last executing test programs:

3.698288361s ago: executing program 1 (id=2446):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18)
r1 = io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x8d5f, 0x1046, 0x0, 0x264})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f00000000c0), 0x0)

3.656024295s ago: executing program 1 (id=2447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="796104000000000001007e190000"], 0x14}}, 0x0)

3.622466668s ago: executing program 1 (id=2448):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000340)='syz0\x00', 0x200002, 0x0)
openat$cgroup_procs(r1, &(0x7f0000001400)='cgroup.procs\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff})
poll(&(0x7f0000000000)=[{r2}, {r2}], 0x2, 0x5e5b)
shutdown(r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702000002ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x5c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x0, 0xab, @empty, 0x1}, 0x1c)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, 0x0, 0x11e)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
perf_event_open(&(0x7f0000001380)={0x2, 0x80, 0x5, 0x1, 0x0, 0x0, 0x0, 0xa, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8000000000000001, 0x8}, 0x4c58, 0x10000, 0x1, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x8000000000000002}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x2)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="4000000010000304fcffffff3f00000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000180012800e0001007769726567756172640000", @ANYRES32], 0x40}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)
unshare(0x22020600)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x2000000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@TCA_RATE={0x6, 0x5, {0x3}}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(0x0, 0x0)
r7 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',msize=0x000000000000'])
r8 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = fsmount(r8, 0x0, 0x0)
renameat2(r9, &(0x7f0000000040)='./bus\x00', r9, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001514"], 0x28}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r4, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.320865471s ago: executing program 4 (id=2454):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xf}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000900)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x5785}}, './file0\x00'})
ptrace(0x10, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x51857000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r5, 0x0, r4, 0x0, 0x9, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200008, &(0x7f0000000380)={[{@nolazytime}, {@auto_da_alloc}, {@sysvgroups}, {@norecovery}, {@jqfmt_vfsv0}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@user_xattr}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_settime(r3, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0xc, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)=@rxrpc=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e22, 0x6, @local, 0x5}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000580)="e80bd178e75806e48193ed9384a35691aa09001302b80e6491ddbac5029612aa226da5704ccf9cab32def912f8b083a446c6494a820754581ef1c3e0273218a0aa27c8f027b5946a0d9cf89cf67858bc7835711a4116f2a6fdb600cf61a15425057d9e6302c623feb00a7b7b", 0x6c}, {&(0x7f00000006c0)="69e25505e864cc2097bb07eae3cd1d7feb88363b4d3810e88c9f4a2db3cfe755bbd349475e8be4330abaccb38fbed4d7a1ffe3e4f38bdcf11eaa8d2921df7262d59d32aecb0ba39dd229c94e599ba1792daee99add98b0489b30f4d680b8cb42d89e21ade2512018acb73db38fff26c421f9748f8e11993dc4799e5cfe38f23becbf31154dc87aed63407746e182af13f11ab0948cb2d926892645aed861b16906033b42b3d28eb25f7e532c4f619d00bc8585adc5414d315fc56c9ba4617c516e3b6bbfe42124e1e63454520fbbfe3e110b9619a825f29e6f346aa7cdbf62f0f293cfc998cc14c958b533e3751e8db71c08ac9f3f61d7355b4491c0", 0xfc}, {&(0x7f00000007c0)="5263592e732cde1bac5a7d12c2d062729a3d0112fb0c72c2e9dc168c70264ecc17bca19d397665bf4028862f8866161e052c04f20cad250238f1e7c11d1d1a7999b4d69767d1704a035795bf221ab3a92c2a536ccefa3e4465b9736d6bf54cda744b66a2f3212c9668c567e9cf510f7d99bdf05cf9ebb1a4c0749a9f561d470db13ca6ac99d1588d8d9329641ea1b8667e4e2caec7e9537c8aa59f116b1e7db6213048199c056845420e4f4a5aed2c57e0776259fac3c3264818ce87fbdc", 0xbe}], 0x3, &(0x7f0000000600)=[@txtime={{0x18, 0x1, 0x3d, 0x8}}, @mark={{0x14, 0x1, 0x24, 0x6}}, @timestamping={{0xffffff94, 0x1, 0x25, 0xd977}}], 0x48}, 0x20001084)
r7 = syz_io_uring_setup(0x3b51, &(0x7f00000003c0)={0x0, 0x5883, 0x80, 0x2, 0x1c2}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000680)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000540)={'team0\x00', <r10=>0x0})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r0, @ANYBLOB, @ANYRES32=r10, @ANYRES32, @ANYBLOB="020000000500"/28], 0x50)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r7, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
lsetxattr$system_posix_acl(&(0x7f00000001c0)='.\x00', &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="021186db09000000000000000240000000000000020000000000000002000200000000ae"], 0x24, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.548293801s ago: executing program 1 (id=2459):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
poll(0x0, 0x0, 0x1ff)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, 0xffffffffffffffff, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x3ff, 0x0, 'queue1\x00'})
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = syz_open_dev$evdev(&(0x7f0000000400), 0x0, 0x0)
syz_usb_disconnect(r2)
syz_usb_connect(0x4, 0x24, &(0x7f0000000480)=ANY=[], 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000990000000d", @ANYRES8=r0], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xd, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
ioctl$EVIOCRMFF(r2, 0x40095505, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRES16=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r5, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
r6 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r6, &(0x7f0000000180)="e502", 0x2)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

2.31818248s ago: executing program 4 (id=2461):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000003, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
syz_open_dev$usbfs(0x0, 0x74, 0x101301)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000340)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33cb95d66a1781f31bf07fd2ae874", "62266bd8", "d1b29b99d21d88a2"}, 0x28)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000480)=[{0x6, 0x0, 0x0, 0x4}]})
msgget$private(0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

2.244198515s ago: executing program 0 (id=2465):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000800), 0x8000, 0x0)
r1 = dup(r0)
ioctl$GIO_UNISCRNMAP(r1, 0xc0403d11, 0x0)
close(0x3)
io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={0x0, @in6={{0xa, 0x1103, 0x4, @private0, 0x2}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x2}, 0x8)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
fcntl$setlease(r5, 0x400, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r8}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

2.1819976s ago: executing program 3 (id=2466):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
r2 = socket(0x40000000015, 0x5, 0x0)
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000001480)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001440)={0x0}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000000)
r3 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000780), 0x1, 0x0)
write$selinux_validatetrans(r3, &(0x7f00000007c0)=ANY=[@ANYBLOB='system_u:object_r:syslogd]initrc_exec_t:s0 system_u:object_r:memori_device_t:s0 00000000000000000003 /'], 0x8a)

2.18138722s ago: executing program 3 (id=2467):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x6000000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000007c0)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r2, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x4004040)

2.146224533s ago: executing program 3 (id=2468):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18)
r1 = io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x8d5f, 0x1046, 0x0, 0x264})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f00000000c0), 0x0)

2.122724644s ago: executing program 0 (id=2469):
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000150000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getegid()
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[], 0x94, 0x1)
socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000300)={'sit0\x00', 0x0})
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
ioctl$USBDEVFS_DISCARDURB(0xffffffffffffffff, 0x550b, 0x0)
mount(&(0x7f0000000040)=@rnullb, &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x84, &(0x7f0000000300)='trAnsa,')
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r6}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)

2.023120952s ago: executing program 3 (id=2470):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x82e, &(0x7f00000004c0)={0x0, 0xb39d, 0x100, 0x1, 0x20005}, &(0x7f0000000000), &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f0000000380), 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

2.022369122s ago: executing program 3 (id=2471):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
poll(0x0, 0x0, 0x1ff)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x2, @perf_config_ext={0x4, 0x3}, 0x4c58, 0x4, 0x0, 0x1, 0x8, 0x3, 0xa, 0x0, 0xffffffff, 0x0, 0x5}, 0x0, 0x80000000000b, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r1, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x3ff, 0x0, 'queue1\x00'})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = syz_open_dev$evdev(&(0x7f0000000400), 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect(0x4, 0x24, &(0x7f0000000480)=ANY=[], 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000990000000d", @ANYRES8=r0], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xd, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYRES32=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
ioctl$EVIOCRMFF(r4, 0x40095505, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRESHEX=r3, @ANYRES16=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r7, &(0x7f0000000080), 0x0}, 0x20)
r8 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r8, &(0x7f0000000180)="e502", 0x2)
execveat(r8, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.482791184s ago: executing program 4 (id=2472):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
mq_open(&(0x7f0000000700)='\x00', 0x40, 0x0, &(0x7f0000000740)={0x7, 0xc5, 0x8, 0x8})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x6000000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000050000000200"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000007c0)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r3, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f0000000000)="17460081ba60ccbb9d000000000000", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000780)="5825be06000000000000007ca2746314d1787b351f0dda2d", 0x18}], 0x1}}], 0x2, 0x4004040)

1.461495636s ago: executing program 4 (id=2473):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000000c0)='./file0\x00', 0x1000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xfe, 0x19c, &(0x7f0000000200)="$eJzs281qE1EYBuA3tdW2LtKFK3Ex4MZVaHsFFqkgBgSlCwVBsQ1IRwIWArqw2bnwJrwct3olLrsQRppp7Q+piNoMJM+zyQfnvMl3DiSZMzAvbr3Z3e7v9Z73vmSx1crc3arKQSsrmcuxYQCAaXJQVfleVVV1bZilz6mqqumOAIDL5v8fAGbPk6fPHm50u5uPi2IxKT8OtgZb9Ws9vtHL65TZyWra+ZHDC4QjdX3/QXdztRhZyady/yi/P9i6cja/lnZWxufX6nxxNr+Q5dP59bRzY3x+fWz+au7cPpXvpJ1vr9JPme0cZk/yH9aK4t6j7rn89dE8AAAAmAad4pex5/dO56LxOr/R+uP7A+fO1/O5Od/s2gFgVu29e7/7six33jZWJBn+Zs7X5brRyTVW/GX8eEub3Mx/K5by/995Ic2va3qK/txlf8RiklHR4I8SMBEn3/6mOwEAAAAAAAAAAAAAAC4yiUeXml4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPnZwAAAP//RL2Oaw==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000780)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000740)={&(0x7f0000000600)={0x64, 0x2, 0x9, 0x5, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFCTH_TUPLE={0x40, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @private=0xa010101}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x9}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000040}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030007e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0009}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
r4 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000340)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r4, 0x0, 0x0})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x18, 0x2, &(0x7f0000000140)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10}], &(0x7f0000000240)='syzkaller\x00', 0x3, 0x1000, &(0x7f00000007c0)=""/4096, 0x40f00, 0x20, '\x00', 0x0, 0x0, r7, 0x8, &(0x7f0000000280)={0x9, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0xc, 0x5, 0x3}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000300)=[r7, r7, r7], &(0x7f0000000340)=[{0x4, 0x4, 0x4, 0xa}, {0x1, 0x5, 0xa, 0xa}, {0x0, 0x1, 0x9, 0x9}], 0x10, 0xe99}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000440)={r8, r7}, 0xc)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000001c0)=0xe)
ioctl$TIOCPKT(r9, 0x5420, &(0x7f0000000100)=0x10000)
ioctl$TIOCSSOFTCAR(r9, 0x541a, &(0x7f0000000000))

1.188834657s ago: executing program 0 (id=2475):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x4}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c000380080001400000"], 0xfc}}, 0x20000004)

1.170954369s ago: executing program 0 (id=2476):
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r0, 0x0, 0x3ffff)
move_mount(r0, 0x0, r2, 0x0, 0x14)
sendfile(r2, r0, 0x0, 0x7ffff000)

1.143435311s ago: executing program 1 (id=2477):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x20000600}}, 0x0)

1.124989212s ago: executing program 1 (id=2478):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
poll(0x0, 0x0, 0x1ff)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x2, @perf_config_ext={0x4, 0x3}, 0x4c58, 0x4, 0x0, 0x1, 0x8, 0x3, 0xa, 0x0, 0xffffffff, 0x0, 0x5}, 0x0, 0x80000000000b, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r1, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x3ff, 0x0, 'queue1\x00'})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = syz_open_dev$evdev(&(0x7f0000000400), 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect(0x4, 0x24, &(0x7f0000000480)=ANY=[], 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000990000000d", @ANYRES8=r0], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xd, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYRES32=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
ioctl$EVIOCRMFF(r4, 0x40095505, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRESHEX=r3, @ANYRES16=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r8 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r8, &(0x7f0000000180)="e502", 0x2)
execveat(r8, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.113174263s ago: executing program 4 (id=2480):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x200800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x67, 0x0, 0x0)

778.147209ms ago: executing program 0 (id=2483):
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
sendfile(r3, r1, 0x0, 0x3ffff)
move_mount(r1, 0x0, r3, 0x0, 0x14)
sendfile(r3, r1, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7000000000085000000730000009500"/81], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r4}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000040)='.\x02\x00', 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="636865636b3d7374726963742c756e686964652c63727566742c696f636861727365743d63a08033322c636865636b3d72656c617865642c6e6f6a6f6c6965742c636865636b3d72656c617865642c6e6f6a6f6c6965742c00"], 0x1, 0x55d, &(0x7f0000000b00)="$eJzs3VFv01YbwPHHpYWSV0LoZUKoKnAom1SkEhwXgiKuPOckPeDYke2g9gpVNEUVKUyUSWtvNm7YJm0fgtt9iH0jtI/AZDspzdo0HaUJ6v6/Co5jH/s8x4n86LTxsQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALG8qm2XLPFN0FpWg3nVKGx8fNnde98KudVXHNKuiJX+k+lpuZKvuvLVx82X0//mZDZ/NSvTaTEtO/+7fPHBpcmJ3v6HBDwSW9s7z1c7nfarcQdygq6eG7ytrgMTh6bh1rUycagq5bJ9Z6kWq5rxdbwSJ7qhvEi7SRipee+WKlUqi0oXV8JWUK+6vu6tvH/bse2yelhsajeKw+DOw2LsLRnfN0E9q5NuTuvcTz+Ij0yiEu02lFrf6LQXh3UgrVQ6SiVnWCXHdpxSyXFK5XuVe/dte3LfCvsfZF+N8X9oMV6f8eoNHM9EN/+LL0YCacmyqAN/PKlKJKE0Bmzv6uX/b+7oQ9vdm/97Wf7Kx80zkuX/a/mra4Py/4BYRvezJduyI89lVTrSkba8GntEo/2pi5ZAjMQSipGGuNka1V2jpCJlKYstT2RJahKLkpoY8UVLLCsSSyI6+0R5EokWVxIJJRIl8+LJLVFSkopUZFGUaCnKioTSkkDqUhU3O8q6bGTnfVGUNSjG3Uqlgd0o9D53bXEO6S35H8f3Wa/fwHF86OV/AAAAAABwalnZb9/T8f+UXM2WasbX9rjDAgAAAAAAn1H2l//ZtJhKl66KxfgfAAAAAIDTxsrusbNEpCDX86V1sbLbpfglAAAAAAAAp0T29/9raZHNgXJdrN3pUhj/AwAAAABwSvwydI79uHnO+vMviaIp601z+Wtr003ruZtn8v3O9I400S2T2ox1oXuQrCjnxeSkp2et6bzS7iSY77vF+rA4rIMC+GlvADIkgEuT8pvcyOvcWMvLtd6WvJVCzfi66IX+g5K47oWJRC8n37/Y+EGy7v8aNC5Ysr7RaRefvuysZbG8SY/yZrM7geK+eRQPieV1Nt9Cds/FgT2eym7E6LZbyNu19/Z/ov+8H6XNtzKX15nrznhb6O//dNpmqdjX+3TbbhTTstFpl47Z87dyM69zc/5mXhwQhVMc9B50z4WzN4pPOhf7o7D6ojgvIsOiWBwUhXW0KABgXNaHZCFrf+L/hGvtp2V3+ZfZ/a3M53XmZ7IL6+TMAXnFHnZFt4+Z3f7Y9wykQTk2bff33XbzrPou3eHdwHZj37HSU3jm9eZ3cnlre+f2xubqs/az9gvHWSzbd237niNTWTe6xZ5IP5wj9wAAcsOfsTO0hnU3H1VfFDl4VP3/3a8UFOWpvJSOrMlCdrdB9o2DA49a2PM1hIUho9ZClibzJ7wsHDK2PJvd5dA7rnNo3f4YFkfxVgAAMDJzQ/LwUfL/wpBxd38u7x8dn5VBdUsjPxcAAPxX6Oi9VUh+tqLINJ+UKpWSmyxpFYXeIxWZal0rEyQ68pbcoK5VMwqT0Av9dOGxqepYxa1mM4wSVQsj1Qxjs5w9+V11H/0e64YbJMaLm752Y628MEhcL1FVE59Xzda3vomXdJTtHDe1Z2rGcxMTBioOW5Gni0rFWu+paKo6SEzNpIuBakam4UYr6nHotxpaWWJJZJpJmB+w15YJamHUyA5bHPfJBgDgC7G1vfN8tdNpvzrBhXH3EQAA9CNLAwAAAAAAAAAAAAAAAAAAAADw5RvF/X8sjGPhbPcdHkFbvamgx93lE16wRtrBSREZZ5eHXjp+PNELE4AT93cAAAD//+IERnQ=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)

650.482189ms ago: executing program 4 (id=2484):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@noload}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@jqfmt_vfsold}, {@journal_dev={'journal_dev', 0x3d, 0x800}}, {@nobh}, {@inlinecrypt}, {@grpquota}, {@init_itable}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x7, 0x8000c64)
write$binfmt_elf64(r1, 0x0, 0x478)
r2 = syz_open_dev$loop(&(0x7f0000000000), 0x3, 0x2000)
ioctl$BLKALIGNOFF(r2, 0x127a, &(0x7f0000000080))
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r5, &(0x7f0000000180), 0x40010)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{}, &(0x7f0000000400), &(0x7f00000004c0)=r7}, 0x20)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r3, &(0x7f00000003c0)=""/4096, 0x1000)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

610.312082ms ago: executing program 3 (id=2486):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@noload}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@jqfmt_vfsold}, {@journal_dev={'journal_dev', 0x3d, 0x800}}, {@nobh}, {@inlinecrypt}, {@grpquota}, {@init_itable}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x0, 0x7, 0x8000c64)
write$binfmt_elf64(r2, 0x0, 0x478)
r3 = syz_open_dev$loop(&(0x7f0000000000), 0x3, 0x2000)
ioctl$BLKALIGNOFF(r3, 0x127a, &(0x7f0000000080))
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r5}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
write$cgroup_type(r6, &(0x7f0000000180), 0x40010)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{}, &(0x7f0000000400), &(0x7f00000004c0)=r8}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r4, &(0x7f00000003c0)=""/4096, 0x1000)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

447.207625ms ago: executing program 2 (id=2489):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
close(r0)

406.468368ms ago: executing program 0 (id=2490):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000002, 0x4000010, 0xffffffffffffffff, 0xdd3d9000)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="090000d15529db00e27f00000100000012000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="00b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500"/72], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
splice(r3, 0x0, r2, 0x0, 0x6, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r2, 0x4, 0x7c00)
r6 = dup3(r4, r2, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c000000010605"], 0x2c}, 0x1, 0x0, 0x0, 0x40001d0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
ioctl$PPPIOCGCHAN(r6, 0x80047437, &(0x7f0000000280))
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
syz_open_pts(r8, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10004, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000088000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d44001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000003ef0001800e000100636f6e6e6c696d69740000000c000280080001400000e41f08000340000001"], 0xd0}, 0x1, 0x0, 0x0, 0x60000800}, 0x4000024)

344.794603ms ago: executing program 2 (id=2491):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mount$bpf(0x0, &(0x7f0000000100)='.\x00', &(0x7f00000006c0), 0x112140d, &(0x7f0000000880)=ANY=[@ANYBLOB='00000\n\x00\x00\x00\x00\x00\x00\x003,gid'])
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_GET(r5, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r4)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
timer_settime(r3, 0x0, &(0x7f0000000280), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1e00000000000000400000000700000022040000", @ANYRES32=r1, @ANYBLOB="0e00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000f92ea011dc0000000000020000000e00575787d04ed5e866454e22984700000387c6493cd808411cee99d29bc338000000100000004268e77f19751800db09b6fe"], 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000dc0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r6, 0x1, 0x4c, &(0x7f0000000300), 0x4)
write$binfmt_elf64(r7, &(0x7f0000000580)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000040000000000000000000bfef9004af9a20eaf3"], 0x78)
recvmmsg(r6, &(0x7f0000000500)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/8, 0xc}}], 0x4b, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan1\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x26}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)

322.940465ms ago: executing program 2 (id=2492):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000004c0)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x44}}, 0x0)

310.799655ms ago: executing program 2 (id=2493):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
close(r0)

234.472701ms ago: executing program 2 (id=2494):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000040)={'syztnl1\x00', <r1=>0x0, 0x7, 0x8, 0x0, 0x200, {{0xc, 0x4, 0x0, 0x1b, 0x30, 0x65, 0x0, 0x1, 0x2f, 0x0, @multicast2, @remote, {[@rr={0x7, 0x7, 0xe4, [@local]}, @generic={0x94, 0x11, "64b34f1e61e5c30efb3a3a73054027"}, @ra={0x94, 0x4}]}}}}})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r2=>r0, {0x9}}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000001}, [@map_val={0x18, 0x2, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @exit]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tgkill(r4, r4, 0x2b)
ptrace(0x4206, r4)
waitid(0x0, 0x0, 0x0, 0xe, 0x0)

0s ago: executing program 2 (id=2495):
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
sendfile(r3, r1, 0x0, 0x3ffff)
move_mount(r1, 0x0, r3, 0x0, 0x14)
sendfile(r3, r1, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r4, 0x0, 0xffffffffffffffff}, 0x18)

kernel console output (not intermixed with test programs):

ota options ignored when QUOTA feature is enabled
[  178.131179][ T8997] EXT4-fs (loop2): orphan cleanup on readonly fs
[  178.138362][ T8997] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1923: bg 0: block 248: padding at end of block bitmap is not set
[  178.157188][ T9010] loop3: detected capacity change from 0 to 512
[  178.173587][ T9010] EXT4-fs (loop3): too many log groups per flexible block group
[  178.181493][ T9010] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  178.189510][ T8998] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1922: corrupted inode contents
[  178.201908][ T8997] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1923: Failed to acquire dquot type 1
[  178.215100][ T8998] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.1922: mark_inode_dirty error
[  178.226869][ T9010] EXT4-fs (loop3): mount failed
[  178.227463][ T8997] EXT4-fs (loop2): 1 truncate cleaned up
[  178.239655][ T8998] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1922: corrupted inode contents
[  178.252431][ T8998] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.1922: mark_inode_dirty error
[  178.264078][ T8998] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1922: corrupted inode contents
[  178.279293][ T8998] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  178.288880][ T8998] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1922: corrupted inode contents
[  178.306945][ T8997] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.1923: Abort forced by user
[  178.312794][ T8998] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.1922: mark_inode_dirty error
[  178.328473][ T8998] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  178.339556][ T8998] EXT4-fs (loop0): 1 truncate cleaned up
[  178.345781][ T8998] ext4 filesystem being mounted at /352/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.358878][   T31] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  178.367915][ T8997] EXT4-fs (loop2): Remounting filesystem read-only
[  178.376880][ T8997] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[  178.470497][ T9027] loop0: detected capacity change from 0 to 512
[  178.492669][ T9027] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  178.509982][ T9027] EXT4-fs (loop0): orphan cleanup on readonly fs
[  178.525667][ T9027] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1930: corrupted inode contents
[  178.538349][ T9033] loop4: detected capacity change from 0 to 1024
[  178.554980][ T9033] EXT4-fs: Ignoring removed nobh option
[  178.560751][ T9033] EXT4-fs: inline encryption not supported
[  178.570650][ T9037] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9037 comm=syz.1.1936
[  178.570843][ T9027] EXT4-fs (loop0): Remounting filesystem read-only
[  178.590289][ T9027] EXT4-fs (loop0): 1 truncate cleaned up
[  178.596634][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  178.607374][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  178.624203][   T31] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  178.634033][ T9033] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1934: Allocating blocks 385-513 which overlap fs metadata
[  178.652636][ T9033] EXT4-fs (loop4): pa ffff8881007d3d90: logic 16, phys. 129, len 24
[  178.660879][ T9033] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  178.734660][ T9042] siw: device registration error -23
[  178.779433][ T9049] loop1: detected capacity change from 0 to 512
[  178.793738][ T9049] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1940: corrupted inode contents
[  178.806741][ T9049] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.1940: mark_inode_dirty error
[  178.818300][ T9049] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1940: corrupted inode contents
[  178.831042][ T9049] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.1940: mark_inode_dirty error
[  178.842951][ T9049] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1940: corrupted inode contents
[  178.855366][ T9049] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  178.864308][ T9049] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1940: corrupted inode contents
[  178.876871][ T9049] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.1940: mark_inode_dirty error
[  178.888224][ T9049] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  178.898820][ T9049] EXT4-fs (loop1): 1 truncate cleaned up
[  178.905343][ T9049] ext4 filesystem being mounted at /393/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.916155][   T31] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  178.992255][ T9058] loop1: detected capacity change from 0 to 512
[  179.001286][ T9058] EXT4-fs: Ignoring removed orlov option
[  179.015425][ T9058] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  179.025260][ T9058] EXT4-fs (loop1): orphan cleanup on readonly fs
[  179.032445][ T9058] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1943: bg 0: block 248: padding at end of block bitmap is not set
[  179.047074][ T9058] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1943: Failed to acquire dquot type 1
[  179.059058][ T9058] EXT4-fs (loop1): 1 truncate cleaned up
[  179.068300][ T9058] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1943: Abort forced by user
[  179.078715][ T9058] EXT4-fs (loop1): Remounting filesystem read-only
[  179.085334][ T9058] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  179.123253][   T29] kauditd_printk_skb: 1043 callbacks suppressed
[  179.123270][   T29] audit: type=1326 audit(1754345682.890:23250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f913a815b27 code=0x7ffc0000
[  179.153389][   T29] audit: type=1326 audit(1754345682.890:23251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f913a7bad69 code=0x7ffc0000
[  179.176904][   T29] audit: type=1326 audit(1754345682.890:23252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f913a81eb69 code=0x7ffc0000
[  179.200446][   T29] audit: type=1326 audit(1754345682.900:23253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f913a815b27 code=0x7ffc0000
[  179.223887][   T29] audit: type=1326 audit(1754345682.900:23254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f913a7bad69 code=0x7ffc0000
[  179.247522][   T29] audit: type=1326 audit(1754345682.900:23255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f913a81eb69 code=0x7ffc0000
[  179.270918][   T29] audit: type=1326 audit(1754345682.910:23256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f913a815b27 code=0x7ffc0000
[  179.294619][   T29] audit: type=1326 audit(1754345682.910:23257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f913a7bad69 code=0x7ffc0000
[  179.318061][   T29] audit: type=1326 audit(1754345682.910:23258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f913a81eb69 code=0x7ffc0000
[  179.341471][   T29] audit: type=1326 audit(1754345682.920:23259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f913a815b27 code=0x7ffc0000
[  179.347541][ T9072] loop1: detected capacity change from 0 to 128
[  179.395725][ T9072] FAT-fs (loop1): Directory bread(block 32) failed
[  179.402386][ T9072] FAT-fs (loop1): Directory bread(block 33) failed
[  179.409632][ T9072] FAT-fs (loop1): Directory bread(block 34) failed
[  179.416969][ T9072] FAT-fs (loop1): Directory bread(block 35) failed
[  179.423692][ T9072] FAT-fs (loop1): Directory bread(block 36) failed
[  179.438624][ T9072] FAT-fs (loop1): Directory bread(block 37) failed
[  179.446479][ T9072] FAT-fs (loop1): Directory bread(block 38) failed
[  179.454486][ T9072] FAT-fs (loop1): Directory bread(block 39) failed
[  179.461246][ T9072] FAT-fs (loop1): Directory bread(block 40) failed
[  179.467864][ T9072] FAT-fs (loop1): Directory bread(block 41) failed
[  179.490224][ T9078] loop4: detected capacity change from 0 to 512
[  179.496763][ T9078] ext4: Unknown parameter 'fsname'
[  179.511643][ T9078] 
: renamed from bond0 (while UP)
[  179.525986][ T9072] validate_nla: 8 callbacks suppressed
[  179.526004][ T9072] netlink: 'syz.1.1947': attribute type 2 has an invalid length.
[  179.526019][ T9072] netlink: 'syz.1.1947': attribute type 1 has an invalid length.
[  179.526033][ T9072] netlink: 'syz.1.1947': attribute type 2 has an invalid length.
[  179.572635][ T9083] loop2: detected capacity change from 0 to 512
[  179.607488][ T9083] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1951: corrupted inode contents
[  179.607672][ T9083] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.1951: mark_inode_dirty error
[  179.607950][ T9083] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1951: corrupted inode contents
[  179.608119][ T9083] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.1951: mark_inode_dirty error
[  179.608289][ T9083] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1951: corrupted inode contents
[  179.608416][ T9083] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  179.608559][ T9083] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1951: corrupted inode contents
[  179.608779][ T9083] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.1951: mark_inode_dirty error
[  179.608969][ T9083] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  179.609271][ T9083] EXT4-fs (loop2): 1 truncate cleaned up
[  179.609679][ T9083] ext4 filesystem being mounted at /375/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.621788][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  179.650314][ T9088] loop0: detected capacity change from 0 to 512
[  179.681637][ T9088] EXT4-fs (loop0): too many log groups per flexible block group
[  179.681717][ T9088] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  179.681746][ T9088] EXT4-fs (loop0): mount failed
[  179.775449][ T9095] loop2: detected capacity change from 0 to 512
[  179.776111][ T9095] EXT4-fs: Ignoring removed orlov option
[  179.781039][ T9095] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  179.782446][ T9095] EXT4-fs (loop2): orphan cleanup on readonly fs
[  179.782923][ T9095] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1955: bg 0: block 248: padding at end of block bitmap is not set
[  179.783370][ T9095] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1955: Failed to acquire dquot type 1
[  179.784535][ T9095] EXT4-fs (loop2): 1 truncate cleaned up
[  179.787304][ T9095] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.1955: Abort forced by user
[  179.796153][ T9095] EXT4-fs (loop2): Remounting filesystem read-only
[  179.796173][ T9095] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[  179.940679][ T9105] loop2: detected capacity change from 0 to 512
[  180.054598][ T9105] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  180.077651][ T9105] EXT4-fs (loop2): orphan cleanup on readonly fs
[  180.092759][ T9105] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1959: corrupted inode contents
[  180.093516][ T9114] loop1: detected capacity change from 0 to 512
[  180.106702][ T9105] EXT4-fs (loop2): Remounting filesystem read-only
[  180.117808][ T9105] EXT4-fs (loop2): 1 truncate cleaned up
[  180.117947][ T9114] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  180.123967][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  180.142673][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  180.145562][ T9114] ext4 filesystem being mounted at /399/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.159198][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  180.187335][ T9114] FAULT_INJECTION: forcing a failure.
[  180.187335][ T9114] name failslab, interval 1, probability 0, space 0, times 0
[  180.200101][ T9114] CPU: 1 UID: 0 PID: 9114 Comm: syz.1.1962 Not tainted 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  180.200139][ T9114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  180.200271][ T9114] Call Trace:
[  180.200279][ T9114]  <TASK>
[  180.200289][ T9114]  __dump_stack+0x1d/0x30
[  180.200355][ T9114]  dump_stack_lvl+0xe8/0x140
[  180.200434][ T9114]  dump_stack+0x15/0x1b
[  180.200455][ T9114]  should_fail_ex+0x265/0x280
[  180.200498][ T9114]  should_failslab+0x8c/0xb0
[  180.200529][ T9114]  kmem_cache_alloc_noprof+0x50/0x310
[  180.200557][ T9114]  ? getname_flags+0x80/0x3b0
[  180.200648][ T9114]  getname_flags+0x80/0x3b0
[  180.200685][ T9114]  user_path_at+0x28/0x130
[  180.200802][ T9114]  do_fchmodat+0x9c/0x180
[  180.200844][ T9114]  __x64_sys_chmod+0x38/0x50
[  180.200876][ T9114]  x64_sys_call+0x291c/0x2ff0
[  180.201024][ T9114]  do_syscall_64+0xd2/0x200
[  180.201057][ T9114]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  180.201087][ T9114]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  180.201109][ T9114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.201148][ T9114] RIP: 0033:0x7f75dd47eb69
[  180.201208][ T9114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.201231][ T9114] RSP: 002b:00007f75dbae7038 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  180.201254][ T9114] RAX: ffffffffffffffda RBX: 00007f75dd6a5fa0 RCX: 00007f75dd47eb69
[  180.201269][ T9114] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000340
[  180.201285][ T9114] RBP: 00007f75dbae7090 R08: 0000000000000000 R09: 0000000000000000
[  180.201300][ T9114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.201315][ T9114] R13: 0000000000000000 R14: 00007f75dd6a5fa0 R15: 00007fff7604ffc8
[  180.201378][ T9114]  </TASK>
[  180.214288][ T9114] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1962: corrupted xattr block 19: overlapping e_value 
[  180.409872][ T9114] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  180.418884][ T9114] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1962: corrupted xattr block 19: overlapping e_value 
[  180.440571][ T9118] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  180.466218][ T9114] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1962: corrupted xattr block 19: overlapping e_value 
[  180.483499][ T9114] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  180.503145][ T9132] loop4: detected capacity change from 0 to 512
[  180.515510][ T9132] EXT4-fs: Ignoring removed orlov option
[  180.522442][ T9132] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  180.548852][ T9132] EXT4-fs (loop4): orphan cleanup on readonly fs
[  180.556317][ T9137] loop1: detected capacity change from 0 to 128
[  180.559662][ T9132] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1968: bg 0: block 248: padding at end of block bitmap is not set
[  180.578053][ T9132] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1968: Failed to acquire dquot type 1
[  180.591354][ T9137] FAT-fs (loop1): Directory bread(block 32) failed
[  180.594377][ T9132] EXT4-fs (loop4): 1 truncate cleaned up
[  180.598169][ T9137] FAT-fs (loop1): Directory bread(block 33) failed
[  180.610660][ T9137] FAT-fs (loop1): Directory bread(block 34) failed
[  180.617204][ T9137] FAT-fs (loop1): Directory bread(block 35) failed
[  180.624060][ T9137] FAT-fs (loop1): Directory bread(block 36) failed
[  180.630687][ T9137] FAT-fs (loop1): Directory bread(block 37) failed
[  180.637410][ T9137] FAT-fs (loop1): Directory bread(block 38) failed
[  180.645941][ T9137] FAT-fs (loop1): Directory bread(block 39) failed
[  180.652592][ T9132] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1968: Abort forced by user
[  180.652617][ T9137] FAT-fs (loop1): Directory bread(block 40) failed
[  180.667905][ T9132] EXT4-fs (loop4): Remounting filesystem read-only
[  180.670957][ T9137] FAT-fs (loop1): Directory bread(block 41) failed
[  180.675762][ T9132] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  180.698582][ T9140] loop2: detected capacity change from 0 to 1024
[  180.705725][ T9140] EXT4-fs: Ignoring removed nobh option
[  180.711380][ T9140] EXT4-fs: inline encryption not supported
[  180.737439][ T9137] netlink: 'syz.1.1971': attribute type 2 has an invalid length.
[  180.745245][ T9137] netlink: 'syz.1.1971': attribute type 1 has an invalid length.
[  180.753034][ T9137] netlink: 'syz.1.1971': attribute type 2 has an invalid length.
[  180.754119][ T9140] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.1972: Allocating blocks 385-513 which overlap fs metadata
[  180.764047][ T9132] syz.4.1968 (9132) used greatest stack depth: 9224 bytes left
[  180.796081][ T9140] EXT4-fs (loop2): pa ffff8881071fdc40: logic 16, phys. 129, len 24
[  180.804190][ T9140] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  180.884857][ T9151] loop1: detected capacity change from 0 to 512
[  180.901914][ T9151] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  180.923933][ T9151] EXT4-fs (loop1): orphan cleanup on readonly fs
[  180.932597][ T9151] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1974: corrupted inode contents
[  180.944721][ T9156] loop4: detected capacity change from 0 to 512
[  180.945716][ T9151] EXT4-fs (loop1): Remounting filesystem read-only
[  180.954287][ T9156] EXT4-fs: Ignoring removed mblk_io_submit option
[  180.961368][ T9151] EXT4-fs (loop1): 1 truncate cleaned up
[  180.970266][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  180.980982][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  180.982783][ T9156] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  180.992023][   T37] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  181.002725][ T9156] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  181.020599][ T9156] EXT4-fs (loop4): orphan cleanup on readonly fs
[  181.027596][ T9156] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1975: Invalid block bitmap block 0 in block_group 0
[  181.041416][ T9156] EXT4-fs (loop4): Remounting filesystem read-only
[  181.054695][ T9156] EXT4-fs (loop4): 1 orphan inode deleted
[  181.111635][ T9161] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1977'.
[  181.222233][ T9173] vlan2: entered allmulticast mode
[  181.388958][ T9184] loop4: detected capacity change from 0 to 512
[  181.404182][ T9184] EXT4-fs (loop4): too many log groups per flexible block group
[  181.411948][ T9184] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  181.418778][ T9184] EXT4-fs (loop4): mount failed
[  181.518434][ T9195] loop4: detected capacity change from 0 to 512
[  181.540334][ T9195] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  181.548564][ T9195] EXT4-fs (loop4): orphan cleanup on readonly fs
[  181.556711][ T9195] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1992: corrupted inode contents
[  181.569052][ T9195] EXT4-fs (loop4): Remounting filesystem read-only
[  181.578295][ T9195] EXT4-fs (loop4): 1 truncate cleaned up
[  181.584320][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  181.594911][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  181.607035][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  181.630635][ T9201] loop2: detected capacity change from 0 to 1024
[  181.647124][ T9201] EXT4-fs: Ignoring removed nobh option
[  181.652850][ T9201] EXT4-fs: inline encryption not supported
[  181.676256][ T9201] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.1994: Allocating blocks 385-513 which overlap fs metadata
[  181.693682][ T9201] EXT4-fs (loop2): pa ffff8881071fdbd0: logic 16, phys. 129, len 24
[  181.701784][ T9201] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  182.076064][ T9220] loop3: detected capacity change from 0 to 512
[  182.112287][ T9220] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2003: corrupted inode contents
[  182.126409][ T9226] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2004'.
[  182.126457][ T9220] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.2003: mark_inode_dirty error
[  182.151929][ T9220] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2003: corrupted inode contents
[  182.164215][ T9220] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.2003: mark_inode_dirty error
[  182.176411][ T9220] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2003: corrupted inode contents
[  182.188561][ T9220] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  182.204517][ T9220] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2003: corrupted inode contents
[  182.221900][ T9220] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.2003: mark_inode_dirty error
[  182.237278][ T9220] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  182.252230][ T9232] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2005'.
[  182.259149][ T9220] EXT4-fs (loop3): 1 truncate cleaned up
[  182.272352][ T9220] ext4 filesystem being mounted at /392/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.272393][ T9234] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2008'.
[  182.293868][   T37] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  182.322301][ T9236] loop3: detected capacity change from 0 to 1024
[  182.329701][ T9236] EXT4-fs: Ignoring removed nobh option
[  182.335352][ T9236] EXT4-fs: inline encryption not supported
[  182.359195][ T9236] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2009: Allocating blocks 385-513 which overlap fs metadata
[  182.382503][ T9236] EXT4-fs (loop3): pa ffff8881071fdbd0: logic 16, phys. 129, len 24
[  182.390602][ T9236] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  182.528487][ T9256] loop0: detected capacity change from 0 to 512
[  182.545417][ T9256] EXT4-fs (loop0): too many log groups per flexible block group
[  182.553250][ T9256] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  182.575707][ T9256] EXT4-fs (loop0): mount failed
[  183.412262][ T9284] siw: device registration error -23
[  183.461061][ T9291] loop1: detected capacity change from 0 to 512
[  183.468540][ T9290] loop0: detected capacity change from 0 to 512
[  183.475933][ T9291] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  183.492296][ T9291] EXT4-fs (loop1): orphan cleanup on readonly fs
[  183.502212][ T9291] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2029: corrupted inode contents
[  183.506426][ T9290] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  183.514574][ T9291] EXT4-fs (loop1): Remounting filesystem read-only
[  183.524129][ T9290] EXT4-fs (loop0): orphan cleanup on readonly fs
[  183.528979][ T9291] EXT4-fs (loop1): 1 truncate cleaned up
[  183.536829][ T9290] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2030: corrupted inode contents
[  183.542335][   T51] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.552715][ T9290] EXT4-fs (loop0): Remounting filesystem read-only
[  183.563139][   T51] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.569732][ T9290] EXT4-fs (loop0): 1 truncate cleaned up
[  183.581866][   T51] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  183.596351][   T51] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.606909][   T51] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.617487][   T51] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  183.729947][ T9301] loop1: detected capacity change from 0 to 512
[  183.753720][ T9301] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  183.768858][ T9301] EXT4-fs (loop1): orphan cleanup on readonly fs
[  183.786904][ T9301] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2033: corrupted inode contents
[  183.804448][ T9301] EXT4-fs (loop1): Remounting filesystem read-only
[  183.811234][ T9301] EXT4-fs (loop1): 1 truncate cleaned up
[  183.817017][ T1908] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.827593][ T1908] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.835612][ T9311] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2037'.
[  183.840891][ T1908] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  183.897883][ T9313] loop2: detected capacity change from 0 to 512
[  183.921606][ T9313] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  183.941320][ T9313] EXT4-fs (loop2): orphan cleanup on readonly fs
[  183.962687][ T9313] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2038: corrupted inode contents
[  183.974934][ T9313] EXT4-fs (loop2): Remounting filesystem read-only
[  183.982613][ T9313] EXT4-fs (loop2): 1 truncate cleaned up
[  183.988547][   T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.999153][   T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.011341][   T51] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  184.053064][ T9327] siw: device registration error -23
[  184.057699][ T9330] loop2: detected capacity change from 0 to 512
[  184.074133][ T9331] loop0: detected capacity change from 0 to 512
[  184.112098][ T9330] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  184.120371][ T9330] EXT4-fs (loop2): orphan cleanup on readonly fs
[  184.130860][ T9330] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2044: corrupted inode contents
[  184.148934][ T9331] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  184.157846][ T9331] EXT4-fs (loop0): orphan cleanup on readonly fs
[  184.164944][ T9330] EXT4-fs (loop2): Remounting filesystem read-only
[  184.169805][   T29] kauditd_printk_skb: 1124 callbacks suppressed
[  184.169824][   T29] audit: type=1326 audit(1754345687.940:24333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9340 comm="syz.1.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75dd47eb69 code=0x7ffc0000
[  184.171918][ T9330] EXT4-fs (loop2): 1 truncate cleaned up
[  184.177725][   T29] audit: type=1326 audit(1754345687.940:24334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9340 comm="syz.1.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f75dd47eb69 code=0x7ffc0000
[  184.230393][   T29] audit: type=1326 audit(1754345687.940:24335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9340 comm="syz.1.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f75dd47eba3 code=0x7ffc0000
[  184.258519][ T9341] loop1: detected capacity change from 0 to 1024
[  184.265347][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.274922][   T29] audit: type=1326 audit(1754345688.020:24336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9340 comm="syz.1.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f75dd47d61f code=0x7ffc0000
[  184.275915][   T12] Quota error (device loop2): write_blk: dquota write failed
[  184.299206][   T29] audit: type=1326 audit(1754345688.020:24337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9340 comm="syz.1.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f75dd47ebf7 code=0x7ffc0000
[  184.306556][   T12] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  184.329950][   T29] audit: type=1326 audit(1754345688.020:24338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9340 comm="syz.1.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f75dd47d4d0 code=0x7ffc0000
[  184.339974][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.363455][   T29] audit: type=1326 audit(1754345688.020:24339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9340 comm="syz.1.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f75dd47e76b code=0x7ffc0000
[  184.374021][   T12] Quota error (device loop2): write_blk: dquota write failed
[  184.398728][ T9341] EXT4-fs: Ignoring removed nobh option
[  184.410404][ T9341] EXT4-fs: inline encryption not supported
[  184.411892][ T9331] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2045: corrupted inode contents
[  184.435477][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  184.439366][ T9331] EXT4-fs (loop0): Remounting filesystem read-only
[  184.453529][ T9331] EXT4-fs (loop0): 1 truncate cleaned up
[  184.459365][ T4385] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.469982][ T4385] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.480727][ T4385] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  184.529078][ T9341] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2048: Allocating blocks 385-513 which overlap fs metadata
[  184.571273][ T9341] EXT4-fs (loop1): pa ffff8881071fdbd0: logic 16, phys. 129, len 24
[  184.579303][ T9341] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  184.588461][ T9351] loop3: detected capacity change from 0 to 1024
[  184.597420][ T9351] EXT4-fs: Ignoring removed nobh option
[  184.603143][ T9351] EXT4-fs: inline encryption not supported
[  184.635605][ T9351] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2050: Allocating blocks 385-513 which overlap fs metadata
[  184.655766][ T9351] EXT4-fs (loop3): pa ffff8881007d3e70: logic 16, phys. 129, len 24
[  184.663828][ T9351] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  184.684790][ T9358] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2053'.
[  184.751232][ T9362] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2054'.
[  184.760204][ T9362] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2054'.
[  184.858022][ T9373] loop0: detected capacity change from 0 to 512
[  184.872556][ T9373] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  184.881287][ T9373] EXT4-fs (loop0): orphan cleanup on readonly fs
[  184.889379][ T9373] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2059: corrupted inode contents
[  184.901616][ T9373] EXT4-fs (loop0): Remounting filesystem read-only
[  184.908219][ T9373] EXT4-fs (loop0): 1 truncate cleaned up
[  184.914088][   T51] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.924640][   T51] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.935254][   T51] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  185.010411][ T9379] netlink: 'syz.1.2061': attribute type 1 has an invalid length.
[  185.026234][ T9379] 8021q: adding VLAN 0 to HW filter on device bond1
[  185.047236][ T9379] bond1: (slave dummy0): making interface the new active one
[  185.056716][ T9379] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  185.165540][ T9389] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2065'.
[  185.533055][ T9397] lo speed is unknown, defaulting to 1000
[  185.571685][ T9402] loop4: detected capacity change from 0 to 512
[  185.583805][ T9402] EXT4-fs: Ignoring removed orlov option
[  185.590883][ T9402] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  185.601873][ T9402] EXT4-fs (loop4): orphan cleanup on readonly fs
[  185.609127][ T9402] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2070: bg 0: block 248: padding at end of block bitmap is not set
[  185.624459][ T9402] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2070: Failed to acquire dquot type 1
[  185.636240][ T9402] EXT4-fs (loop4): 1 truncate cleaned up
[  185.645469][ T9402] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.2070: Abort forced by user
[  185.658819][ T9402] EXT4-fs (loop4): Remounting filesystem read-only
[  185.665434][ T9402] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  185.672150][ T9405] loop2: detected capacity change from 0 to 1024
[  185.686910][ T9405] EXT4-fs: Ignoring removed nobh option
[  185.692572][ T9405] EXT4-fs: inline encryption not supported
[  185.705936][ T9405] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2071: Allocating blocks 385-513 which overlap fs metadata
[  185.724164][ T9405] EXT4-fs (loop2): pa ffff8881007d3d20: logic 16, phys. 129, len 24
[  185.732268][ T9405] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  186.099605][ T9422] loop1: detected capacity change from 0 to 512
[  186.113235][ T9422] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2077: corrupted inode contents
[  186.125802][ T9422] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.2077: mark_inode_dirty error
[  186.137846][ T9422] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2077: corrupted inode contents
[  186.150503][ T9422] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.2077: mark_inode_dirty error
[  186.162395][ T9422] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2077: corrupted inode contents
[  186.174525][ T9422] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  186.184029][ T9422] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2077: corrupted inode contents
[  186.196325][ T9422] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.2077: mark_inode_dirty error
[  186.214019][ T9422] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  186.224002][ T9422] EXT4-fs (loop1): 1 truncate cleaned up
[  186.230443][ T9422] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.250097][ T4385] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  186.363264][ T9434] loop3: detected capacity change from 0 to 512
[  186.371618][ T9434] EXT4-fs: Ignoring removed orlov option
[  186.380860][ T9434] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  186.391091][ T9434] EXT4-fs (loop3): orphan cleanup on readonly fs
[  186.401350][ T9434] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2082: bg 0: block 248: padding at end of block bitmap is not set
[  186.416488][ T9437] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2081'.
[  186.416827][ T9434] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2082: Failed to acquire dquot type 1
[  186.425453][ T9437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2081'.
[  186.440324][ T9434] EXT4-fs (loop3): 1 truncate cleaned up
[  186.458375][ T9434] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.2082: Abort forced by user
[  186.468693][ T9434] EXT4-fs (loop3): Remounting filesystem read-only
[  186.475367][ T9434] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  186.532568][ T9443] loop2: detected capacity change from 0 to 128
[  186.549872][ T9443] FAT-fs (loop2): Directory bread(block 32) failed
[  186.569855][ T9443] FAT-fs (loop2): Directory bread(block 33) failed
[  186.574631][ T9444] loop3: detected capacity change from 0 to 512
[  186.576455][ T9443] FAT-fs (loop2): Directory bread(block 34) failed
[  186.589805][ T9443] FAT-fs (loop2): Directory bread(block 35) failed
[  186.597207][ T9443] FAT-fs (loop2): Directory bread(block 36) failed
[  186.604071][ T9443] FAT-fs (loop2): Directory bread(block 37) failed
[  186.611258][ T9443] FAT-fs (loop2): Directory bread(block 38) failed
[  186.617899][ T9443] FAT-fs (loop2): Directory bread(block 39) failed
[  186.624720][ T9443] FAT-fs (loop2): Directory bread(block 40) failed
[  186.626611][ T9444] EXT4-fs (loop3): too many log groups per flexible block group
[  186.631577][ T9443] FAT-fs (loop2): Directory bread(block 41) failed
[  186.639125][ T9444] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  186.654973][ T9444] EXT4-fs (loop3): mount failed
[  186.693427][ T9443] netlink: 'syz.2.2084': attribute type 2 has an invalid length.
[  186.701282][ T9443] netlink: 'syz.2.2084': attribute type 1 has an invalid length.
[  186.709023][ T9443] netlink: 'syz.2.2084': attribute type 2 has an invalid length.
[  186.983431][ T9466] loop4: detected capacity change from 0 to 512
[  186.990724][ T9466] EXT4-fs: Ignoring removed orlov option
[  187.001838][ T9466] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  187.011333][ T9466] EXT4-fs (loop4): orphan cleanup on readonly fs
[  187.018302][ T9466] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2093: bg 0: block 248: padding at end of block bitmap is not set
[  187.034195][ T9466] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2093: Failed to acquire dquot type 1
[  187.046162][ T9466] EXT4-fs (loop4): 1 truncate cleaned up
[  187.055439][ T9466] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.2093: Abort forced by user
[  187.065631][ T9466] EXT4-fs (loop4): Remounting filesystem read-only
[  187.072186][ T9466] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  187.152891][ T9470] loop4: detected capacity change from 0 to 1024
[  187.160258][ T9470] EXT4-fs: Ignoring removed nobh option
[  187.165909][ T9470] EXT4-fs: inline encryption not supported
[  187.185617][ T9470] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2094: Allocating blocks 385-513 which overlap fs metadata
[  187.204862][ T9470] EXT4-fs (loop4): pa ffff8881007d3d20: logic 16, phys. 129, len 24
[  187.212922][ T9470] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  187.318448][ T9476] vlan2: entered allmulticast mode
[  187.627334][ T9493] loop3: detected capacity change from 0 to 512
[  187.643203][ T9493] EXT4-fs (loop3): too many log groups per flexible block group
[  187.650996][ T9493] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  187.658282][ T9493] EXT4-fs (loop3): mount failed
[  187.669450][ T9495] loop0: detected capacity change from 0 to 2048
[  187.886182][ T9503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2105'.
[  187.895243][ T9503] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2105'.
[  188.006400][ T9506] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2106'.
[  188.082995][ T9512] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2109'.
[  188.136364][ T9514] loop1: detected capacity change from 0 to 512
[  188.160922][ T9514] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  188.186116][ T9514] EXT4-fs (loop1): orphan cleanup on readonly fs
[  188.204245][ T9514] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2111: corrupted inode contents
[  188.236730][ T9514] EXT4-fs (loop1): Remounting filesystem read-only
[  188.243884][ T9514] EXT4-fs (loop1): 1 truncate cleaned up
[  188.251167][ T4385] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  188.261752][ T4385] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  188.274199][ T4385] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  188.317176][ T9529] loop1: detected capacity change from 0 to 1024
[  188.324735][ T9529] EXT4-fs: Ignoring removed nobh option
[  188.330420][ T9529] EXT4-fs: inline encryption not supported
[  188.339482][ T9530] loop2: detected capacity change from 0 to 512
[  188.356165][ T9530] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2115: corrupted inode contents
[  188.374822][ T9530] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.2115: mark_inode_dirty error
[  188.386450][ T9530] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2115: corrupted inode contents
[  188.399882][ T9530] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.2115: mark_inode_dirty error
[  188.411514][ T9530] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2115: corrupted inode contents
[  188.413963][ T9529] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2116: Allocating blocks 385-513 which overlap fs metadata
[  188.425306][ T9530] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  188.446306][ T9530] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2115: corrupted inode contents
[  188.451626][ T9529] EXT4-fs (loop1): pa ffff8881071fdbd0: logic 16, phys. 129, len 24
[  188.458891][ T9530] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.2115: mark_inode_dirty error
[  188.466276][ T9529] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  188.479279][ T9530] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  188.503643][ T9530] EXT4-fs (loop2): 1 truncate cleaned up
[  188.510772][ T9530] ext4 filesystem being mounted at /415/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.522495][ T4385] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  188.610664][ T9543] netlink: 176 bytes leftover after parsing attributes in process `syz.3.2120'.
[  188.725430][ T9550] FAULT_INJECTION: forcing a failure.
[  188.725430][ T9550] name failslab, interval 1, probability 0, space 0, times 0
[  188.738116][ T9550] CPU: 0 UID: 0 PID: 9550 Comm: syz.3.2123 Not tainted 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  188.738234][ T9550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  188.738325][ T9550] Call Trace:
[  188.738333][ T9550]  <TASK>
[  188.738342][ T9550]  __dump_stack+0x1d/0x30
[  188.738370][ T9550]  dump_stack_lvl+0xe8/0x140
[  188.738395][ T9550]  dump_stack+0x15/0x1b
[  188.738425][ T9550]  should_fail_ex+0x265/0x280
[  188.738515][ T9550]  should_failslab+0x8c/0xb0
[  188.738538][ T9550]  kmem_cache_alloc_noprof+0x50/0x310
[  188.738563][ T9550]  ? security_file_alloc+0x32/0x100
[  188.738656][ T9550]  security_file_alloc+0x32/0x100
[  188.738683][ T9550]  init_file+0x5c/0x1d0
[  188.738709][ T9550]  alloc_empty_file+0x8b/0x200
[  188.738750][ T9550]  path_openat+0x68/0x2170
[  188.738767][ T9550]  ? _parse_integer_limit+0x170/0x190
[  188.738799][ T9550]  ? kstrtoull+0x111/0x140
[  188.738828][ T9550]  ? kstrtouint+0x76/0xc0
[  188.738918][ T9550]  do_filp_open+0x109/0x230
[  188.739017][ T9550]  do_sys_openat2+0xa6/0x110
[  188.739055][ T9550]  __x64_sys_openat+0xf2/0x120
[  188.739085][ T9550]  x64_sys_call+0x2e9c/0x2ff0
[  188.739104][ T9550]  do_syscall_64+0xd2/0x200
[  188.739200][ T9550]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  188.739226][ T9550]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  188.739249][ T9550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.739292][ T9550] RIP: 0033:0x7f3f5a7feb69
[  188.739310][ T9550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.739326][ T9550] RSP: 002b:00007f3f58e67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  188.739343][ T9550] RAX: ffffffffffffffda RBX: 00007f3f5aa25fa0 RCX: 00007f3f5a7feb69
[  188.739354][ T9550] RDX: 0000000000000201 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  188.739365][ T9550] RBP: 00007f3f58e67090 R08: 0000000000000000 R09: 0000000000000000
[  188.739375][ T9550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.739467][ T9550] R13: 0000000000000000 R14: 00007f3f5aa25fa0 R15: 00007ffd6f4ae5a8
[  188.739484][ T9550]  </TASK>
[  189.020732][ T9558] loop3: detected capacity change from 0 to 512
[  189.042766][ T9558] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  189.051483][ T9558] EXT4-fs (loop3): orphan cleanup on readonly fs
[  189.059500][ T9558] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2127: corrupted inode contents
[  189.072246][ T9558] EXT4-fs (loop3): Remounting filesystem read-only
[  189.078935][ T9558] EXT4-fs (loop3): 1 truncate cleaned up
[  189.084737][ T4385] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  189.095279][ T4385] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  189.105923][ T4385] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  189.227407][   T29] kauditd_printk_skb: 1781 callbacks suppressed
[  189.227424][   T29] audit: type=1326 audit(1754345692.990:26086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f5a7feb69 code=0x7ffc0000
[  189.234718][ T9571] loop3: detected capacity change from 0 to 1024
[  189.260837][   T29] audit: type=1326 audit(1754345692.990:26087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f5a7feb69 code=0x7ffc0000
[  189.287205][   T29] audit: type=1326 audit(1754345692.990:26088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3f5a7feb69 code=0x7ffc0000
[  189.287746][ T9571] EXT4-fs: Ignoring removed nobh option
[  189.310742][   T29] audit: type=1326 audit(1754345692.990:26089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3f5a7feba3 code=0x7ffc0000
[  189.316351][ T9571] EXT4-fs: inline encryption not supported
[  189.339664][   T29] audit: type=1326 audit(1754345692.990:26090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3f5a7fd61f code=0x7ffc0000
[  189.368818][   T29] audit: type=1326 audit(1754345693.000:26091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3f5a7febf7 code=0x7ffc0000
[  189.392286][   T29] audit: type=1326 audit(1754345693.000:26092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3f5a7fd4d0 code=0x7ffc0000
[  189.415848][   T29] audit: type=1326 audit(1754345693.000:26093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3f5a7fe76b code=0x7ffc0000
[  189.444593][ T9571] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2132: Allocating blocks 385-513 which overlap fs metadata
[  189.446021][   T29] audit: type=1326 audit(1754345693.030:26094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3f5a7fd7ca code=0x7ffc0000
[  189.474999][ T9571] EXT4-fs (loop3): pa ffff8881071fdbd0: logic 16, phys. 129, len 24
[  189.481988][   T29] audit: type=1326 audit(1754345693.030:26095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9570 comm="syz.3.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3f5a7fd7ca code=0x7ffc0000
[  189.513345][ T9571] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  189.526602][ T9581] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2134'.
[  189.535616][ T9581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2134'.
[  189.548852][ T9581] wireguard14: entered promiscuous mode
[  189.593066][ T9587] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2136'.
[  189.602840][ T9587] netem: invalid attributes len -17
[  189.608101][ T9587] netem: change failed
[  189.675558][ T9593] loop2: detected capacity change from 0 to 512
[  189.691025][ T9593] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  189.699261][ T9593] EXT4-fs (loop2): orphan cleanup on readonly fs
[  189.707188][ T9593] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2139: corrupted inode contents
[  189.719413][ T9593] EXT4-fs (loop2): Remounting filesystem read-only
[  189.726362][ T9593] EXT4-fs (loop2): 1 truncate cleaned up
[  189.732524][   T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  189.743137][   T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  189.753736][   T51] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  189.764353][ T9593] EXT4-fs mount: 99 callbacks suppressed
[  189.764365][ T9593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  189.783055][ T9593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.824999][ T9597] loop2: detected capacity change from 0 to 1024
[  189.832169][ T9597] EXT4-fs: Ignoring removed nobh option
[  189.837931][ T9597] EXT4-fs: inline encryption not supported
[  189.851692][ T9597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.878045][ T9597] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2140: Allocating blocks 385-513 which overlap fs metadata
[  189.901569][ T9597] EXT4-fs (loop2): pa ffff8881007d3d20: logic 16, phys. 129, len 24
[  189.909670][ T9597] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  190.067646][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.134395][ T9608] siw: device registration error -23
[  190.375939][ T9614] Invalid ELF header magic: != ELF
[  190.382752][ T9614] loop4: detected capacity change from 0 to 128
[  190.466181][ T9617] loop4: detected capacity change from 0 to 512
[  190.473738][ T9617] /dev/loop4: Can't open blockdev
[  190.619985][ T9631] loop4: detected capacity change from 0 to 1024
[  190.626678][ T9631] EXT4-fs: Ignoring removed orlov option
[  190.636992][ T9631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.672877][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.880511][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.915556][ T9649] loop0: detected capacity change from 0 to 512
[  190.968263][ T9649] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2161: corrupted inode contents
[  190.998051][ T9661] loop4: detected capacity change from 0 to 512
[  191.009033][ T9649] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.2161: mark_inode_dirty error
[  191.033440][ T9661] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  191.043702][ T9661] EXT4-fs (loop4): orphan cleanup on readonly fs
[  191.054753][ T9649] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2161: corrupted inode contents
[  191.069208][ T9661] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2167: corrupted inode contents
[  191.089835][ T9649] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2161: mark_inode_dirty error
[  191.107654][ T9661] EXT4-fs (loop4): Remounting filesystem read-only
[  191.118496][ T9661] EXT4-fs (loop4): 1 truncate cleaned up
[  191.122049][ T9649] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2161: corrupted inode contents
[  191.137831][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  191.148522][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  191.160313][ T9649] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  191.161635][   T37] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  191.172567][ T9677] FAULT_INJECTION: forcing a failure.
[  191.172567][ T9677] name failslab, interval 1, probability 0, space 0, times 0
[  191.180557][ T9661] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  191.191611][ T9677] CPU: 1 UID: 0 PID: 9677 Comm: syz.2.2174 Not tainted 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  191.191654][ T9677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  191.191716][ T9677] Call Trace:
[  191.191726][ T9677]  <TASK>
[  191.191736][ T9677]  __dump_stack+0x1d/0x30
[  191.191767][ T9677]  dump_stack_lvl+0xe8/0x140
[  191.191795][ T9677]  dump_stack+0x15/0x1b
[  191.191821][ T9677]  should_fail_ex+0x265/0x280
[  191.191868][ T9677]  should_failslab+0x8c/0xb0
[  191.191904][ T9677]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  191.191962][ T9677]  ? shmem_alloc_inode+0x34/0x50
[  191.191993][ T9677]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  191.192025][ T9677]  shmem_alloc_inode+0x34/0x50
[  191.192055][ T9677]  alloc_inode+0x40/0x170
[  191.192086][ T9677]  new_inode+0x1d/0xe0
[  191.192151][ T9677]  shmem_get_inode+0x244/0x750
[  191.192183][ T9677]  __shmem_file_setup+0x113/0x210
[  191.192325][ T9677]  shmem_file_setup+0x3b/0x50
[  191.192412][ T9677]  __se_sys_memfd_create+0x2c3/0x590
[  191.192444][ T9677]  __x64_sys_memfd_create+0x31/0x40
[  191.192474][ T9677]  x64_sys_call+0x2abe/0x2ff0
[  191.192562][ T9677]  do_syscall_64+0xd2/0x200
[  191.192595][ T9677]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  191.192631][ T9677]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  191.192662][ T9677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.192747][ T9677] RIP: 0033:0x7f84ceafeb69
[  191.192767][ T9677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.192845][ T9677] RSP: 002b:00007f84cd15ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  191.192872][ T9677] RAX: ffffffffffffffda RBX: 0000000000000373 RCX: 00007f84ceafeb69
[  191.192891][ T9677] RDX: 00007f84cd15eef0 RSI: 0000000000000000 RDI: 00007f84ceb82784
[  191.192909][ T9677] RBP: 0000200000000340 R08: 00007f84cd15ebb7 R09: 00007f84cd15ee40
[  191.192927][ T9677] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  191.192945][ T9677] R13: 00007f84cd15eef0 R14: 00007f84cd15eeb0 R15: 0000200000000000
[  191.192990][ T9677]  </TASK>
[  191.195502][ T9649] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2161: corrupted inode contents
[  191.328519][ T9661] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.377642][ T9649] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.2161: mark_inode_dirty error
[  191.445638][ T9678] FAULT_INJECTION: forcing a failure.
[  191.445638][ T9678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.458794][ T9678] CPU: 0 UID: 0 PID: 9678 Comm: syz.3.2173 Not tainted 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  191.458844][ T9678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  191.458857][ T9678] Call Trace:
[  191.458862][ T9678]  <TASK>
[  191.458869][ T9678]  __dump_stack+0x1d/0x30
[  191.458889][ T9678]  dump_stack_lvl+0xe8/0x140
[  191.458907][ T9678]  dump_stack+0x15/0x1b
[  191.458923][ T9678]  should_fail_ex+0x265/0x280
[  191.458998][ T9678]  should_fail+0xb/0x20
[  191.459050][ T9678]  should_fail_usercopy+0x1a/0x20
[  191.459112][ T9678]  _copy_from_user+0x1c/0xb0
[  191.459140][ T9678]  ___bpf_copy_key+0xa5/0x110
[  191.459203][ T9678]  map_update_elem+0x165/0x520
[  191.459271][ T9678]  __sys_bpf+0x571/0x7b0
[  191.459302][ T9678]  __x64_sys_bpf+0x41/0x50
[  191.459372][ T9678]  x64_sys_call+0x2aea/0x2ff0
[  191.459398][ T9678]  do_syscall_64+0xd2/0x200
[  191.459422][ T9678]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  191.459445][ T9678]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  191.459511][ T9678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.459537][ T9678] RIP: 0033:0x7f3f5a7feb69
[  191.459555][ T9678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.459576][ T9678] RSP: 002b:00007f3f58e46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  191.459663][ T9678] RAX: ffffffffffffffda RBX: 00007f3f5aa26080 RCX: 00007f3f5a7feb69
[  191.459675][ T9678] RDX: 0000000000000020 RSI: 0000200000000600 RDI: 0000000000000002
[  191.459687][ T9678] RBP: 00007f3f58e46090 R08: 0000000000000000 R09: 0000000000000000
[  191.459794][ T9678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.459810][ T9678] R13: 0000000000000000 R14: 00007f3f5aa26080 R15: 00007ffd6f4ae5a8
[  191.459834][ T9678]  </TASK>
[  191.641561][ T9678] __nla_validate_parse: 6 callbacks suppressed
[  191.641574][ T9678] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2173'.
[  191.644439][ T9649] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  191.650788][ T9678] vlan2: entered promiscuous mode
[  191.657365][ T9649] EXT4-fs (loop0): 1 truncate cleaned up
[  191.665541][ T9678] syz_tun: entered promiscuous mode
[  191.685816][   T51] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  191.687723][ T9649] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.710133][ T9649] ext4 filesystem being mounted at /400/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.727105][ T9687] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2178'.
[  191.736423][ T9687] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2178'.
[  191.752221][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.805520][ T9692] netlink: 'syz.0.2179': attribute type 4 has an invalid length.
[  191.813407][ T9692] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2179'.
[  191.833174][ T9692] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2179'.
[  191.911126][ T9697] loop2: detected capacity change from 0 to 8192
[  192.022988][ T9704] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2183'.
[  192.041757][ T9703] loop3: detected capacity change from 0 to 128
[  192.056121][ T9703] FAT-fs (loop3): Directory bread(block 32) failed
[  192.062808][ T9703] FAT-fs (loop3): Directory bread(block 33) failed
[  192.069476][ T9703] FAT-fs (loop3): Directory bread(block 34) failed
[  192.076167][ T9703] FAT-fs (loop3): Directory bread(block 35) failed
[  192.082888][ T9703] FAT-fs (loop3): Directory bread(block 36) failed
[  192.143030][ T9703] FAT-fs (loop3): Directory bread(block 37) failed
[  192.149682][ T9703] FAT-fs (loop3): Directory bread(block 38) failed
[  192.156681][ T9703] FAT-fs (loop3): Directory bread(block 39) failed
[  192.163371][ T9703] FAT-fs (loop3): Directory bread(block 40) failed
[  192.170245][ T9703] FAT-fs (loop3): Directory bread(block 41) failed
[  192.304635][ T9703] netlink: 'syz.3.2185': attribute type 2 has an invalid length.
[  192.312487][ T9703] netlink: 'syz.3.2185': attribute type 1 has an invalid length.
[  192.320250][ T9703] netlink: 'syz.3.2185': attribute type 2 has an invalid length.
[  192.387837][ T9711] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2187'.
[  192.396859][ T9711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2187'.
[  192.501077][ T9711] wireguard8: entered promiscuous mode
[  192.840268][ T9721] loop3: detected capacity change from 0 to 512
[  192.895695][ T9724] loop2: detected capacity change from 0 to 512
[  192.916285][ T9721] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2189: corrupted inode contents
[  192.973538][ T9724] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  192.992923][ T9721] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.2189: mark_inode_dirty error
[  193.011206][ T9724] EXT4-fs (loop2): orphan cleanup on readonly fs
[  193.029214][ T9724] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2191: corrupted inode contents
[  193.049983][ T9721] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2189: corrupted inode contents
[  193.067620][ T9724] EXT4-fs (loop2): Remounting filesystem read-only
[  193.076707][ T9721] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.2189: mark_inode_dirty error
[  193.093341][ T9724] EXT4-fs (loop2): 1 truncate cleaned up
[  193.101122][ T9732] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2193'.
[  193.110058][ T9732] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2193'.
[  193.130475][ T9721] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2189: corrupted inode contents
[  193.145248][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  193.155868][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  193.181491][ T9732] wireguard15: entered promiscuous mode
[  193.198239][ T9721] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  193.215343][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  193.228316][ T9721] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2189: corrupted inode contents
[  193.245322][ T9735] loop1: detected capacity change from 0 to 512
[  193.252636][ T9724] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.271562][ T9721] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.2189: mark_inode_dirty error
[  193.290171][ T9735] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  193.310114][ T9735] EXT4-fs (loop1): orphan cleanup on readonly fs
[  193.319732][ T9721] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  193.338503][ T9735] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2194: corrupted inode contents
[  193.355425][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.365320][ T9721] EXT4-fs (loop3): 1 truncate cleaned up
[  193.372865][ T9721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.385614][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[  193.398682][ T9735] EXT4-fs (loop1): Remounting filesystem read-only
[  193.406098][ T9735] EXT4-fs (loop1): 1 truncate cleaned up
[  193.413565][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  193.424194][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  193.436441][ T9721] ext4 filesystem being mounted at /426/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.457106][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  193.477485][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.488425][ T9735] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.503162][ T9735] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.728658][ T9756] 8021q: adding VLAN 0 to HW filter on device bond3
[  193.736853][ T9756] bond2: (slave bond3): Enslaving as an active interface with an up link
[  193.757849][ T9756] bond2 (unregistering): (slave bond3): Releasing backup interface
[  193.801252][ T9756] bond2 (unregistering): Released all slaves
[  193.866804][ T9761] 9pnet_virtio: no channels available for device /dev/rnullb0
[  193.923546][ T9759] lo speed is unknown, defaulting to 1000
[  193.929370][ T9759] lo speed is unknown, defaulting to 1000
[  193.935528][ T9759] lo speed is unknown, defaulting to 1000
[  193.943023][ T9759] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  194.034515][ T9759] lo speed is unknown, defaulting to 1000
[  194.041058][ T9759] lo speed is unknown, defaulting to 1000
[  194.047790][ T9759] lo speed is unknown, defaulting to 1000
[  194.054150][ T9759] lo speed is unknown, defaulting to 1000
[  194.060800][ T9759] lo speed is unknown, defaulting to 1000
[  194.403877][ T9784] loop4: detected capacity change from 0 to 512
[  194.516358][ T9784] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2207: corrupted inode contents
[  194.549995][ T9790] loop0: detected capacity change from 0 to 1024
[  194.590261][ T9790] EXT4-fs: Ignoring removed orlov option
[  194.602751][ T9784] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm syz.4.2207: mark_inode_dirty error
[  194.627959][ T9790] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.666891][ T9784] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2207: corrupted inode contents
[  194.762318][ T9784] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.2207: mark_inode_dirty error
[  194.810188][ T9784] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2207: corrupted inode contents
[  194.840268][ T9784] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  194.861330][ T9784] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2207: corrupted inode contents
[  194.893618][ T9784] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm syz.4.2207: mark_inode_dirty error
[  194.924528][ T9784] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  194.941641][ T9784] EXT4-fs (loop4): 1 truncate cleaned up
[  194.961140][ T4385] __quota_error: 602 callbacks suppressed
[  194.961158][ T4385] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  194.968241][ T9784] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.976764][ T4385] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  195.026915][ T9784] ext4 filesystem being mounted at /492/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.059107][   T29] audit: type=1326 audit(1754345698.820:26672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75dd47eb69 code=0x7ffc0000
[  195.087861][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.097025][   T29] audit: type=1326 audit(1754345698.820:26673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f75dd47d4d0 code=0x7ffc0000
[  195.120616][   T29] audit: type=1326 audit(1754345698.820:26674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75dd47eb69 code=0x7ffc0000
[  195.144239][   T29] audit: type=1326 audit(1754345698.820:26675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f75dd47d7ca code=0x7ffc0000
[  195.167632][   T29] audit: type=1326 audit(1754345698.850:26676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f75dd4b1425 code=0x7ffc0000
[  195.216340][ T9798] loop4: detected capacity change from 0 to 512
[  195.243617][ T9798] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  195.252006][ T9798] EXT4-fs (loop4): orphan cleanup on readonly fs
[  195.267002][ T9798] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2213: corrupted inode contents
[  195.303939][   T29] audit: type=1326 audit(1754345699.050:26677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75dd47eb69 code=0x7ffc0000
[  195.327605][   T29] audit: type=1326 audit(1754345699.050:26678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f75dd47d4d0 code=0x7ffc0000
[  195.351160][   T29] audit: type=1326 audit(1754345699.050:26679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f75dd47e76b code=0x7ffc0000
[  195.374640][   T29] audit: type=1326 audit(1754345699.050:26680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9783 comm="syz.1.2210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75dd47eb69 code=0x7ffc0000
[  195.444175][ T9798] EXT4-fs (loop4): Remounting filesystem read-only
[  195.445313][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.459944][ T9798] EXT4-fs (loop4): 1 truncate cleaned up
[  195.467175][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  195.478145][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  195.513194][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  195.529314][ T9798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  195.572097][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.838389][ T9814] siw: device registration error -23
[  195.929955][ T9819] loop0: detected capacity change from 0 to 512
[  195.952665][ T9819] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  195.970494][ T9819] EXT4-fs (loop0): orphan cleanup on readonly fs
[  195.989169][ T9819] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2220: corrupted inode contents
[  196.021231][ T9819] EXT4-fs (loop0): Remounting filesystem read-only
[  196.058333][ T9819] EXT4-fs (loop0): 1 truncate cleaned up
[  196.069398][ T4385] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  196.080075][ T4385] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  196.106625][ T4385] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  196.117890][ T9819] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  196.146091][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.160604][ T9828] loop1: detected capacity change from 0 to 1024
[  196.167357][ T9828] EXT4-fs: Ignoring removed orlov option
[  196.182998][ T9829] loop3: detected capacity change from 0 to 512
[  196.201638][ T9828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.240224][ T9829] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2223: corrupted inode contents
[  196.267641][ T9837] random: crng reseeded on system resumption
[  196.284569][ T9829] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.2223: mark_inode_dirty error
[  196.300042][ T9829] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2223: corrupted inode contents
[  196.313763][ T9829] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.2223: mark_inode_dirty error
[  196.325852][ T9829] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2223: corrupted inode contents
[  196.338069][ T9829] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  196.347964][ T9829] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2223: corrupted inode contents
[  196.361983][ T9829] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.2223: mark_inode_dirty error
[  196.362032][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.373975][ T9829] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  196.400964][ T9829] EXT4-fs (loop3): 1 truncate cleaned up
[  196.407327][ T9829] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.420490][ T4385] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  196.433176][ T9829] ext4 filesystem being mounted at /428/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.523651][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.557006][ T9858] loop0: detected capacity change from 0 to 512
[  196.592201][ T9858] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  196.603065][ T9858] EXT4-fs (loop0): orphan cleanup on readonly fs
[  196.612027][ T9858] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2236: corrupted inode contents
[  196.627165][ T9865] vlan2: entered allmulticast mode
[  196.639069][ T9858] EXT4-fs (loop0): Remounting filesystem read-only
[  196.657567][ T9858] EXT4-fs (loop0): 1 truncate cleaned up
[  196.665124][   T37] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  196.673561][ T9867] loop3: detected capacity change from 0 to 1024
[  196.675832][   T37] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  196.695083][ T9867] EXT4-fs: Ignoring removed orlov option
[  196.701133][   T37] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  196.711925][ T9858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  196.713209][ T9867] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.751512][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.793009][ T9871] loop0: detected capacity change from 0 to 1024
[  196.802812][ T9871] EXT4-fs: Ignoring removed orlov option
[  196.817722][ T9871] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.909022][ T9878] loop4: detected capacity change from 0 to 1024
[  196.916143][ T9878] EXT4-fs: Ignoring removed orlov option
[  196.926128][ T9878] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.992496][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.084930][ T9884] __nla_validate_parse: 8 callbacks suppressed
[  197.084950][ T9884] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2243'.
[  197.170739][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.260523][ T9894] loop0: detected capacity change from 0 to 512
[  197.275128][ T9894] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2245: corrupted inode contents
[  197.297330][ T9894] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.2245: mark_inode_dirty error
[  197.310204][ T9894] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2245: corrupted inode contents
[  197.323497][ T9894] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2245: mark_inode_dirty error
[  197.336145][ T9894] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2245: corrupted inode contents
[  197.350999][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.351523][ T9894] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  197.368876][ T9894] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2245: corrupted inode contents
[  197.383615][ T9899] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2248'.
[  197.404920][ T9894] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.2245: mark_inode_dirty error
[  197.425829][ T9894] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  197.443556][ T9894] EXT4-fs (loop0): 1 truncate cleaned up
[  197.449626][ T9894] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.462693][ T9894] ext4 filesystem being mounted at /418/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.473562][   T12] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[  197.532492][ T9909] loop4: detected capacity change from 0 to 512
[  197.533365][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.553995][ T9909] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  197.571603][ T9914] siw: device registration error -23
[  197.578207][ T9913] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2253'.
[  197.584828][ T9909] EXT4-fs (loop4): orphan cleanup on readonly fs
[  197.599722][ T9909] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2254: corrupted inode contents
[  197.620178][ T9909] EXT4-fs (loop4): Remounting filesystem read-only
[  197.637377][ T9909] EXT4-fs (loop4): 1 truncate cleaned up
[  197.644294][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  197.654962][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  197.660545][ T9918] loop0: detected capacity change from 0 to 1024
[  197.673363][ T9918] EXT4-fs: Ignoring removed orlov option
[  197.688902][   T37] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  197.692714][ T9920] loop1: detected capacity change from 0 to 1024
[  197.700329][ T9909] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  197.718571][ T9920] EXT4-fs: Ignoring removed nobh option
[  197.724225][ T9920] EXT4-fs: inline encryption not supported
[  197.730770][ T9909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.741964][ T9918] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.775618][ T9920] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.795174][ T9920] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2257: Allocating blocks 385-513 which overlap fs metadata
[  197.814501][ T9920] EXT4-fs (loop1): pa ffff8881007d3ee0: logic 16, phys. 129, len 24
[  197.822575][ T9920] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  197.852427][ T9926] loop4: detected capacity change from 0 to 1024
[  197.861455][ T9926] EXT4-fs: Ignoring removed nobh option
[  197.867061][ T9926] EXT4-fs: inline encryption not supported
[  197.897703][ T9930] loop2: detected capacity change from 0 to 128
[  197.904838][ T9926] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.922717][ T9930] FAT-fs (loop2): Directory bread(block 32) failed
[  197.929804][ T9930] FAT-fs (loop2): Directory bread(block 33) failed
[  197.944517][ T9930] FAT-fs (loop2): Directory bread(block 34) failed
[  197.953726][ T9926] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2258: Allocating blocks 385-513 which overlap fs metadata
[  197.968339][ T9930] FAT-fs (loop2): Directory bread(block 35) failed
[  197.975984][ T9930] FAT-fs (loop2): Directory bread(block 36) failed
[  197.982900][ T9930] FAT-fs (loop2): Directory bread(block 37) failed
[  197.991719][ T9930] FAT-fs (loop2): Directory bread(block 38) failed
[  197.999115][ T9930] FAT-fs (loop2): Directory bread(block 39) failed
[  198.007314][ T9926] EXT4-fs (loop4): pa ffff8881071fdb60: logic 16, phys. 129, len 24
[  198.013581][ T9930] FAT-fs (loop2): Directory bread(block 40) failed
[  198.015401][ T9926] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  198.023644][ T9930] FAT-fs (loop2): Directory bread(block 41) failed
[  198.039265][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.090129][ T9930] netlink: 'syz.2.2259': attribute type 2 has an invalid length.
[  198.097930][ T9930] netlink: 'syz.2.2259': attribute type 1 has an invalid length.
[  198.105825][ T9930] netlink: 'syz.2.2259': attribute type 2 has an invalid length.
[  198.115422][ T9938] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2262'.
[  198.126424][ T9935] Invalid ELF header magic: != ELF
[  198.261167][ T9949] loop0: detected capacity change from 0 to 512
[  198.270372][ T9949] /dev/loop0: Can't open blockdev
[  198.333753][ T9953] loop0: detected capacity change from 0 to 512
[  198.352895][ T9953] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  198.361032][ T9953] EXT4-fs (loop0): orphan cleanup on readonly fs
[  198.368462][ T9956] loop2: detected capacity change from 0 to 1024
[  198.368682][ T9953] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2268: corrupted inode contents
[  198.377450][ T9956] EXT4-fs: Ignoring removed orlov option
[  198.389504][ T9953] EXT4-fs (loop0): Remounting filesystem read-only
[  198.399241][ T9953] EXT4-fs (loop0): 1 truncate cleaned up
[  198.406837][   T37] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  198.414760][ T9956] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.417489][   T37] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  198.440601][   T37] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  198.451332][ T9953] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  198.464245][ T9953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.510706][ T9962] loop0: detected capacity change from 0 to 128
[  198.542832][ T9962] FAT-fs (loop0): Directory bread(block 32) failed
[  198.549731][ T9962] FAT-fs (loop0): Directory bread(block 33) failed
[  198.556711][ T9962] FAT-fs (loop0): Directory bread(block 34) failed
[  198.564900][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.582901][ T9962] FAT-fs (loop0): Directory bread(block 35) failed
[  198.591328][ T9962] FAT-fs (loop0): Directory bread(block 36) failed
[  198.598339][ T9962] FAT-fs (loop0): Directory bread(block 37) failed
[  198.605584][ T9962] FAT-fs (loop0): Directory bread(block 38) failed
[  198.614318][ T9962] FAT-fs (loop0): Directory bread(block 39) failed
[  198.621781][ T9962] FAT-fs (loop0): Directory bread(block 40) failed
[  198.628667][ T9962] FAT-fs (loop0): Directory bread(block 41) failed
[  198.657885][ T9965] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2272'.
[  198.666860][ T9965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2272'.
[  198.689927][ T9965] wireguard9: entered promiscuous mode
[  198.698184][ T9962] netlink: 'syz.0.2271': attribute type 2 has an invalid length.
[  198.706062][ T9962] netlink: 'syz.0.2271': attribute type 1 has an invalid length.
[  198.713904][ T9962] netlink: 'syz.0.2271': attribute type 2 has an invalid length.
[  198.722956][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.723916][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.806629][ T9972] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2275'.
[  198.814582][ T9970] Invalid ELF header magic: != ELF
[  198.830904][ T9975] loop4: detected capacity change from 0 to 128
[  198.846592][ T9975] FAT-fs (loop4): Directory bread(block 32) failed
[  198.862144][ T9975] FAT-fs (loop4): Directory bread(block 33) failed
[  198.868778][ T9975] FAT-fs (loop4): Directory bread(block 34) failed
[  198.875653][ T9975] FAT-fs (loop4): Directory bread(block 35) failed
[  198.882672][ T9975] FAT-fs (loop4): Directory bread(block 36) failed
[  198.903462][ T9975] FAT-fs (loop4): Directory bread(block 37) failed
[  198.911383][ T9975] FAT-fs (loop4): Directory bread(block 38) failed
[  198.918199][ T9975] FAT-fs (loop4): Directory bread(block 39) failed
[  198.925132][ T9975] FAT-fs (loop4): Directory bread(block 40) failed
[  198.931774][ T9975] FAT-fs (loop4): Directory bread(block 41) failed
[  199.030996][ T9985] loop0: detected capacity change from 0 to 512
[  199.039931][ T9975] netlink: 'syz.4.2276': attribute type 2 has an invalid length.
[  199.047692][ T9975] netlink: 'syz.4.2276': attribute type 1 has an invalid length.
[  199.055535][ T9975] netlink: 'syz.4.2276': attribute type 2 has an invalid length.
[  199.084889][ T9985] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2279: corrupted inode contents
[  199.098232][ T9985] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.2279: mark_inode_dirty error
[  199.118618][ T9985] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2279: corrupted inode contents
[  199.132093][ T9985] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2279: mark_inode_dirty error
[  199.193172][ T9985] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2279: corrupted inode contents
[  199.218196][ T9992] loop3: detected capacity change from 0 to 1024
[  199.273478][ T9992] EXT4-fs: Ignoring removed orlov option
[  199.299931][ T9985] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  199.324689][ T9992] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.339079][ T9995] loop4: detected capacity change from 0 to 512
[  199.347338][ T9985] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2279: corrupted inode contents
[  199.403135][ T9995] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  199.492717][ T9985] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.2279: mark_inode_dirty error
[  199.506884][ T9995] EXT4-fs (loop4): orphan cleanup on readonly fs
[  199.527976][ T9995] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2283: corrupted inode contents
[  199.539923][ T9985] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  199.549299][ T9995] EXT4-fs (loop4): Remounting filesystem read-only
[  199.556027][ T9995] EXT4-fs (loop4): 1 truncate cleaned up
[  199.561972][   T51] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  199.561960][ T9985] EXT4-fs (loop0): 1 truncate cleaned up
[  199.562393][ T9985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.572644][   T51] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  199.578436][ T9985] ext4 filesystem being mounted at /428/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.598164][T10001] loop1: detected capacity change from 0 to 1024
[  199.609844][   T51] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  199.615555][T10001] EXT4-fs: Ignoring removed nobh option
[  199.633893][T10001] EXT4-fs: inline encryption not supported
[  199.640503][   T51] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  199.662190][ T9995] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  199.671765][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.675313][ T9995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.698379][T10001] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.735459][T10001] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2284: Allocating blocks 385-513 which overlap fs metadata
[  199.773136][T10001] EXT4-fs (loop1): pa ffff8881007d3ee0: logic 16, phys. 129, len 24
[  199.781240][T10001] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  199.964629][T10013] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2287'.
[  199.974210][   T29] kauditd_printk_skb: 805 callbacks suppressed
[  199.974228][   T29] audit: type=1326 audit(1754345703.740:27447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f75dd475b27 code=0x7ffc0000
[  200.165296][   T29] audit: type=1326 audit(1754345703.770:27448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f75dd41ad69 code=0x7ffc0000
[  200.188874][   T29] audit: type=1326 audit(1754345703.770:27449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f75dd475b27 code=0x7ffc0000
[  200.212379][   T29] audit: type=1326 audit(1754345703.770:27450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f75dd41ad69 code=0x7ffc0000
[  200.236025][   T29] audit: type=1326 audit(1754345703.770:27451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f75dd47eb69 code=0x7ffc0000
[  200.259458][   T29] audit: type=1326 audit(1754345703.780:27452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f75dd475b27 code=0x7ffc0000
[  200.283023][   T29] audit: type=1326 audit(1754345703.780:27453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f75dd41ad69 code=0x7ffc0000
[  200.306534][   T29] audit: type=1326 audit(1754345703.780:27454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f75dd47eb69 code=0x7ffc0000
[  200.330015][   T29] audit: type=1326 audit(1754345703.790:27455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f75dd475b27 code=0x7ffc0000
[  200.353593][   T29] audit: type=1326 audit(1754345703.790:27456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10000 comm="syz.1.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f75dd41ad69 code=0x7ffc0000
[  200.390757][T10016] loop4: detected capacity change from 0 to 512
[  200.656233][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.681367][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.701164][T10016] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  200.731219][T10016] EXT4-fs (loop4): orphan cleanup on readonly fs
[  200.792367][T10016] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2288: corrupted inode contents
[  200.811232][T10016] EXT4-fs (loop4): Remounting filesystem read-only
[  200.838271][T10016] EXT4-fs (loop4): 1 truncate cleaned up
[  200.862408][T10030] loop2: detected capacity change from 0 to 1024
[  200.886540][T10030] EXT4-fs: Ignoring removed nobh option
[  200.892174][T10030] EXT4-fs: inline encryption not supported
[  200.938154][T10030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.975006][T10030] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2294: Allocating blocks 385-513 which overlap fs metadata
[  201.008375][T10030] EXT4-fs (loop2): pa ffff8881071fdb60: logic 16, phys. 129, len 24
[  201.016472][T10030] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  201.235350][T10032] Set syz1 is full, maxelem 65536 reached
[  201.356029][ T4385] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  201.366696][ T4385] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  201.383061][ T4385] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  201.394700][T10016] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  201.419252][T10043] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2297'.
[  201.467228][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.540313][T10053] loop0: detected capacity change from 0 to 512
[  201.563069][T10053] EXT4-fs (loop0): too many log groups per flexible block group
[  201.570883][T10053] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  201.587632][T10055] loop1: detected capacity change from 0 to 1024
[  201.600525][T10053] EXT4-fs (loop0): mount failed
[  201.605454][T10055] EXT4-fs: Ignoring removed nobh option
[  201.611176][T10055] EXT4-fs: inline encryption not supported
[  201.624881][T10055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.644171][T10055] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2302: Allocating blocks 385-513 which overlap fs metadata
[  201.663397][T10055] EXT4-fs (loop1): pa ffff8881071fdc40: logic 16, phys. 129, len 24
[  201.671516][T10055] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  201.696490][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.788715][T10065] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2304'.
[  201.800208][T10065] vlan3: entered promiscuous mode
[  201.805367][T10065] syz_tun: entered promiscuous mode
[  201.894047][T10072] loop2: detected capacity change from 0 to 128
[  201.991152][T10082] loop2: detected capacity change from 0 to 512
[  202.002166][T10082] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  202.010566][T10082] EXT4-fs (loop2): orphan cleanup on readonly fs
[  202.018638][T10082] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2310: corrupted inode contents
[  202.032120][T10082] EXT4-fs (loop2): Remounting filesystem read-only
[  202.038827][T10082] EXT4-fs (loop2): 1 truncate cleaned up
[  202.044785][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  202.055401][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  202.066022][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  202.421239][T10099] loop1: detected capacity change from 0 to 1024
[  202.436603][T10099] EXT4-fs: Ignoring removed orlov option
[  202.488897][T10101] loop0: detected capacity change from 0 to 128
[  202.583533][T10109] netlink: 176 bytes leftover after parsing attributes in process `syz.3.2320'.
[  202.674785][T10113] loop3: detected capacity change from 0 to 512
[  202.703684][T10113] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  202.739003][T10113] EXT4-fs (loop3): orphan cleanup on readonly fs
[  202.768261][T10127] loop1: detected capacity change from 0 to 1024
[  202.775450][T10113] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2322: corrupted inode contents
[  202.785043][T10127] EXT4-fs: Ignoring removed nobh option
[  202.793184][T10127] EXT4-fs: inline encryption not supported
[  202.801373][T10113] EXT4-fs (loop3): Remounting filesystem read-only
[  202.819134][T10113] EXT4-fs (loop3): 1 truncate cleaned up
[  202.828051][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  202.838698][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  202.853699][T10131] loop4: detected capacity change from 0 to 1024
[  202.864996][T10131] EXT4-fs: Ignoring removed nobh option
[  202.870647][T10131] EXT4-fs: inline encryption not supported
[  202.882256][   T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  202.886985][T10127] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2328: Allocating blocks 385-513 which overlap fs metadata
[  202.912197][T10127] EXT4-fs (loop1): pa ffff8881007d3ee0: logic 16, phys. 129, len 24
[  202.920293][T10127] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  202.924993][T10131] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2330: Allocating blocks 385-513 which overlap fs metadata
[  202.946088][T10138] loop0: detected capacity change from 0 to 128
[  202.949777][T10131] EXT4-fs (loop4): pa ffff8881007d3e00: logic 16, phys. 129, len 24
[  202.960415][T10131] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  203.018314][T10149] loop0: detected capacity change from 0 to 256
[  203.055765][T10149] FAT-fs (loop0): Directory bread(block 64) failed
[  203.063942][T10149] FAT-fs (loop0): Directory bread(block 65) failed
[  203.072278][T10155] siw: device registration error -23
[  203.077749][T10149] FAT-fs (loop0): Directory bread(block 66) failed
[  203.085261][T10149] FAT-fs (loop0): Directory bread(block 67) failed
[  203.095873][T10149] FAT-fs (loop0): Directory bread(block 68) failed
[  203.103935][T10149] FAT-fs (loop0): Directory bread(block 69) failed
[  203.118839][T10149] FAT-fs (loop0): Directory bread(block 70) failed
[  203.125575][T10149] FAT-fs (loop0): Directory bread(block 71) failed
[  203.132210][T10149] FAT-fs (loop0): Directory bread(block 72) failed
[  203.139021][T10149] FAT-fs (loop0): Directory bread(block 73) failed
[  203.435307][T10180] loop2: detected capacity change from 0 to 512
[  203.456623][T10180] EXT4-fs (loop2): too many log groups per flexible block group
[  203.464527][T10180] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  203.471923][T10180] EXT4-fs (loop2): mount failed
[  203.578521][T10189] loop0: detected capacity change from 0 to 128
[  203.589423][T10189] FAT-fs (loop0): Directory bread(block 32) failed
[  203.601510][T10189] FAT-fs (loop0): Directory bread(block 33) failed
[  203.613600][T10189] FAT-fs (loop0): Directory bread(block 34) failed
[  203.620434][T10189] FAT-fs (loop0): Directory bread(block 35) failed
[  203.627127][T10189] FAT-fs (loop0): Directory bread(block 36) failed
[  203.634064][T10189] FAT-fs (loop0): Directory bread(block 37) failed
[  203.640753][T10189] FAT-fs (loop0): Directory bread(block 38) failed
[  203.654767][T10189] FAT-fs (loop0): Directory bread(block 39) failed
[  203.666913][T10189] FAT-fs (loop0): Directory bread(block 40) failed
[  203.674003][T10189] FAT-fs (loop0): Directory bread(block 41) failed
[  203.802294][T10189] netlink: 'syz.0.2350': attribute type 2 has an invalid length.
[  203.810145][T10189] netlink: 'syz.0.2350': attribute type 1 has an invalid length.
[  203.817910][T10189] netlink: 'syz.0.2350': attribute type 2 has an invalid length.
[  203.885628][T10207] loop4: detected capacity change from 0 to 1024
[  203.892754][T10207] EXT4-fs: Ignoring removed orlov option
[  203.925526][T10214] loop1: detected capacity change from 0 to 1024
[  203.932720][T10214] EXT4-fs: Ignoring removed orlov option
[  203.939588][T10213] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2358'.
[  204.257900][T10231] loop2: detected capacity change from 0 to 512
[  204.276777][T10231] EXT4-fs: Ignoring removed orlov option
[  204.295670][T10231] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  204.324488][T10231] EXT4-fs (loop2): orphan cleanup on readonly fs
[  204.336878][T10231] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2367: bg 0: block 248: padding at end of block bitmap is not set
[  204.357820][T10231] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2367: Failed to acquire dquot type 1
[  204.370572][T10231] EXT4-fs (loop2): 1 truncate cleaned up
[  204.389304][T10231] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.2367: Abort forced by user
[  204.393539][T10241] loop1: detected capacity change from 0 to 1024
[  204.400344][T10231] EXT4-fs (loop2): Remounting filesystem read-only
[  204.408358][T10241] EXT4-fs: Ignoring removed orlov option
[  204.412407][T10231] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[  204.641014][T10264] loop4: detected capacity change from 0 to 1024
[  204.700210][T10264] EXT4-fs: Ignoring removed orlov option
[  204.939520][T10273] Invalid ELF header magic: != ELF
[  204.946001][T10273] loop1: detected capacity change from 0 to 128
[  205.018381][T10275] siw: device registration error -23
[  205.048042][   T29] kauditd_printk_skb: 1144 callbacks suppressed
[  205.048060][   T29] audit: type=1326 audit(1754345708.810:28581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ceafeb69 code=0x7ffc0000
[  205.052449][   T29] audit: type=1326 audit(1754345708.820:28582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ceafeb69 code=0x7ffc0000
[  205.053151][   T29] audit: type=1326 audit(1754345708.820:28583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f84ceafd4d0 code=0x7ffc0000
[  205.053270][   T29] audit: type=1326 audit(1754345708.820:28584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f84ceafe76b code=0x7ffc0000
[  205.053354][   T29] audit: type=1326 audit(1754345708.820:28585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ceafeb69 code=0x7ffc0000
[  205.053685][   T29] audit: type=1326 audit(1754345708.820:28586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84ceafeb69 code=0x7ffc0000
[  205.107375][   T29] audit: type=1326 audit(1754345708.860:28587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ceafeb69 code=0x7ffc0000
[  205.123959][T10281] Invalid ELF header magic: != ELF
[  205.153373][   T29] audit: type=1326 audit(1754345708.920:28588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ceafeb69 code=0x7ffc0000
[  205.244464][T10286] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2388'.
[  205.246620][T10281] loop1: detected capacity change from 0 to 128
[  205.294228][   T29] audit: type=1326 audit(1754345709.060:28589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84ceafeb69 code=0x7ffc0000
[  205.317863][   T29] audit: type=1326 audit(1754345709.060:28590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ceafeb69 code=0x7ffc0000
[  205.442145][T10300] loop3: detected capacity change from 0 to 1024
[  205.448683][T10299] loop1: detected capacity change from 0 to 1024
[  205.459544][T10300] EXT4-fs: Ignoring removed nobh option
[  205.465290][T10300] EXT4-fs: inline encryption not supported
[  205.476185][T10299] EXT4-fs: Ignoring removed orlov option
[  205.483351][T10304] loop0: detected capacity change from 0 to 1024
[  205.491757][T10304] EXT4-fs: Ignoring removed orlov option
[  205.521364][T10300] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2392: Allocating blocks 385-513 which overlap fs metadata
[  205.563916][T10300] EXT4-fs (loop3): pa ffff8881071fd850: logic 16, phys. 129, len 24
[  205.572059][T10300] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  205.585918][T10313] loop4: detected capacity change from 0 to 512
[  205.602019][T10313] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  205.611837][T10313] EXT4-fs (loop4): orphan cleanup on readonly fs
[  205.624200][T10313] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2398: corrupted inode contents
[  205.636902][T10313] EXT4-fs (loop4): Remounting filesystem read-only
[  205.644310][T10313] EXT4-fs (loop4): 1 truncate cleaned up
[  205.650262][ T1908] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  205.660856][ T1908] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  205.672570][ T1908] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  205.725310][T10321] loop4: detected capacity change from 0 to 128
[  205.738264][T10321] FAT-fs (loop4): Directory bread(block 32) failed
[  205.745567][T10321] FAT-fs (loop4): Directory bread(block 33) failed
[  205.752739][T10321] FAT-fs (loop4): Directory bread(block 34) failed
[  205.759429][T10321] FAT-fs (loop4): Directory bread(block 35) failed
[  205.766647][T10321] FAT-fs (loop4): Directory bread(block 36) failed
[  205.797311][T10321] FAT-fs (loop4): Directory bread(block 37) failed
[  205.805639][T10321] FAT-fs (loop4): Directory bread(block 38) failed
[  205.859235][T10324] loop2: detected capacity change from 0 to 1024
[  205.865228][T10321] FAT-fs (loop4): Directory bread(block 39) failed
[  205.866296][T10324] EXT4-fs: Ignoring removed orlov option
[  205.896900][T10321] FAT-fs (loop4): Directory bread(block 40) failed
[  205.904020][T10321] FAT-fs (loop4): Directory bread(block 41) failed
[  205.904490][T10327] loop1: detected capacity change from 0 to 512
[  205.945077][T10327] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  205.964170][T10327] EXT4-fs (loop1): orphan cleanup on readonly fs
[  205.979530][T10327] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2402: corrupted inode contents
[  205.995698][T10331] netlink: 'syz.4.2399': attribute type 2 has an invalid length.
[  206.003558][T10331] netlink: 'syz.4.2399': attribute type 1 has an invalid length.
[  206.011333][T10331] netlink: 'syz.4.2399': attribute type 2 has an invalid length.
[  206.053143][T10327] EXT4-fs (loop1): Remounting filesystem read-only
[  206.063436][T10327] EXT4-fs (loop1): 1 truncate cleaned up
[  206.068829][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  206.079710][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  206.091638][   T37] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  206.291994][T10349] siw: device registration error -23
[  206.303025][T10347] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2410'.
[  206.376006][T10356] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2414'.
[  206.397153][T10358] loop1: detected capacity change from 0 to 1024
[  206.410016][T10358] EXT4-fs: Ignoring removed orlov option
[  206.418136][T10360] Invalid ELF header magic: != ELF
[  206.427256][T10361] loop3: detected capacity change from 0 to 512
[  206.448132][T10361] EXT4-fs (loop3): too many log groups per flexible block group
[  206.455940][T10361] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  206.466371][T10360] loop4: detected capacity change from 0 to 128
[  206.477814][T10361] EXT4-fs (loop3): mount failed
[  206.590477][T10378] loop2: detected capacity change from 0 to 1024
[  206.599422][T10378] EXT4-fs: Ignoring removed nobh option
[  206.605165][T10378] EXT4-fs: inline encryption not supported
[  206.645686][T10378] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2420: Allocating blocks 385-513 which overlap fs metadata
[  206.665193][T10378] EXT4-fs (loop2): pa ffff8881071fda80: logic 16, phys. 129, len 24
[  206.673344][T10378] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  206.686282][T10385] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2422'.
[  206.764690][T10387] random: crng reseeded on system resumption
[  206.817539][T10387] loop4: detected capacity change from 0 to 8192
[  206.827629][T10387] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  206.842212][T10387] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  206.850158][T10387] FAT-fs (loop4): Filesystem has been set read-only
[  206.883734][ T3310] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  206.929493][T10395] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2426'.
[  207.035079][T10397] siw: device registration error -23
[  207.083475][T10401] siw: device registration error -23
[  207.093016][T10401] 9pnet_virtio: no channels available for device /dev/rnullb0
[  207.338295][T10408] Invalid ELF header magic: != ELF
[  207.346844][T10408] loop3: detected capacity change from 0 to 128
[  207.755589][T10423] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2437'.
[  207.805119][T10427] loop1: detected capacity change from 0 to 1024
[  207.812125][T10427] EXT4-fs: Ignoring removed orlov option
[  207.995737][T10436] loop0: detected capacity change from 0 to 8192
[  208.015099][T10436] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2442'.
[  208.025046][T10436] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2442'.
[  208.128251][T10443] loop0: detected capacity change from 0 to 1024
[  208.135572][T10443] EXT4-fs: Ignoring removed nobh option
[  208.141210][T10443] EXT4-fs: inline encryption not supported
[  208.152510][T10445] Invalid ELF header magic: != ELF
[  208.158797][T10445] loop1: detected capacity change from 0 to 128
[  208.174516][T10443] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.2444: Allocating blocks 385-513 which overlap fs metadata
[  208.194204][T10443] EXT4-fs (loop0): pa ffff8881007d3930: logic 16, phys. 129, len 24
[  208.202282][T10443] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  208.325129][T10456] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2448'.
[  208.334077][T10456] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2448'.
[  208.346206][T10456] wireguard10: entered promiscuous mode
[  208.371883][T10459] loop4: detected capacity change from 0 to 512
[  208.394805][T10459] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  208.409305][T10463] netlink: 11562 bytes leftover after parsing attributes in process `syz.2.2450'.
[  208.424569][T10459] EXT4-fs (loop4): orphan cleanup on readonly fs
[  208.433273][T10459] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.2449: corrupted inode contents
[  208.454376][T10459] EXT4-fs (loop4): Remounting filesystem read-only
[  208.463938][T10459] EXT4-fs (loop4): 1 truncate cleaned up
[  208.469866][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  208.480493][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  208.491124][   T37] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  208.499451][T10463] netlink: 'syz.2.2450': attribute type 4 has an invalid length.
[  208.509053][T10463] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2450'.
[  208.526176][T10463] : renamed from bond0 (while UP)
[  208.577839][T10470] loop3: detected capacity change from 0 to 1024
[  208.585547][T10470] EXT4-fs: Ignoring removed orlov option
[  208.667464][T10475] 8021q: adding VLAN 0 to HW filter on device bond0
[  208.901467][T10481] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2455'.
[  208.914300][T10481] vlan0: entered promiscuous mode
[  208.919355][T10481] syz_tun: entered promiscuous mode
[  209.032319][T10480] loop4: detected capacity change from 0 to 1024
[  209.052530][T10480] EXT4-fs: Ignoring removed orlov option
[  209.282488][T10487] loop0: detected capacity change from 0 to 512
[  209.322954][T10487] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2456: corrupted inode contents
[  209.337393][T10487] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.2456: mark_inode_dirty error
[  209.349324][T10487] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2456: corrupted inode contents
[  209.362886][T10487] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.2456: mark_inode_dirty error
[  209.374537][T10487] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2456: corrupted inode contents
[  209.387960][T10487] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  209.397372][T10487] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2456: corrupted inode contents
[  209.457951][T10492] siw: device registration error -23
[  209.522443][T10487] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.2456: mark_inode_dirty error
[  209.535268][T10487] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  209.551269][T10487] EXT4-fs (loop0): 1 truncate cleaned up
[  209.557524][T10487] ext4 filesystem being mounted at /463/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.570103][   T12] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[  209.599643][T10505] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2462'.
[  209.620779][T10507] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2463'.
[  209.654431][T10515] loop0: detected capacity change from 0 to 512
[  209.673498][T10515] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  209.681550][T10515] EXT4-fs (loop0): orphan cleanup on readonly fs
[  209.692416][T10515] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.2465: corrupted inode contents
[  209.706494][T10515] EXT4-fs (loop0): Remounting filesystem read-only
[  209.713248][T10515] EXT4-fs (loop0): 1 truncate cleaned up
[  209.719039][ T4385] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  209.729595][ T4385] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  209.740362][ T4385] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  209.976581][T10532] 9pnet_virtio: no channels available for device /dev/rnullb0
[  210.189785][   T29] kauditd_printk_skb: 1155 callbacks suppressed
[  210.189805][   T29] audit: type=1326 audit(1754345713.940:29721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f5a7feb69 code=0x7ffc0000
[  210.219907][   T29] audit: type=1326 audit(1754345713.950:29722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3f5a7fd4d0 code=0x7ffc0000
[  210.243575][   T29] audit: type=1326 audit(1754345713.950:29723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f5a7feb69 code=0x7ffc0000
[  210.267323][   T29] audit: type=1326 audit(1754345713.950:29724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3f5a7fd7ca code=0x7ffc0000
[  210.294584][   T29] audit: type=1326 audit(1754345714.060:29725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3f5a831425 code=0x7ffc0000
[  210.430212][T10537] loop4: detected capacity change from 0 to 128
[  210.440902][T10537] FAT-fs (loop4): Directory bread(block 32) failed
[  210.447629][T10537] FAT-fs (loop4): Directory bread(block 33) failed
[  210.454415][T10537] FAT-fs (loop4): Directory bread(block 34) failed
[  210.461030][T10537] FAT-fs (loop4): Directory bread(block 35) failed
[  210.467698][T10537] FAT-fs (loop4): Directory bread(block 36) failed
[  210.474364][T10537] FAT-fs (loop4): Directory bread(block 37) failed
[  210.481049][T10537] FAT-fs (loop4): Directory bread(block 38) failed
[  210.487601][T10537] FAT-fs (loop4): Directory bread(block 39) failed
[  210.494214][T10537] FAT-fs (loop4): Directory bread(block 40) failed
[  210.500864][T10537] FAT-fs (loop4): Directory bread(block 41) failed
[  210.507587][   T29] audit: type=1326 audit(1754345714.270:29726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f5a7feb69 code=0x7ffc0000
[  210.531265][   T29] audit: type=1326 audit(1754345714.270:29727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f5a7feb69 code=0x7ffc0000
[  210.555270][   T29] audit: type=1326 audit(1754345714.270:29728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3f5a7fd4d0 code=0x7ffc0000
[  210.578974][   T29] audit: type=1326 audit(1754345714.270:29729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3f5a7fe76b code=0x7ffc0000
[  210.586294][T10537] netlink: 'syz.4.2473': attribute type 2 has an invalid length.
[  210.602659][   T29] audit: type=1326 audit(1754345714.270:29730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10530 comm="syz.3.2471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f5a7feb69 code=0x7ffc0000
[  210.610300][T10537] netlink: 'syz.4.2473': attribute type 1 has an invalid length.
[  210.641647][T10537] netlink: 'syz.4.2473': attribute type 2 has an invalid length.
[  210.726432][T10544] loop0: detected capacity change from 0 to 1024
[  210.733238][T10544] EXT4-fs: Ignoring removed orlov option
[  210.899673][T10558] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.936484][T10561] loop2: detected capacity change from 0 to 1024
[  210.960122][T10561] EXT4-fs: Ignoring removed orlov option
[  210.972538][T10558] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.033653][T10558] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.073654][T10558] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.120358][   T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.136994][T10566] loop0: detected capacity change from 0 to 1024
[  211.144518][T10566] EXT4-fs: Ignoring removed orlov option
[  211.150474][   T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.159037][   T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.170764][   T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.216325][T10569] loop4: detected capacity change from 0 to 1024
[  211.238905][T10569] EXT4-fs: Ignoring removed nobh option
[  211.244572][T10569] EXT4-fs: inline encryption not supported
[  211.273287][T10572] loop3: detected capacity change from 0 to 1024
[  211.280985][T10572] EXT4-fs: Ignoring removed nobh option
[  211.286666][T10572] EXT4-fs: inline encryption not supported
[  211.332866][T10569] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2484: Allocating blocks 385-513 which overlap fs metadata
[  211.348960][T10572] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2486: Allocating blocks 385-513 which overlap fs metadata
[  211.368238][T10569] EXT4-fs (loop4): pa ffff8881007d3b60: logic 16, phys. 129, len 24
[  211.376422][T10569] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  211.895606][T10603] loop2: detected capacity change from 0 to 1024
[  211.903575][T10603] EXT4-fs: Ignoring removed orlov option
[  211.991711][T10605] ==================================================================
[  211.999829][T10605] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[  212.009084][T10605] 
[  212.011446][T10605] write to 0xffff888119cf2d10 of 4 bytes by task 10603 on cpu 1:
[  212.019177][T10605]  writeback_single_inode+0x14a/0x3e0
[  212.024587][T10605]  sync_inode_metadata+0x5b/0x90
[  212.029554][T10605]  generic_buffers_fsync_noflush+0xd9/0x120
[  212.035498][T10605]  ext4_sync_file+0x1ab/0x690
[  212.040210][T10605]  vfs_fsync_range+0x10a/0x130
[  212.044996][T10605]  ext4_buffered_write_iter+0x34f/0x3c0
[  212.050583][T10605]  ext4_file_write_iter+0x383/0xf00
[  212.055823][T10605]  iter_file_splice_write+0x5ef/0x970
[  212.061205][T10605]  direct_splice_actor+0x156/0x2a0
[  212.066344][T10605]  splice_direct_to_actor+0x312/0x680
[  212.071737][T10605]  do_splice_direct+0xda/0x150
[  212.076565][T10605]  do_sendfile+0x380/0x650
[  212.081018][T10605]  __x64_sys_sendfile64+0x105/0x150
[  212.086247][T10605]  x64_sys_call+0x2bb0/0x2ff0
[  212.090943][T10605]  do_syscall_64+0xd2/0x200
[  212.095472][T10605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.101369][T10605] 
[  212.103707][T10605] read to 0xffff888119cf2d10 of 4 bytes by task 10605 on cpu 0:
[  212.103949][T10571] EXT4-fs (loop3): pa ffff8881007d3a80: logic 16, phys. 129, len 24
[  212.111346][T10605]  generic_buffers_fsync_noflush+0x80/0x120
[  212.111378][T10605]  ext4_sync_file+0x1ab/0x690
[  212.119375][T10571] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, 
[  212.125258][T10605]  vfs_fsync_range+0x10a/0x130
[  212.125288][T10605]  ext4_buffered_write_iter+0x34f/0x3c0
[  212.129962][T10571] free 0, pa_free 8
[  212.138349][T10605]  ext4_file_write_iter+0x383/0xf00
[  212.157634][T10605]  iter_file_splice_write+0x5ef/0x970
[  212.163015][T10605]  direct_splice_actor+0x156/0x2a0
[  212.168136][T10605]  splice_direct_to_actor+0x312/0x680
[  212.173517][T10605]  do_splice_direct+0xda/0x150
[  212.178286][T10605]  do_sendfile+0x380/0x650
[  212.182716][T10605]  __x64_sys_sendfile64+0x105/0x150
[  212.187936][T10605]  x64_sys_call+0x2bb0/0x2ff0
[  212.192619][T10605]  do_syscall_64+0xd2/0x200
[  212.197131][T10605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.203031][T10605] 
[  212.205361][T10605] value changed: 0x00000038 -> 0x00000002
[  212.211087][T10605] 
[  212.213423][T10605] Reported by Kernel Concurrency Sanitizer on:
[  212.219580][T10605] CPU: 0 UID: 0 PID: 10605 Comm: syz.2.2495 Not tainted 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  212.231737][T10605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  212.241802][T10605] ==================================================================