][T11666] Call Trace:
[  226.020085][T11666]  <TASK>
[  226.020094][T11666]  dump_stack_lvl+0xf2/0x150
[  226.020126][T11666]  dump_stack+0x15/0x1a
[  226.020204][T11666]  should_fail_ex+0x24a/0x260
[  226.020240][T11666]  should_failslab+0x8f/0xb0
[  226.020334][T11666]  kmem_cache_alloc_noprof+0x52/0x320
[  226.020367][T11666]  ? getname_flags+0x81/0x3b0
[  226.020403][T11666]  getname_flags+0x81/0x3b0
[  226.020491][T11666]  getname+0x17/0x20
[  226.020524][T11666]  do_sys_openat2+0x67/0x120
[  226.020563][T11666]  __x64_sys_open+0xe6/0x110
[  226.020599][T11666]  x64_sys_call+0x13e1/0x2dc0
[  226.020655][T11666]  do_syscall_64+0xc9/0x1c0
[  226.020683][T11666]  ? clear_bhb_loop+0x55/0xb0
[  226.020715][T11666]  ? clear_bhb_loop+0x55/0xb0
[  226.020748][T11666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.020852][T11666] RIP: 0033:0x7fe451b3cde9
[  226.020915][T11666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.020935][T11666] RSP: 002b:00007fe4501a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  226.020953][T11666] RAX: ffffffffffffffda RBX: 00007fe451d55fa0 RCX: 00007fe451b3cde9
[  226.021034][T11666] RDX: 0000000000000012 RSI: 000000000000ec40 RDI: 0000400000000140
[  226.021122][T11666] RBP: 00007fe4501a1090 R08: 0000000000000000 R09: 0000000000000000
[  226.021137][T11666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.021151][T11666] R13: 0000000000000000 R14: 00007fe451d55fa0 R15: 00007ffda8eea3b8
[  226.021172][T11666]  </TASK>
[  226.196666][T11661] EXT4-fs error (device loop4): ext4_lookup:1817: inode #2: comm syz.4.2839: deleted inode referenced: 12
[  226.244575][T11199] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.341616][T11681] loop5: detected capacity change from 0 to 512
[  226.362347][T11685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  226.376278][T11681] EXT4-fs (loop5): orphan cleanup on readonly fs
[  226.392945][T11681] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  226.410167][T11688] loop3: detected capacity change from 0 to 128
[  226.459769][T11685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.470359][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.479616][T11681] EXT4-fs (loop5): Cannot turn on quotas: error -22
[  226.488396][T11681] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #13: comm syz.5.2844: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  226.533772][T11692] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2851'.
[  226.543016][T11681] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.2844: couldn't read orphan inode 13 (err -117)
[  226.548296][T11694] loop3: detected capacity change from 0 to 512
[  226.556775][T11681] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  226.575451][T11694] EXT4-fs: Ignoring removed orlov option
[  226.584390][T11694] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  226.596103][T11681] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  226.605987][T11681] EXT4-fs warning (device loop5): read_mmp_block:115: Error -117 while reading MMP block 2
[  226.616102][T11694] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  226.624222][T11694] EXT4-fs (loop3): orphan cleanup on readonly fs
[  226.631806][T11694] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2852: bg 0: block 248: padding at end of block bitmap is not set
[  226.658640][T11694] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2852: Failed to acquire dquot type 1
[  226.671786][T11694] EXT4-fs (loop3): 1 truncate cleaned up
[  226.674111][T11700] loop2: detected capacity change from 0 to 256
[  226.685619][T11694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  226.700955][T11700] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  226.727763][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.134963][ T3715] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.232279][T11724] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2863'.
[  227.276114][T11728] loop5: detected capacity change from 0 to 128
[  227.368174][T11733] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2866'.
[  227.377204][T11733] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2866'.
[  227.386190][T11733] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2866'.
[  227.426097][T11734] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2867'.
[  227.435254][T11734] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2867'.
[  227.496448][T11739] loop6: detected capacity change from 0 to 512
[  227.515481][T11739] EXT4-fs (loop6): orphan cleanup on readonly fs
[  227.523708][T11739] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2869: bg 0: block 248: padding at end of block bitmap is not set
[  227.541678][T11739] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2869: Failed to acquire dquot type 1
[  227.557942][T11739] EXT4-fs (loop6): 1 truncate cleaned up
[  227.560884][T11746] loop5: detected capacity change from 0 to 512
[  227.570223][T11746] EXT4-fs: Ignoring removed orlov option
[  227.570629][T11739] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  227.589264][T11746] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  227.593338][T11739] EXT4-fs error (device loop6): ext4_lookup:1817: inode #2: comm syz.6.2869: deleted inode referenced: 12
[  227.599093][T11746] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  227.625049][T11746] EXT4-fs (loop5): orphan cleanup on readonly fs
[  227.631909][ T8220] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.635475][T11746] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2872: bg 0: block 248: padding at end of block bitmap is not set
[  227.658631][T11746] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.2872: Failed to acquire dquot type 1
[  227.675783][T11746] EXT4-fs (loop5): 1 truncate cleaned up
[  227.695427][T11746] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  227.756382][T11754] loop3: detected capacity change from 0 to 512
[  227.762825][T11755] loop2: detected capacity change from 0 to 1024
[  227.765050][T11754] EXT4-fs: Ignoring removed orlov option
[  227.769830][ T3715] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.783952][T11754] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  227.792482][T11757] loop6: detected capacity change from 0 to 128
[  227.811080][T11754] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  227.811403][T11761] loop5: detected capacity change from 0 to 1024
[  227.819773][T11754] EXT4-fs (loop3): orphan cleanup on readonly fs
[  227.827794][T11755] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.833189][T11754] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2875: bg 0: block 248: padding at end of block bitmap is not set
[  227.859198][T11754] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2875: Failed to acquire dquot type 1
[  227.871779][T11754] EXT4-fs (loop3): 1 truncate cleaned up
[  227.878933][T11761] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.879473][T11754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  227.946476][T11761] netlink: 'syz.5.2878': attribute type 10 has an invalid length.
[  227.967243][T11761] bridge0: port 3(vlan2) entered blocking state
[  227.973558][T11761] bridge0: port 3(vlan2) entered forwarding state
[  227.980159][T11761] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.987315][T11761] bridge0: port 2(bridge_slave_1) entered forwarding state
[  227.994630][T11761] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.001736][T11761] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.009541][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.011089][T11776] SELinux: syz.2.2876 (11776) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  228.035706][   T29] kauditd_printk_skb: 1118 callbacks suppressed
[  228.035723][   T29] audit: type=1326 audit(1739295793.870:13714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.4.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  228.065680][   T29] audit: type=1326 audit(1739295793.870:13715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.4.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  228.095431][T11761] bridge0: port 3(vlan2) entered disabled state
[  228.101925][T11761] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.109068][T11761] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.149447][   T29] audit: type=1326 audit(1739295793.980:13716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.4.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  228.150370][T11783] SELinux: syz.5.2878 (11783) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  228.173122][   T29] audit: type=1326 audit(1739295793.980:13717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.4.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  228.173160][   T29] audit: type=1326 audit(1739295793.980:13718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.4.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  228.234131][   T29] audit: type=1326 audit(1739295793.980:13719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.4.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  228.257892][   T29] audit: type=1326 audit(1739295793.980:13720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.4.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  228.281900][   T29] audit: type=1326 audit(1739295794.070:13721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.4.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  228.305603][   T29] audit: type=1326 audit(1739295794.090:13722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11786 comm="syz.6.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48538dcde9 code=0x7ffc0000
[  228.329371][   T29] audit: type=1326 audit(1739295794.090:13723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11786 comm="syz.6.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48538dcde9 code=0x7ffc0000
[  228.387371][T11785] loop4: detected capacity change from 0 to 512
[  228.399398][T11785] EXT4-fs (loop4): orphan cleanup on readonly fs
[  228.420082][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.420452][T11799] loop6: detected capacity change from 0 to 512
[  228.433020][T11785] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2883: bg 0: block 248: padding at end of block bitmap is not set
[  228.450777][T11799] EXT4-fs: Ignoring removed orlov option
[  228.457511][T11799] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  228.467987][T11785] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2883: Failed to acquire dquot type 1
[  228.485792][T11785] EXT4-fs (loop4): 1 truncate cleaned up
[  228.494460][T11799] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  228.495961][T11785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  228.502609][T11799] EXT4-fs (loop6): orphan cleanup on readonly fs
[  228.525393][T11799] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2889: bg 0: block 248: padding at end of block bitmap is not set
[  228.540545][T11801] loop3: detected capacity change from 0 to 256
[  228.541837][T11799] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2889: Failed to acquire dquot type 1
[  228.550618][T11785] EXT4-fs error (device loop4): ext4_lookup:1817: inode #2: comm syz.4.2883: deleted inode referenced: 12
[  228.572744][T11799] EXT4-fs (loop6): 1 truncate cleaned up
[  228.581674][T11799] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  228.599776][T11801] FAT-fs (loop3): Directory bread(block 64) failed
[  228.606720][T11801] FAT-fs (loop3): Directory bread(block 65) failed
[  228.613421][T11801] FAT-fs (loop3): Directory bread(block 66) failed
[  228.620409][T11801] FAT-fs (loop3): Directory bread(block 67) failed
[  228.620598][T11199] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.627155][T11801] FAT-fs (loop3): Directory bread(block 68) failed
[  228.642694][T11801] FAT-fs (loop3): Directory bread(block 69) failed
[  228.663517][T11801] FAT-fs (loop3): Directory bread(block 70) failed
[  228.670591][T11801] FAT-fs (loop3): Directory bread(block 71) failed
[  228.671164][ T3715] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.677277][T11801] FAT-fs (loop3): Directory bread(block 72) failed
[  228.692892][T11801] FAT-fs (loop3): Directory bread(block 73) failed
[  228.747019][ T8220] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.850395][T11825] loop3: detected capacity change from 0 to 512
[  228.900274][T11825] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  228.908507][T11825] EXT4-fs (loop3): orphan cleanup on readonly fs
[  228.915968][T11828] loop6: detected capacity change from 0 to 1024
[  228.922506][T11821] loop4: detected capacity change from 0 to 128
[  228.932080][T11825] EXT4-fs warning (device loop3): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  228.991867][T11828] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.030670][T11821] syz.4.2898: attempt to access beyond end of device
[  229.030670][T11821] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  229.048546][T11825] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  229.059630][T11825] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2900: bg 0: block 40: padding at end of block bitmap is not set
[  229.123143][T11825] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  229.163791][T11825] EXT4-fs (loop3): 1 truncate cleaned up
[  229.181684][T11837] loop5: detected capacity change from 0 to 128
[  229.218818][T11844] SELinux: syz.6.2901 (11844) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  229.240634][T11825] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  229.323828][T11825] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.2900: corrupted xattr block 31: invalid header
[  229.340342][T11825] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=16
[  229.389613][T11854] tipc: Started in network mode
[  229.394521][T11854] tipc: Node identity 1, cluster identity 4711
[  229.400810][T11854] tipc: Node number set to 1
[  229.410792][T11856] loop5: detected capacity change from 0 to 512
[  229.418037][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.431748][T11854] loop4: detected capacity change from 0 to 512
[  229.439108][T11854] EXT4-fs: Ignoring removed orlov option
[  229.447095][ T8220] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.451787][T11854] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  229.473367][T11859] loop3: detected capacity change from 0 to 512
[  229.482852][T11854] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  229.493912][T11856] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  229.511087][T11854] EXT4-fs (loop4): orphan cleanup on readonly fs
[  229.517918][T11859] EXT4-fs (loop3): orphan cleanup on readonly fs
[  229.524765][T11859] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2910: bg 0: block 248: padding at end of block bitmap is not set
[  229.541058][T11854] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2908: bg 0: block 248: padding at end of block bitmap is not set
[  229.569844][T11856] EXT4-fs (loop5): orphan cleanup on readonly fs
[  229.577695][T11854] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2908: Failed to acquire dquot type 1
[  229.589256][T11859] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2910: Failed to acquire dquot type 1
[  229.602154][T11854] EXT4-fs (loop4): 1 truncate cleaned up
[  229.617524][T11856] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  229.635656][T11859] EXT4-fs (loop3): 1 truncate cleaned up
[  229.645932][T11856] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  229.657632][T11859] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz.3.2910: deleted inode referenced: 12
[  229.657888][T11856] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2909: bg 0: block 40: padding at end of block bitmap is not set
[  229.693774][T11856] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  229.703296][T11856] EXT4-fs (loop5): 1 truncate cleaned up
[  229.712702][T11856] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.2909: corrupted xattr block 31: invalid header
[  229.743003][T11856] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  229.756357][T11871] loop4: detected capacity change from 0 to 512
[  229.763221][T11871] EXT4-fs: Ignoring removed orlov option
[  229.784834][T11871] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  229.797660][T11871] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  229.805840][T11871] EXT4-fs (loop4): orphan cleanup on readonly fs
[  229.813643][T11871] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2915: bg 0: block 248: padding at end of block bitmap is not set
[  229.829448][T11871] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2915: Failed to acquire dquot type 1
[  229.844452][T11871] EXT4-fs (loop4): 1 truncate cleaned up
[  229.935617][T11878] loop5: detected capacity change from 0 to 128
[  229.941987][T11887] loop4: detected capacity change from 0 to 1024
[  230.131829][T11903] SELinux: syz.4.2921 (11903) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  230.309972][T11914] loop4: detected capacity change from 0 to 512
[  230.316760][T11914] EXT4-fs: Ignoring removed orlov option
[  230.322873][T11914] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  230.389290][T11914] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  230.405491][T11914] EXT4-fs (loop4): orphan cleanup on readonly fs
[  230.429610][T11914] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2930: bg 0: block 248: padding at end of block bitmap is not set
[  230.485485][T11914] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2930: Failed to acquire dquot type 1
[  230.525680][T11914] EXT4-fs (loop4): 1 truncate cleaned up
[  230.537275][T11920] loop3: detected capacity change from 0 to 128
[  230.594217][T11929] __nla_validate_parse: 8 callbacks suppressed
[  230.594236][T11929] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2936'.
[  230.601280][T11920] syz.3.2932: attempt to access beyond end of device
[  230.601280][T11920] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  230.629220][T11924] loop6: detected capacity change from 0 to 128
[  230.701105][T11938] loop4: detected capacity change from 0 to 512
[  230.729924][T11940] loop5: detected capacity change from 0 to 1024
[  230.781924][T11947] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2943'.
[  230.839991][T11938] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  230.848338][T11938] EXT4-fs (loop4): orphan cleanup on readonly fs
[  230.854869][T11938] EXT4-fs warning (device loop4): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  230.882126][T11938] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  230.886075][T11957] SELinux: syz.5.2941 (11957) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  230.900593][T11938] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2939: bg 0: block 40: padding at end of block bitmap is not set
[  230.918304][T11938] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  230.942894][T11938] EXT4-fs (loop4): 1 truncate cleaned up
[  230.956904][T11938] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz.4.2939: corrupted xattr block 31: invalid header
[  230.966645][T11959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2945'.
[  230.988718][T11938] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  231.046787][T11962] loop5: detected capacity change from 0 to 512
[  231.053311][T11962] EXT4-fs: Ignoring removed orlov option
[  231.061309][T11962] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  231.074959][T11962] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  231.083591][T11962] EXT4-fs (loop5): orphan cleanup on readonly fs
[  231.091790][T11962] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2947: bg 0: block 248: padding at end of block bitmap is not set
[  231.109275][T11962] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.2947: Failed to acquire dquot type 1
[  231.121402][T11962] EXT4-fs (loop5): 1 truncate cleaned up
[  231.132458][T11968] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2949'.
[  231.257712][T11970] loop5: detected capacity change from 0 to 128
[  231.362285][T11992] loop5: detected capacity change from 0 to 1024
[  231.404859][T11998] loop4: detected capacity change from 0 to 512
[  231.416928][T11998] EXT4-fs: Ignoring removed orlov option
[  231.428300][T11998] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  231.438027][T11998] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  231.449481][T11998] EXT4-fs (loop4): orphan cleanup on readonly fs
[  231.457102][T11998] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2961: bg 0: block 248: padding at end of block bitmap is not set
[  231.473069][T11998] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2961: Failed to acquire dquot type 1
[  231.485967][T12002] SELinux: syz.5.2958 (12002) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  231.500708][T11998] EXT4-fs (loop4): 1 truncate cleaned up
[  231.527569][T12004] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2962'.
[  231.652665][T12012] FAULT_INJECTION: forcing a failure.
[  231.652665][T12012] name failslab, interval 1, probability 0, space 0, times 0
[  231.665513][T12012] CPU: 0 UID: 0 PID: 12012 Comm: syz.6.2965 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  231.665543][T12012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  231.665555][T12012] Call Trace:
[  231.665561][T12012]  <TASK>
[  231.665569][T12012]  dump_stack_lvl+0xf2/0x150
[  231.665655][T12012]  dump_stack+0x15/0x1a
[  231.665677][T12012]  should_fail_ex+0x24a/0x260
[  231.665742][T12012]  should_failslab+0x8f/0xb0
[  231.665774][T12012]  kmem_cache_alloc_node_noprof+0x59/0x320
[  231.665811][T12012]  ? __alloc_skb+0x10b/0x310
[  231.665836][T12012]  __alloc_skb+0x10b/0x310
[  231.665910][T12012]  netlink_alloc_large_skb+0xad/0xe0
[  231.665947][T12012]  netlink_sendmsg+0x3b4/0x6e0
[  231.665990][T12012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  231.666022][T12012]  __sock_sendmsg+0x140/0x180
[  231.666050][T12012]  sock_write_iter+0x15e/0x1a0
[  231.666087][T12012]  do_iter_readv_writev+0x403/0x4b0
[  231.666121][T12012]  vfs_writev+0x2d9/0x880
[  231.666156][T12012]  ? get_pid_task+0x8e/0xc0
[  231.666242][T12012]  ? proc_fail_nth_write+0x12a/0x150
[  231.666274][T12012]  ? putname+0xcf/0xf0
[  231.666359][T12012]  do_writev+0xf4/0x220
[  231.666454][T12012]  __x64_sys_writev+0x45/0x50
[  231.666477][T12012]  x64_sys_call+0x1fab/0x2dc0
[  231.666510][T12012]  do_syscall_64+0xc9/0x1c0
[  231.666541][T12012]  ? clear_bhb_loop+0x55/0xb0
[  231.666569][T12012]  ? clear_bhb_loop+0x55/0xb0
[  231.666601][T12012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.666671][T12012] RIP: 0033:0x7f48538dcde9
[  231.666686][T12012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.666706][T12012] RSP: 002b:00007f4851f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  231.666729][T12012] RAX: ffffffffffffffda RBX: 00007f4853af5fa0 RCX: 00007f48538dcde9
[  231.666744][T12012] RDX: 0000000000000001 RSI: 00004000000000c0 RDI: 0000000000000006
[  231.666758][T12012] RBP: 00007f4851f47090 R08: 0000000000000000 R09: 0000000000000000
[  231.666772][T12012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.666787][T12012] R13: 0000000000000000 R14: 00007f4853af5fa0 R15: 00007ffec9eafc68
[  231.666851][T12012]  </TASK>
[  231.892673][T12013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.903681][T12013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.921856][T12015] loop6: detected capacity change from 0 to 128
[  231.993222][T12020] loop4: detected capacity change from 0 to 8192
[  232.067113][T12035] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2973'.
[  232.145785][T12038] loop5: detected capacity change from 0 to 8192
[  232.206923][T12043] loop4: detected capacity change from 0 to 512
[  232.227685][T12043] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  232.238753][T12043] EXT4-fs (loop4): orphan cleanup on readonly fs
[  232.245459][T12043] EXT4-fs warning (device loop4): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  232.260734][T12043] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  232.268089][T12043] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2978: bg 0: block 40: padding at end of block bitmap is not set
[  232.282680][T12043] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  232.292426][T12043] EXT4-fs (loop4): 1 truncate cleaned up
[  232.313875][T12043] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz.4.2978: corrupted xattr block 31: invalid header
[  232.330333][T12043] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  232.394541][T12056] loop5: detected capacity change from 0 to 8192
[  232.542477][T12081] netlink: 'syz.4.2989': attribute type 7 has an invalid length.
[  232.550363][T12081] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2989'.
[  232.560678][T12081] SELinux:  Context system_u:object_r:hald_log_t:s0 is not valid (left unmapped).
[  232.643256][T12093] loop2: detected capacity change from 0 to 512
[  232.656742][T12093] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  232.665004][T12093] EXT4-fs (loop2): orphan cleanup on readonly fs
[  232.672065][T12093] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  232.687471][T12093] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  232.694696][T12093] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2996: bg 0: block 40: padding at end of block bitmap is not set
[  232.709360][T12093] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  232.720503][T12093] EXT4-fs (loop2): 1 truncate cleaned up
[  232.730036][T12093] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #16: comm syz.2.2996: corrupted xattr block 31: invalid header
[  232.745742][T12093] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[  232.786114][T12107] loop2: detected capacity change from 0 to 512
[  232.792822][T12107] EXT4-fs: Ignoring removed orlov option
[  232.799462][T12107] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  232.809148][T12107] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  232.817684][T12107] EXT4-fs (loop2): orphan cleanup on readonly fs
[  232.824610][T12107] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3001: bg 0: block 248: padding at end of block bitmap is not set
[  232.839394][T12107] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3001: Failed to acquire dquot type 1
[  232.851878][T12107] EXT4-fs (loop2): 1 truncate cleaned up
[  232.871384][T12112] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3003'.
[  232.889155][T12114] FAULT_INJECTION: forcing a failure.
[  232.889155][T12114] name failslab, interval 1, probability 0, space 0, times 0
[  232.901843][T12114] CPU: 0 UID: 0 PID: 12114 Comm: syz.2.3004 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  232.901913][T12114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  232.901928][T12114] Call Trace:
[  232.901936][T12114]  <TASK>
[  232.901945][T12114]  dump_stack_lvl+0xf2/0x150
[  232.901976][T12114]  dump_stack+0x15/0x1a
[  232.902055][T12114]  should_fail_ex+0x24a/0x260
[  232.902095][T12114]  should_failslab+0x8f/0xb0
[  232.902123][T12114]  kmem_cache_alloc_node_noprof+0x59/0x320
[  232.902168][T12114]  ? __alloc_skb+0x10b/0x310
[  232.902206][T12114]  __alloc_skb+0x10b/0x310
[  232.902237][T12114]  netlink_alloc_large_skb+0xad/0xe0
[  232.902274][T12114]  netlink_sendmsg+0x3b4/0x6e0
[  232.902406][T12114]  ? __pfx_netlink_sendmsg+0x10/0x10
[  232.902447][T12114]  __sock_sendmsg+0x140/0x180
[  232.902472][T12114]  ____sys_sendmsg+0x312/0x410
[  232.902512][T12114]  __sys_sendmsg+0x19d/0x230
[  232.902623][T12114]  __x64_sys_sendmsg+0x46/0x50
[  232.902701][T12114]  x64_sys_call+0x2734/0x2dc0
[  232.902732][T12114]  do_syscall_64+0xc9/0x1c0
[  232.902761][T12114]  ? clear_bhb_loop+0x55/0xb0
[  232.902798][T12114]  ? clear_bhb_loop+0x55/0xb0
[  232.902870][T12114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.902896][T12114] RIP: 0033:0x7f803662cde9
[  232.902911][T12114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.903007][T12114] RSP: 002b:00007f8034c91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  232.903068][T12114] RAX: ffffffffffffffda RBX: 00007f8036845fa0 RCX: 00007f803662cde9
[  232.903082][T12114] RDX: 0000000000000080 RSI: 0000400000000480 RDI: 0000000000000003
[  232.903097][T12114] RBP: 00007f8034c91090 R08: 0000000000000000 R09: 0000000000000000
[  232.903110][T12114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.903123][T12114] R13: 0000000000000000 R14: 00007f8036845fa0 R15: 00007ffd05e61e78
[  232.903217][T12114]  </TASK>
[  233.102696][   T29] kauditd_printk_skb: 794 callbacks suppressed
[  233.102712][   T29] audit: type=1326 audit(1739295798.930:14495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa746e73da7 code=0x7ffc0000
[  233.132550][   T29] audit: type=1326 audit(1739295798.930:14496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa746e18fb9 code=0x7ffc0000
[  233.156148][   T29] audit: type=1326 audit(1739295798.930:14497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  233.175931][T12116] loop3: detected capacity change from 0 to 512
[  233.180253][   T29] audit: type=1326 audit(1739295798.990:14498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa746e73da7 code=0x7ffc0000
[  233.209696][   T29] audit: type=1326 audit(1739295798.990:14499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa746e18fb9 code=0x7ffc0000
[  233.233939][T12116] EXT4-fs: Ignoring removed orlov option
[  233.240217][   T29] audit: type=1326 audit(1739295798.990:14500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  233.264028][   T29] audit: type=1326 audit(1739295798.990:14501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa746e73da7 code=0x7ffc0000
[  233.264509][T12116] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  233.287622][   T29] audit: type=1326 audit(1739295798.990:14502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa746e18fb9 code=0x7ffc0000
[  233.287658][   T29] audit: type=1326 audit(1739295798.990:14503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fa746e7cde9 code=0x7ffc0000
[  233.345117][   T29] audit: type=1326 audit(1739295799.020:14504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12073 comm="syz.5.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa746e73da7 code=0x7ffc0000
[  233.391821][T12116] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  233.405567][T12116] EXT4-fs (loop3): orphan cleanup on readonly fs
[  233.412437][T12116] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3005: bg 0: block 248: padding at end of block bitmap is not set
[  233.437529][T12116] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3005: Failed to acquire dquot type 1
[  233.450733][T12116] EXT4-fs (loop3): 1 truncate cleaned up
[  233.464258][T12130] loop5: detected capacity change from 0 to 512
[  233.502723][T12134] loop4: detected capacity change from 0 to 128
[  233.512115][T12130] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  233.528005][T12130] EXT4-fs (loop5): orphan cleanup on readonly fs
[  233.540378][T12130] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  233.565293][T12130] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  233.580218][T12130] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3011: bg 0: block 40: padding at end of block bitmap is not set
[  233.603312][T12146] FAULT_INJECTION: forcing a failure.
[  233.603312][T12146] name failslab, interval 1, probability 0, space 0, times 0
[  233.616110][T12146] CPU: 0 UID: 0 PID: 12146 Comm: syz.6.3018 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  233.616140][T12146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  233.616155][T12146] Call Trace:
[  233.616163][T12146]  <TASK>
[  233.616172][T12146]  dump_stack_lvl+0xf2/0x150
[  233.616280][T12146]  dump_stack+0x15/0x1a
[  233.616306][T12146]  should_fail_ex+0x24a/0x260
[  233.616392][T12146]  should_failslab+0x8f/0xb0
[  233.616417][T12146]  kmem_cache_alloc_node_noprof+0x59/0x320
[  233.616451][T12146]  ? __alloc_skb+0x10b/0x310
[  233.616482][T12146]  __alloc_skb+0x10b/0x310
[  233.616593][T12146]  netlink_alloc_large_skb+0xad/0xe0
[  233.616697][T12146]  netlink_sendmsg+0x3b4/0x6e0
[  233.616739][T12146]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.616780][T12146]  __sock_sendmsg+0x140/0x180
[  233.616868][T12146]  ____sys_sendmsg+0x312/0x410
[  233.616928][T12146]  __sys_sendmsg+0x19d/0x230
[  233.617008][T12146]  __x64_sys_sendmsg+0x46/0x50
[  233.617136][T12146]  x64_sys_call+0x2734/0x2dc0
[  233.617164][T12146]  do_syscall_64+0xc9/0x1c0
[  233.617201][T12146]  ? clear_bhb_loop+0x55/0xb0
[  233.617235][T12146]  ? clear_bhb_loop+0x55/0xb0
[  233.617264][T12146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.617297][T12146] RIP: 0033:0x7f48538dcde9
[  233.617315][T12146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.617346][T12146] RSP: 002b:00007f4851f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.617368][T12146] RAX: ffffffffffffffda RBX: 00007f4853af5fa0 RCX: 00007f48538dcde9
[  233.617383][T12146] RDX: 0000000000000000 RSI: 0000400000000280 RDI: 0000000000000003
[  233.617398][T12146] RBP: 00007f4851f47090 R08: 0000000000000000 R09: 0000000000000000
[  233.617413][T12146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.617460][T12146] R13: 0000000000000000 R14: 00007f4853af5fa0 R15: 00007ffec9eafc68
[  233.617522][T12146]  </TASK>
[  233.624917][T12130] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  233.657075][T12147] loop4: detected capacity change from 0 to 1024
[  233.735485][T12130] EXT4-fs (loop5): 1 truncate cleaned up
[  233.883626][T12130] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.3011: corrupted xattr block 31: invalid header
[  233.927662][T12130] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  233.969573][T12165] SELinux: syz.4.3017 (12165) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  234.042520][T12173] loop6: detected capacity change from 0 to 512
[  234.052017][T12176] loop5: detected capacity change from 0 to 512
[  234.052465][T12179] loop3: detected capacity change from 0 to 128
[  234.066148][T12173] EXT4-fs: Ignoring removed orlov option
[  234.072394][T12173] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  234.104278][T12176] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  234.113125][T12173] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  234.115063][T12176] EXT4-fs (loop5): orphan cleanup on readonly fs
[  234.127769][T12173] EXT4-fs (loop6): orphan cleanup on readonly fs
[  234.133776][T12166] lo speed is unknown, defaulting to 1000
[  234.140347][T12176] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  234.163833][T12176] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  234.170742][T12173] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3025: bg 0: block 248: padding at end of block bitmap is not set
[  234.189817][T12173] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.3025: Failed to acquire dquot type 1
[  234.210878][T12176] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3026: bg 0: block 40: padding at end of block bitmap is not set
[  234.232540][T12194] netlink: 'syz.4.3030': attribute type 4 has an invalid length.
[  234.246306][T12166] chnl_net:caif_netlink_parms(): no params data found
[  234.253471][T12173] EXT4-fs (loop6): 1 truncate cleaned up
[  234.278456][T12176] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  234.294471][T12176] EXT4-fs (loop5): 1 truncate cleaned up
[  234.303334][T12176] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.3026: corrupted xattr block 31: invalid header
[  234.327189][T12176] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  234.336000][T12204] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3034'.
[  234.388976][T12166] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.396418][T12166] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.397055][T12215] loop6: detected capacity change from 0 to 128
[  234.416392][T12166] bridge_slave_0: entered allmulticast mode
[  234.423095][T12166] bridge_slave_0: entered promiscuous mode
[  234.429911][T12166] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.437028][T12166] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.444588][T12166] bridge_slave_1: entered allmulticast mode
[  234.451250][T12166] bridge_slave_1: entered promiscuous mode
[  234.476058][T12166] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.480615][T12219] loop6: detected capacity change from 0 to 512
[  234.487094][T12166] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.512378][T12222] loop3: detected capacity change from 0 to 128
[  234.521328][T12219] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  234.527517][T12166] team0: Port device team_slave_0 added
[  234.535032][T12219] EXT4-fs (loop6): orphan cleanup on readonly fs
[  234.543932][T12166] team0: Port device team_slave_1 added
[  234.549739][T12225] loop5: detected capacity change from 0 to 512
[  234.556358][T12225] EXT4-fs: Ignoring removed orlov option
[  234.563853][T12219] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  234.580112][T12219] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  234.593212][T12166] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.600353][T12166] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.626304][T12166] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.637156][T12225] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  234.638181][T12166] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.652709][T12166] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.655662][T12219] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3038: bg 0: block 40: padding at end of block bitmap is not set
[  234.678787][T12166] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  234.709805][T12225] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  234.718066][T12225] EXT4-fs (loop5): orphan cleanup on readonly fs
[  234.724682][T12219] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  234.730300][T12227] loop3: detected capacity change from 0 to 8192
[  234.735299][T12219] EXT4-fs (loop6): 1 truncate cleaned up
[  234.742468][T12166] hsr_slave_0: entered promiscuous mode
[  234.755292][T12225] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3040: bg 0: block 248: padding at end of block bitmap is not set
[  234.770887][T12219] EXT4-fs error (device loop6): ext4_xattr_block_get:596: inode #16: comm syz.6.3038: corrupted xattr block 31: invalid header
[  234.771780][T12166] hsr_slave_1: entered promiscuous mode
[  234.789874][T12225] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3040: Failed to acquire dquot type 1
[  234.790380][T12166] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  234.801995][T12219] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=16
[  234.810478][T12166] Cannot create hsr debugfs directory
[  234.823451][T12232] loop4: detected capacity change from 0 to 1024
[  234.831790][T12225] EXT4-fs (loop5): 1 truncate cleaned up
[  234.897164][T12237] FAULT_INJECTION: forcing a failure.
[  234.897164][T12237] name failslab, interval 1, probability 0, space 0, times 0
[  234.910153][T12237] CPU: 0 UID: 0 PID: 12237 Comm: syz.6.3044 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  234.910179][T12237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  234.910192][T12237] Call Trace:
[  234.910198][T12237]  <TASK>
[  234.910205][T12237]  dump_stack_lvl+0xf2/0x150
[  234.910232][T12237]  dump_stack+0x15/0x1a
[  234.910321][T12237]  should_fail_ex+0x24a/0x260
[  234.910355][T12237]  should_failslab+0x8f/0xb0
[  234.910398][T12237]  kmem_cache_alloc_node_noprof+0x59/0x320
[  234.910448][T12237]  ? __alloc_skb+0x10b/0x310
[  234.910474][T12237]  __alloc_skb+0x10b/0x310
[  234.910498][T12237]  netlink_alloc_large_skb+0xad/0xe0
[  234.910583][T12237]  netlink_sendmsg+0x3b4/0x6e0
[  234.910664][T12237]  ? __pfx_netlink_sendmsg+0x10/0x10
[  234.910696][T12237]  __sock_sendmsg+0x140/0x180
[  234.910751][T12237]  ____sys_sendmsg+0x312/0x410
[  234.910791][T12237]  __sys_sendmsg+0x19d/0x230
[  234.910833][T12237]  __x64_sys_sendmsg+0x46/0x50
[  234.910861][T12237]  x64_sys_call+0x2734/0x2dc0
[  234.910909][T12237]  do_syscall_64+0xc9/0x1c0
[  234.910934][T12237]  ? clear_bhb_loop+0x55/0xb0
[  234.910961][T12237]  ? clear_bhb_loop+0x55/0xb0
[  234.910987][T12237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.911101][T12237] RIP: 0033:0x7f48538dcde9
[  234.911115][T12237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.911133][T12237] RSP: 002b:00007f4851f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  234.911150][T12237] RAX: ffffffffffffffda RBX: 00007f4853af5fa0 RCX: 00007f48538dcde9
[  234.911162][T12237] RDX: 0000000000000804 RSI: 0000400000000440 RDI: 0000000000000003
[  234.911237][T12237] RBP: 00007f4851f47090 R08: 0000000000000000 R09: 0000000000000000
[  234.911249][T12237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.911260][T12237] R13: 0000000000000000 R14: 00007f4853af5fa0 R15: 00007ffec9eafc68
[  234.911276][T12237]  </TASK>
[  234.913075][T12166] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.920146][T12241] loop5: detected capacity change from 0 to 512
[  235.019350][T12247] loop6: detected capacity change from 0 to 128
[  235.046512][T12241] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  235.091760][T12232] SELinux: syz.4.3043 (12232) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  235.097982][T12241] EXT4-fs (loop5): orphan cleanup on readonly fs
[  235.167815][T12241] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  235.195229][T12241] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  235.203280][T12166] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.217445][T12241] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3046: bg 0: block 40: padding at end of block bitmap is not set
[  235.236786][T12241] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  235.248908][T12241] EXT4-fs (loop5): 1 truncate cleaned up
[  235.261077][T12255] loop3: detected capacity change from 0 to 128
[  235.263985][T12241] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.3046: corrupted xattr block 31: invalid header
[  235.283686][T12166] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.316287][   T40] kworker/u8:2: attempt to access beyond end of device
[  235.316287][   T40] loop3: rw=1, sector=145, nr_sectors = 896 limit=128
[  235.331581][T12241] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  235.344185][T12265] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3053'.
[  235.359323][T12166] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.386828][T12270] loop3: detected capacity change from 0 to 512
[  235.396121][T12270] EXT4-fs: inline encryption not supported
[  235.408864][T12270] ext4 filesystem being mounted at /527/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.426112][T12270] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.3054: corrupted inode contents
[  235.450814][T12272] syzkaller0: entered promiscuous mode
[  235.456377][T12272] syzkaller0: entered allmulticast mode
[  235.456559][T12269] loop6: detected capacity change from 0 to 8192
[  235.467989][T12270] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #2: comm syz.3.3054: mark_inode_dirty error
[  235.490023][T12270] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.3054: corrupted inode contents
[  235.502560][T12166] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  235.513168][T12166] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  235.535982][T12166] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  235.553405][T12166] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  235.564655][T12270] lo speed is unknown, defaulting to 1000
[  235.625534][T12166] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.648675][T12166] 8021q: adding VLAN 0 to HW filter on device team0
[  235.668962][T12286] tmpfs: Bad value for 'size'
[  235.688659][ T9661] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.695814][ T9661] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.707305][ T9661] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.714389][ T9661] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.740933][T12166] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  235.751359][T12166] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  235.802090][T12295] loop5: detected capacity change from 0 to 512
[  235.809405][T12291] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3064'.
[  235.850032][T12298] loop4: detected capacity change from 0 to 8192
[  235.865718][T12166] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.903031][T12295] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  235.937112][T12295] EXT4-fs (loop5): orphan cleanup on readonly fs
[  235.964051][T12295] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  235.983216][T12166] veth0_vlan: entered promiscuous mode
[  235.992856][T12166] veth1_vlan: entered promiscuous mode
[  236.012194][T12295] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  236.021363][T12295] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3065: bg 0: block 40: padding at end of block bitmap is not set
[  236.066540][T12321] loop4: detected capacity change from 0 to 1024
[  236.078270][T12295] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  236.091082][T12295] EXT4-fs (loop5): 1 truncate cleaned up
[  236.113118][T12295] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.3065: corrupted xattr block 31: invalid header
[  236.131032][T12295] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  236.144846][T12327] loop6: detected capacity change from 0 to 512
[  236.154396][T12327] EXT4-fs: Ignoring removed orlov option
[  236.168285][T12327] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  236.192915][T12327] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  236.203012][T12330] loop5: detected capacity change from 0 to 128
[  236.209967][T12327] EXT4-fs (loop6): orphan cleanup on readonly fs
[  236.230864][T12327] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3072: bg 0: block 248: padding at end of block bitmap is not set
[  236.246734][T12332] SELinux: syz.4.3071 (12332) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  236.274622][T12327] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.3072: Failed to acquire dquot type 1
[  236.295893][T12327] EXT4-fs (loop6): 1 truncate cleaned up
[  236.365355][T12166] veth0_macvtap: entered promiscuous mode
[  236.402046][T12166] veth1_macvtap: entered promiscuous mode
[  236.423240][T12342] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3077'.
[  236.438353][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.448895][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.458743][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.469391][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.479252][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.489737][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.499650][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.510198][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.520105][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.530556][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.711052][T12166] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.720146][T12346] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3079'.
[  236.769961][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.780618][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.790506][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.800976][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.810965][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.821403][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.831326][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.841854][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.851752][T12166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.862302][T12166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.873617][T12349] loop5: detected capacity change from 0 to 512
[  236.893044][T12349] EXT4-fs: Ignoring removed orlov option
[  236.921899][T12349] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  236.965971][T12349] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  236.978957][T12349] EXT4-fs (loop5): orphan cleanup on readonly fs
[  236.989094][T12349] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3080: bg 0: block 248: padding at end of block bitmap is not set
[  236.996284][T12354] loop6: detected capacity change from 0 to 128
[  237.009872][T12349] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3080: Failed to acquire dquot type 1
[  237.022384][T12166] batman_adv: batadv0: Interface activated: batadv_slave_1
[  237.039348][T12166] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  237.048125][T12166] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  237.056864][T12166] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  237.065665][T12166] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  237.095649][T12358] loop4: detected capacity change from 0 to 512
[  237.102180][T12358] EXT4-fs: Ignoring removed orlov option
[  237.125682][T12358] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  237.136860][T12358] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  237.145187][T12349] EXT4-fs (loop5): 1 truncate cleaned up
[  237.167158][T12357] loop6: detected capacity change from 0 to 128
[  237.198846][T12358] EXT4-fs (loop4): orphan cleanup on readonly fs
[  237.235316][T12358] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3082: bg 0: block 248: padding at end of block bitmap is not set
[  237.271635][T12358] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.3082: Failed to acquire dquot type 1
[  237.293676][T12366] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3087'.
[  237.305019][T12358] EXT4-fs (loop4): 1 truncate cleaned up
[  237.320259][T12371] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3085'.
[  237.407055][T12379] loop4: detected capacity change from 0 to 1024
[  237.527281][T12385] loop5: detected capacity change from 0 to 512
[  237.532575][T12379] netlink: 'syz.4.3092': attribute type 10 has an invalid length.
[  237.543306][T12385] EXT4-fs (loop5): orphan cleanup on readonly fs
[  237.549770][T12377] loop2: detected capacity change from 0 to 128
[  237.568644][T12379] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.569033][T12385] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3093: bg 0: block 248: padding at end of block bitmap is not set
[  237.575975][T12379] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.600020][T12379] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.607138][T12379] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.614465][T12379] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.621643][T12379] bridge0: port 1(bridge_slave_0) entered forwarding state
[  237.632796][T12379] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  237.665291][T12385] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3093: Failed to acquire dquot type 1
[  237.703513][T12385] EXT4-fs (loop5): 1 truncate cleaned up
[  237.705855][T12379] SELinux: syz.4.3092 (12379) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  237.726813][   T40] kworker/u8:2: attempt to access beyond end of device
[  237.726813][   T40] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[  237.728120][T12385] EXT4-fs error (device loop5): ext4_lookup:1817: inode #2: comm syz.5.3093: deleted inode referenced: 12
[  238.520551][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  238.520566][   T29] audit: type=1400 audit(1739295804.090:14668): avc:  denied  { mounton } for  pid=12406 comm="syz.2.3099" path="/5/file0" dev="tmpfs" ino=44 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  238.623869][   T29] audit: type=1400 audit(1739295804.390:14669): avc:  denied  { mount } for  pid=12406 comm="syz.2.3099" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  238.660827][T12416] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3101'.
[  238.757703][T12420] loop6: detected capacity change from 0 to 256
[  238.784622][T12420] FAT-fs (loop6): Directory bread(block 64) failed
[  238.792546][T12420] FAT-fs (loop6): Directory bread(block 65) failed
[  238.803345][T12418] loop3: detected capacity change from 0 to 8192
[  238.843845][T12420] FAT-fs (loop6): Directory bread(block 66) failed
[  238.862962][T12420] FAT-fs (loop6): Directory bread(block 67) failed
[  238.876405][T12420] FAT-fs (loop6): Directory bread(block 68) failed
[  238.888499][T12420] FAT-fs (loop6): Directory bread(block 69) failed
[  238.913702][T12420] FAT-fs (loop6): Directory bread(block 70) failed
[  238.979494][T12420] FAT-fs (loop6): Directory bread(block 71) failed
[  238.992496][T12422] loop3: detected capacity change from 0 to 512
[  239.000492][T12420] FAT-fs (loop6): Directory bread(block 72) failed
[  239.008292][T12420] FAT-fs (loop6): Directory bread(block 73) failed
[  239.017093][T12422] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  239.026378][T12422] EXT4-fs (loop3): orphan cleanup on readonly fs
[  239.043329][T12422] Quota error (device loop3): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  239.066000][T12422] EXT4-fs warning (device loop3): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  239.113053][T12422] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  239.130305][   T29] audit: type=1400 audit(1739295804.800:14670): avc:  denied  { unmount } for  pid=12166 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  239.130614][T12422] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3105: bg 0: block 40: padding at end of block bitmap is not set
[  239.150930][   T29] audit: type=1326 audit(1739295804.950:14671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.2.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508727cde9 code=0x7ffc0000
[  239.151058][   T29] audit: type=1326 audit(1739295804.950:14672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.2.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f508727cde9 code=0x7ffc0000
[  239.151085][   T29] audit: type=1326 audit(1739295804.950:14673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.2.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508727cde9 code=0x7ffc0000
[  239.167134][T12428] loop6: detected capacity change from 0 to 512
[  239.188974][   T29] audit: type=1326 audit(1739295804.950:14674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.2.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f508727cde9 code=0x7ffc0000
[  239.214418][T12428] EXT4-fs: Ignoring removed orlov option
[  239.236164][   T29] audit: type=1326 audit(1739295804.950:14675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.2.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508727cde9 code=0x7ffc0000
[  239.236205][   T29] audit: type=1326 audit(1739295804.950:14676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.2.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f508727cde9 code=0x7ffc0000
[  239.325741][T12428] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  239.334611][T12422] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  239.344055][T12422] EXT4-fs (loop3): 1 truncate cleaned up
[  239.355365][T12428] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  239.372574][T12428] EXT4-fs (loop6): orphan cleanup on readonly fs
[  239.388478][T12428] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3107: bg 0: block 248: padding at end of block bitmap is not set
[  239.404400][T12422] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.3105: corrupted xattr block 31: invalid header
[  239.419541][T12428] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.3107: Failed to acquire dquot type 1
[  239.432866][T12422] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=16
[  239.444391][T12428] EXT4-fs (loop6): 1 truncate cleaned up
[  239.456925][T12432] loop4: detected capacity change from 0 to 512
[  239.476247][T12432] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  239.486964][T12432] EXT4-fs (loop4): orphan cleanup on readonly fs
[  239.498339][T12432] EXT4-fs warning (device loop4): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  239.838707][T12432] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  239.846884][T12432] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3102: bg 0: block 40: padding at end of block bitmap is not set
[  239.873837][T12432] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  239.894240][T12432] EXT4-fs (loop4): 1 truncate cleaned up
[  239.913813][T12432] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz.4.3102: corrupted xattr block 31: invalid header
[  239.933818][T12432] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  239.953171][T12445] loop5: detected capacity change from 0 to 1024
[  239.963681][T12448] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3113'.
[  240.010906][T12445] netlink: 'syz.5.3112': attribute type 10 has an invalid length.
[  240.021588][T12445] bridge0: port 3(vlan2) entered blocking state
[  240.027915][T12445] bridge0: port 3(vlan2) entered forwarding state
[  240.034513][T12445] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.041612][T12445] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.048959][T12445] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.056084][T12445] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.065436][T12445] bridge0: port 3(vlan2) entered disabled state
[  240.071829][T12445] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.079031][T12445] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.098750][T12456] loop2: detected capacity change from 0 to 8192
[  240.119561][T12445] SELinux: syz.5.3112 (12445) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  240.136658][T12461] netlink: 48 bytes leftover after parsing attributes in process `+}[@'.
[  240.182219][T12463] loop4: detected capacity change from 0 to 256
[  240.214527][T12463] FAT-fs (loop4): Directory bread(block 64) failed
[  240.221681][T12463] FAT-fs (loop4): Directory bread(block 65) failed
[  240.229431][T12463] FAT-fs (loop4): Directory bread(block 66) failed
[  240.237089][T12463] FAT-fs (loop4): Directory bread(block 67) failed
[  240.243965][T12463] FAT-fs (loop4): Directory bread(block 68) failed
[  240.251585][T12463] FAT-fs (loop4): Directory bread(block 69) failed
[  240.258853][T12463] FAT-fs (loop4): Directory bread(block 70) failed
[  240.266191][T12463] FAT-fs (loop4): Directory bread(block 71) failed
[  240.274538][T12463] FAT-fs (loop4): Directory bread(block 72) failed
[  240.281501][T12463] FAT-fs (loop4): Directory bread(block 73) failed
[  240.809979][T12478] loop3: detected capacity change from 0 to 512
[  240.817072][T12478] EXT4-fs: Ignoring removed orlov option
[  240.823204][T12478] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  240.832538][T12478] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  240.840704][T12478] EXT4-fs (loop3): orphan cleanup on readonly fs
[  240.848006][T12478] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3122: bg 0: block 248: padding at end of block bitmap is not set
[  240.863278][T12478] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3122: Failed to acquire dquot type 1
[  240.896231][T12478] EXT4-fs (loop3): 1 truncate cleaned up
[  241.081061][T12482] loop6: detected capacity change from 0 to 8192
[  241.178137][T12483] lo speed is unknown, defaulting to 1000
[  241.357321][T12497] loop6: detected capacity change from 0 to 8192
[  241.364139][T12483] chnl_net:caif_netlink_parms(): no params data found
[  241.419378][T12494] loop2: detected capacity change from 0 to 128
[  241.539626][T12483] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.547265][T12483] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.573988][T12504] loop3: detected capacity change from 0 to 128
[  241.605470][T12483] bridge_slave_0: entered allmulticast mode
[  241.616892][T12494] syz.2.3127: attempt to access beyond end of device
[  241.616892][T12494] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  241.637323][T12510] loop6: detected capacity change from 0 to 512
[  241.648049][T12483] bridge_slave_0: entered promiscuous mode
[  241.664324][T12483] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.671694][T12483] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.681784][T12510] EXT4-fs: Ignoring removed orlov option
[  241.691471][T12504] syz.3.3124: attempt to access beyond end of device
[  241.691471][T12504] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  241.710634][T12510] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  241.727384][T12510] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  241.735547][T12483] bridge_slave_1: entered allmulticast mode
[  241.751134][T12483] bridge_slave_1: entered promiscuous mode
[  241.767538][T12510] EXT4-fs (loop6): orphan cleanup on readonly fs
[  241.789926][T12510] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3130: bg 0: block 248: padding at end of block bitmap is not set
[  241.812906][   T28] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.821668][T12510] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.3130: Failed to acquire dquot type 1
[  241.837209][T12510] EXT4-fs (loop6): 1 truncate cleaned up
[  241.881290][T12483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.905981][   T28] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.944093][T12522] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3133'.
[  241.953205][T12522] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3133'.
[  241.979038][T12483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.990611][T12522] bridge0: entered promiscuous mode
[  241.996773][T12522] syz_tun: entered promiscuous mode
[  242.011044][T12522] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  242.055518][   T28] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.079775][T12483] team0: Port device team_slave_0 added
[  242.092507][T12483] team0: Port device team_slave_1 added
[  242.098238][T12521] loop4: detected capacity change from 0 to 128
[  242.107950][T12528] loop3: detected capacity change from 0 to 512
[  242.153151][ T2172] kworker/u8:6: attempt to access beyond end of device
[  242.153151][ T2172] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  242.169650][T12483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.176739][T12483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.202845][T12483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.216288][T12528] EXT4-fs (loop3): orphan cleanup on readonly fs
[  242.223534][T12528] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3136: bg 0: block 248: padding at end of block bitmap is not set
[  242.246074][T12528] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3136: Failed to acquire dquot type 1
[  242.259851][   T28] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.268997][T12528] EXT4-fs (loop3): 1 truncate cleaned up
[  242.276388][T12483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  242.279757][T12528] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz.3.3136: deleted inode referenced: 12
[  242.283373][T12483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.320628][T12483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.353056][T12531] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3137'.
[  242.371648][T12483] hsr_slave_0: entered promiscuous mode
[  242.393916][T12533] loop3: detected capacity change from 0 to 128
[  242.394609][T12483] hsr_slave_1: entered promiscuous mode
[  242.412457][T12483] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  242.420109][T12483] Cannot create hsr debugfs directory
[  242.449096][   T28] vlan2: left allmulticast mode
[  242.454059][   T28] bond0: left allmulticast mode
[  242.458951][   T28] bond_slave_0: left allmulticast mode
[  242.464503][   T28] bond_slave_1: left allmulticast mode
[  242.470175][   T28] vlan2: left promiscuous mode
[  242.474958][   T28] bond0: left promiscuous mode
[  242.479779][   T28] bond_slave_0: left promiscuous mode
[  242.485291][   T28] bond_slave_1: left promiscuous mode
[  242.491053][   T28] bridge0: port 3(vlan2) entered disabled state
[  242.508927][   T28] bridge_slave_1: left allmulticast mode
[  242.514612][   T28] bridge_slave_1: left promiscuous mode
[  242.520390][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.530820][   T28] bridge_slave_0: left allmulticast mode
[  242.536535][   T28] bridge_slave_0: left promiscuous mode
[  242.542408][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.703875][T12548] loop2: detected capacity change from 0 to 512
[  242.727816][T12548] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  242.737837][T12548] EXT4-fs (loop2): orphan cleanup on readonly fs
[  242.744463][T12548] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  242.760965][T12548] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  242.771065][T12548] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3144: bg 0: block 40: padding at end of block bitmap is not set
[  242.786415][T12548] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  242.795576][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.804566][T12548] EXT4-fs (loop2): 1 truncate cleaned up
[  242.811929][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.822928][   T28] bond0 (unregistering): Released all slaves
[  242.832970][   T28] bond1 (unregistering): Released all slaves
[  242.843369][T12553] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3145'.
[  242.847610][   T28] bond2 (unregistering): Released all slaves
[  242.852398][T12553] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3145'.
[  242.861072][   T28] bond3 (unregistering): Released all slaves
[  242.867320][T12553] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3145'.
[  242.885019][   T28] bond4 (unregistering): Released all slaves
[  242.895700][   T28] bond5 (unregistering): Released all slaves
[  242.927113][T12557] loop2: detected capacity change from 0 to 1024
[  242.933235][   T28] bond6 (unregistering): Released all slaves
[  242.941970][   T28] bond7 (unregistering): Released all slaves
[  242.950952][   T28] bond8 (unregistering): Released all slaves
[  242.960488][   T28] bond9 (unregistering): Released all slaves
[  242.969734][   T28] bond10 (unregistering): Released all slaves
[  242.978643][   T28] bond11 (unregistering): Released all slaves
[  242.987614][   T28] bond12 (unregistering): Released all slaves
[  242.996248][   T28] bond13 (unregistering): Released all slaves
[  243.004937][   T28] bond14 (unregistering): Released all slaves
[  243.013903][   T28] bond15 (unregistering): Released all slaves
[  243.022797][   T28] bond16 (unregistering): Released all slaves
[  243.031880][   T28] bond17 (unregistering): Released all slaves
[  243.041050][   T28] bond18 (unregistering): Released all slaves
[  243.048843][T12567] loop4: detected capacity change from 0 to 512
[  243.050045][   T28] bond19 (unregistering): Released all slaves
[  243.055919][T12567] EXT4-fs: Ignoring removed orlov option
[  243.073179][T12567] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  243.082911][T12568] SELinux: syz.2.3146 (12568) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  243.085305][T12559] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3148'.
[  243.114169][T12567] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  243.123824][T12567] EXT4-fs (loop4): orphan cleanup on readonly fs
[  243.163455][T12567] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3149: bg 0: block 248: padding at end of block bitmap is not set
[  243.193337][T12575] loop6: detected capacity change from 0 to 8192
[  243.200826][   T28] tipc: Left network mode
[  243.206067][T12567] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.3149: Failed to acquire dquot type 1
[  243.229302][T12567] EXT4-fs (loop4): 1 truncate cleaned up
[  243.249397][   T28] hsr_slave_0: left promiscuous mode
[  243.255575][   T28] hsr_slave_1: left promiscuous mode
[  243.261908][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.269427][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.279320][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.287049][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.312923][T12583] loop6: detected capacity change from 0 to 1024
[  243.324650][   T28] veth1_macvtap: left promiscuous mode
[  243.330794][   T28] veth0_macvtap: left promiscuous mode
[  243.342264][   T28] veth1_vlan: left promiscuous mode
[  243.351932][   T28] veth0_vlan: left promiscuous mode
[  243.454765][T12592] netlink: 'syz.6.3153': attribute type 10 has an invalid length.
[  243.466422][   T28] team0 (unregistering): Port device team_slave_1 removed
[  243.482529][T12591] loop4: detected capacity change from 0 to 8192
[  243.489834][   T28] team0 (unregistering): Port device team_slave_0 removed
[  243.562861][T12595] SELinux: syz.6.3153 (12595) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  243.829452][T12598] loop4: detected capacity change from 0 to 8192
[  243.845728][T12602] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3158'.
[  243.854740][T12602] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3158'.
[  243.863732][T12602] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3158'.
[  243.931166][T12483] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  243.971498][T12483] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  243.988156][T12483] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  244.004661][T12483] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  244.095405][T12483] 8021q: adding VLAN 0 to HW filter on device bond0
[  244.113153][T12483] 8021q: adding VLAN 0 to HW filter on device team0
[  244.124977][ T9573] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.132222][ T9573] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.160484][   T29] kauditd_printk_skb: 289 callbacks suppressed
[  244.160500][   T29] audit: type=1326 audit(1739295809.990:14954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.190514][   T29] audit: type=1326 audit(1739295809.990:14955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.214130][   T29] audit: type=1326 audit(1739295809.990:14956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.237815][   T29] audit: type=1326 audit(1739295809.990:14957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.261439][   T29] audit: type=1326 audit(1739295809.990:14958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.265815][T12608] loop2: detected capacity change from 0 to 8192
[  244.285142][   T29] audit: type=1326 audit(1739295809.990:14959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.285186][   T29] audit: type=1326 audit(1739295809.990:14960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.338753][   T29] audit: type=1326 audit(1739295809.990:14961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.362247][   T29] audit: type=1326 audit(1739295809.990:14962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.386171][   T29] audit: type=1326 audit(1739295809.990:14963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.4.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1ec28acde9 code=0x7ffc0000
[  244.419803][T12483] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  244.430318][T12483] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  244.442311][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.449460][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.709608][T12483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  244.771461][T12618] loop4: detected capacity change from 0 to 8192
[  244.783029][T12635] loop6: detected capacity change from 0 to 512
[  244.813454][T12635] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  244.877561][T12642] bridge0: entered promiscuous mode
[  244.883198][T12635] EXT4-fs (loop6): orphan cleanup on readonly fs
[  244.891150][T12642] macvlan2: entered promiscuous mode
[  244.896883][T12635] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  244.922255][T12642] IPv6: Can't replace route, no match found
[  244.964246][T12635] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  244.993420][T12635] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3169: bg 0: block 40: padding at end of block bitmap is not set
[  245.022828][T12635] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  245.037798][T12483] veth0_vlan: entered promiscuous mode
[  245.054511][T12483] veth1_vlan: entered promiscuous mode
[  245.062097][T12635] EXT4-fs (loop6): 1 truncate cleaned up
[  245.091934][T12483] veth0_macvtap: entered promiscuous mode
[  245.112081][T12483] veth1_macvtap: entered promiscuous mode
[  245.138491][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.149041][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.159052][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.169628][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.179459][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.189999][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.199850][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.210302][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.220263][T12654] loop4: detected capacity change from 0 to 8192
[  245.220274][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.237113][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.249439][T12483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.257813][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.260691][T12661] loop6: detected capacity change from 0 to 512
[  245.268419][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.268435][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.268501][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.268520][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.268534][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.325490][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.325844][T12661] EXT4-fs: Ignoring removed orlov option
[  245.336042][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.336066][T12483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.336084][T12483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.373547][T12483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.396434][T12483] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.405273][T12483] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.414219][T12483] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.423040][T12483] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.439566][T12661] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  245.459530][T12661] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  245.470899][T12661] EXT4-fs (loop6): orphan cleanup on readonly fs
[  245.478155][T12661] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3176: bg 0: block 248: padding at end of block bitmap is not set
[  245.495211][T12661] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.3176: Failed to acquire dquot type 1
[  245.508699][T12661] EXT4-fs (loop6): 1 truncate cleaned up
[  245.660482][T12691] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  245.684634][T12689] loop5: detected capacity change from 0 to 512
[  245.803998][T12689] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  245.813598][T12689] EXT4-fs (loop5): orphan cleanup on readonly fs
[  245.828036][T12689] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  245.856649][T12689] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  245.875903][T12689] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3185: bg 0: block 40: padding at end of block bitmap is not set
[  245.944911][T12689] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  245.983579][T12689] EXT4-fs (loop5): 1 truncate cleaned up
[  246.052930][T12681] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.074240][T12681] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.306159][T12700] loop5: detected capacity change from 0 to 8192
[  246.358811][T12703] loop5: detected capacity change from 0 to 1024
[  246.359364][T12704] loop3: detected capacity change from 0 to 512
[  246.371906][T12704] EXT4-fs: Ignoring removed orlov option
[  246.378091][T12704] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  246.387831][T12704] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  246.396037][T12704] EXT4-fs (loop3): orphan cleanup on readonly fs
[  246.403396][T12704] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3190: bg 0: block 248: padding at end of block bitmap is not set
[  246.418437][T12704] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3190: Failed to acquire dquot type 1
[  246.432537][T12704] EXT4-fs (loop3): 1 truncate cleaned up
[  246.471513][T12712] SELinux: syz.5.3189 (12712) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  246.527972][T12716] loop4: detected capacity change from 0 to 8192
[  246.556237][T12723] loop3: detected capacity change from 0 to 128
[  246.754390][T12738] tipc: Started in network mode
[  246.759412][T12738] tipc: Node identity 1, cluster identity 4711
[  246.765666][T12738] tipc: Node number set to 1
[  246.784033][T12738] loop5: detected capacity change from 0 to 512
[  246.799998][T12738] EXT4-fs: Ignoring removed orlov option
[  246.815086][T12738] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  246.844347][T12738] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  246.852757][T12738] EXT4-fs (loop5): orphan cleanup on readonly fs
[  246.860671][T12738] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3201: bg 0: block 248: padding at end of block bitmap is not set
[  246.876812][T12738] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3201: Failed to acquire dquot type 1
[  246.888846][T12738] EXT4-fs (loop5): 1 truncate cleaned up
[  246.978234][T12742] loop4: detected capacity change from 0 to 512
[  247.198681][T12742] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  248.082669][T12765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  248.095291][T12765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.167425][T12769] loop5: detected capacity change from 0 to 128
[  248.234633][T12769] syz.5.3211: attempt to access beyond end of device
[  248.234633][T12769] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  248.274407][T12769] ==================================================================
[  248.282525][T12769] BUG: KCSAN: data-race in sg_common_write / sg_finish_rem_req
[  248.290096][T12769] 
[  248.292421][T12769] write to 0xffff88811360331d of 1 bytes by task 35 on cpu 1:
[  248.299892][T12769]  sg_finish_rem_req+0x117/0x270
[  248.304858][T12769]  sg_rq_end_io_usercontext+0x36/0x1c0
[  248.310343][T12769]  process_scheduled_works+0x483/0x9a0
[  248.315819][T12769]  worker_thread+0x51d/0x6f0
[  248.320437][T12769]  kthread+0x4ae/0x520
[  248.324533][T12769]  ret_from_fork+0x4b/0x60
[  248.328985][T12769]  ret_from_fork_asm+0x1a/0x30
[  248.333778][T12769] 
[  248.336111][T12769] read to 0xffff88811360331d of 1 bytes by task 12769 on cpu 0:
[  248.343755][T12769]  sg_common_write+0x659/0x8d0
[  248.348546][T12769]  sg_new_write+0x82b/0x8e0
[  248.353062][T12769]  sg_ioctl+0xe22/0x1870
[  248.357330][T12769]  __se_sys_ioctl+0xc9/0x140
[  248.361934][T12769]  __x64_sys_ioctl+0x43/0x50
[  248.366532][T12769]  x64_sys_call+0x1690/0x2dc0
[  248.371233][T12769]  do_syscall_64+0xc9/0x1c0
[  248.375759][T12769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.381676][T12769] 
[  248.384006][T12769] value changed: 0x01 -> 0x00
[  248.388691][T12769] 
[  248.391034][T12769] Reported by Kernel Concurrency Sanitizer on:
[  248.397194][T12769] CPU: 0 UID: 0 PID: 12769 Comm: syz.5.3211 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[  248.407984][T12769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  248.418056][T12769] ==================================================================
[  248.813354][T11199] EXT4-fs unmount: 97 callbacks suppressed
[  248.813448][T11199] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.