last executing test programs:

31.980326563s ago: executing program 0 (id=659):
r0 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000000e2020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}, 0x8}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
ptrace(0x10, r0)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
getpgrp(r0)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@remote, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x7}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
ptrace$pokeuser(0x6, r0, 0x358, 0x4000000)

31.878048955s ago: executing program 0 (id=662):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r1=>0x0})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r1}, 0x94) (fail_nth: 3)

30.923598823s ago: executing program 0 (id=669):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r1)

30.197594266s ago: executing program 0 (id=685):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00'})
r3 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz3\x00', 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
write$binfmt_register(r4, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x20, &(0x7f0000000000))
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r8, 0x0, 0x100000000}, 0x18)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
fcntl$getown(r3, 0x9)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380), 0x2, 0x9}}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18009500"/24], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='xen_mc_flush_reason\x00', r11}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
creat(&(0x7f0000000340)='./file1\x00', 0x1d5)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfe1b)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYRES8=r9], 0x0, 0x28, 0x0, 0xffffffff}, 0x28)

30.055041519s ago: executing program 0 (id=688):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r1, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
close_range(r0, r1, 0x0)

29.763324764s ago: executing program 0 (id=704):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)

29.753905964s ago: executing program 32 (id=704):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)

26.981128555s ago: executing program 1 (id=761):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000004c0)={r0, &(0x7f0000000040)="1ba2b4f68af75ffe49385fa5a34cf145e3aa93b92314066a5b9c7c61f0bcc4ec7320c3cebc7921ee6a1060542a9f0f1a7a90f6971262bfad71d2fce7f9ac", &(0x7f0000000340)=""/230}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r2, 0x0, 0x4ab}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)

26.891726486s ago: executing program 1 (id=763):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)

26.857745707s ago: executing program 1 (id=765):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'pim6reg\x00', 0x7c2})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0xffffffffffffffff}], 0x9, 0x0)
socket(0x21, 0x80805, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x20044890}, 0x2000c094)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
socket$inet6(0xa, 0x3, 0xff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x5, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8971, &(0x7f0000000000)={'netdevsim0\x00', @remote})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="2f3254c3fa6239d3b0a3cacab8286758c5642eabb71f9eedbb3217bdf03dc1b42cb6879fbf4f43be13000050a90a25a687272b9af18c55ac33db9cc84ecbcfd1658eb5112bb2060aefd19f73c887d44ed46643c70663e617d7e60b013366e170b673f67bbc69356bd5d7575ca5399751a91b9e3f3401c9556ef4a15d1b27997765"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="060000000400000099000000"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcae, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x1c, r8, 0x1, 0x70bd27, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, 0x0, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5454}, 0x94)

26.365425286s ago: executing program 1 (id=766):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00'})
r3 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz3\x00', 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
write$binfmt_register(r4, &(0x7f0000000280)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x10, &(0x7f0000000a00)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7eff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r7, 0x0, 0x100000000}, 0x18)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
fcntl$getown(r3, 0x9)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000300), 0x2, 0xa}}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18009500"/24], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='xen_mc_flush_reason\x00', r9}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
creat(&(0x7f0000000340)='./file1\x00', 0x1d5)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfe1b)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYRES8], 0x0, 0x28, 0x0, 0xffffffff}, 0x28)

25.860438705s ago: executing program 1 (id=770):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, 0x0, &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_io_uring_setup(0x3724, &(0x7f0000000440)={0x0, 0x3, 0x400, 0x1, 0xffffff}, 0x0, &(0x7f0000000380))
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x2000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001e40)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000580)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x0, 0x10100, 0x200}, &(0x7f0000000200), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_NAPI(r3, 0x1b, &(0x7f0000000400)={0x4, 0x2}, 0x1)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
read$qrtrtun(r4, &(0x7f00000004c0)=""/57, 0x39)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x18)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x10}, 0x1c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000340)='./file2\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x11f3, &(0x7f0000003f80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000740)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r7, 0x0, 0x1}, 0x18)
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)=ANY=[@ANYRES32, @ANYRESDEC=0x0, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYBLOB, @ANYBLOB="c2544221b68278e02656e9408bc8d20b8d6c6bad13af12bd0e05f2dd52022dcda25dfc2cd6616c8f46301258a2f56a3a88a56def5c87c2387a6e262a975e0c6dbdf9de8e7f41ce6acf575b5cf0fe1fdc3852dd583225e0072f092150d3cfeb56ed8b7aa070bcb96d578e166d3c6cc4683e2093be9d0c92181a1ddb18ef9ed0"], 0x48)

25.61682409s ago: executing program 1 (id=775):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r2, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r2, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x300, 0x80000000})

25.60896974s ago: executing program 33 (id=775):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r2, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r2, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x300, 0x80000000})

1.780197577s ago: executing program 5 (id=1269):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1000000000000}, 0x18)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffe4)

1.731436178s ago: executing program 5 (id=1270):
r0 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000280))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000f40)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000300000000000000000000000000000000000032d296f2ea99314ddaaccf9b613ab840dd6bc3f4d52a4f15a12aa18dcabe00f4d1f9e936656224c6fdf08b12f2e364fe56c57838af7c26c4650096b5909038673adc83aad6e287773b4e1274f7c91e9976d445d8915c096335cb7a3be0c6693e6eca70d80b669eb6cf957b7cd388d9057a8e1dd62ec6338142e65f1ddeffb171ec12c7cbab6c3bf4cc44e5f9820092a98c26fdaf0e6b19268d36149d4c71100b0542447ed6f34e06cd84d16eb5cbeed4f3545c34c0d6c3842d3352aa1043c640b84c1c1e000f320257"], 0x0, 0x27}, 0x28)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r3, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000300)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400), <r5=>0x0, 0x5c, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0xb9, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f0000000380)={0x0, 0x7f, 0x5})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r11}, 0x10)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r12}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
pipe(&(0x7f00000007c0))
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r13}, 0x10)
io_uring_enter(r0, 0x66a8, 0x4000, 0xf, 0x0, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="620ac4ff0000000071104d000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed4040, &(0x7f0000000000)={[{@init_itable_val={'init_itable', 0x3d, 0x23}}, {@stripe={'stripe', 0x3d, 0x1}}, {@journal_dev={'journal_dev', 0x3d, 0x403}}, {@journal_async_commit}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nolazytime}, {}]}, 0xf5, 0x47a, &(0x7f0000000ac0)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKd1WwhSwEBNhBBFDxjjwZB4Nx5N/As86cWoJxOveDckxHABPa2ZnRnaLrulpQu7uJ9PMux7M7O89903b/fNe7sNoG+NZf8kEesj4mJEjEZEpfmEsfzh2pWztX+unK0lUa+/9XeSPS2uXjlbK/6LxpZZl++o14v8mhblnn83ojo7O3OyyE/MHftg4tTpM88eOVY9PHN45vjUgQN792wf2j+1ryNxZnFd3frxiW1bXn3nwuu1gxfe+/X7rL7ri+NlHJ00lr+6LT3R6cK6bMOCdFLpYkVYkazdBovtYozGQIxcPzYar3zW1coBt1ul1edz4Vwd+B/LBupAPyo/6LP733K7Q+OOnnD5xXzCI4v7WrHlRyqRFucMNt3fdtJwRBw89+832Ra3aR4CAGChH7PxzzOtxn9pPLDgvHuKNZSNEXFvRGyKiPsiYnNE3B/ROPfBiHhoheU3r5DcOP5JLy3K1gdWWMLSsvHf88Xa1uLxXzn6i40DRW5DI/7B5NCR2ZndxWuyKwbXZPnJRU9Z7KeX//iqed+XxTT72ILxX7Zl5S+OML3UPEE3XZ2rrj7y3OVPI7ZWWsWfXF8HTCJiS0RsvcUyjjz13bZ2x1rFX46Fb6oD60z1byOezNv/XDTFX0rark9OPrd/at/EcMzO7J4or4ob/fb7+Tfblb+q+Dsga/+1La//PP7sHjEZjjh1+szRxnrtqVso5M/Pa0mbQ5tvGv+N139tZ8RQ8nYjPVSeVTwOJa9lDyPl/o+qc3Mnp+afW+Ybj5N5/Lt2zMdfjfn+vym/PWu8Eg9HRHYRb4+IRyLi0aLtHouIxyNixxLh//LSzvfbHWvf/kvMyndQFv/0Eu2fveVlqfn2X3li4OjPP7Qrv76s9t/bSO0q9izn/W+5FVzNawcAAAB3i7TxHfgkHb+eTtPx8fw7/JtjbVqJiKcPnfjw+HT+XfmNMZiWM12jC+ZDJ4u54TI/1ZTfU8wbfz0w0siP107MTnc7eOhz69r0/8xfnV1qAXqR32tB/9L/oX/p/9C/9H/oXy90uwJAdwy13v3Jna4H0BUrH/8P35Z6AHee+3/oX/o/9C/9H/pS29/Gp6v6yf/dmqj0RjVaJkZ6oxplItKeqEbnEm98kXeJXqlPmags+49Z3GJiTctD3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iz/AgAA///NIdoS")

1.483917163s ago: executing program 5 (id=1272):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'pim6reg\x00', 0x7c2})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0xffffffffffffffff}], 0x9, 0x0)
socket(0x21, 0x80805, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x20044890}, 0x2000c094)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
socket$inet6(0xa, 0x3, 0xff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x5, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8971, &(0x7f0000000000)={'netdevsim0\x00', @remote})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="2f3254c3fa6239d3b0a3cacab8286758c5642eabb71f9eedbb3217bdf03dc1b42cb6879fbf4f43be13000050a90a25a687272b9af18c55ac33db9cc84ecbcfd1658eb5112bb2060aefd19f73c887d44ed46643c70663e617d7e60b013366e170b673f67bbc69356bd5d7575ca5399751a91b9e3f3401c9556ef4a15d1b27997765"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="060000000400000099000000"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcae, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x1c, r9, 0x1, 0x70bd27, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYRES32=0x0, @ANYBLOB="7048d70526de07bccab6a58b641ba74d15dd88570000"], 0x1c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5454}, 0x94)

1.305117866s ago: executing program 5 (id=1273):
socket(0x840000000002, 0x3, 0xff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x87f64000)
setsockopt$sock_timeval(r1, 0x1, 0x43, &(0x7f0000abaff9)={0x0, 0xea60}, 0x10)
r2 = getuid()
stat(&(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2200454, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',noxattr,dfltuid=', @ANYRESHEX=r2, @ANYBLOB=',access=any,euid<', @ANYRESDEC=r3, @ANYBLOB="2cceee99ffd4f470615a40d6951cebfb0307578e1671fd3d9bf06441379d5ace9a95d6d95fc31e3e59beee9a2aaf7ad1dfc535a869f9600516db76152c7a36497d0766c6825577bdc835d26be122b5151f8aa8fe81f83a62504a3f66c90377cf27a349ee17bdeec81369361c32db43054afe1c39be5aabdc88c987c73562f72666bb5c2d50dd36278e0d2a7b7f9a03d44e9c0c15c7d7534497011672dbab6cc28a28849b707d132e8bf336604a12aee422bea1f4e2bdbd0d52d339546a17f47708cced98b8b89b1de9bf2eb5c85bcf60691b637b67f56adc71dad044d867ff004a1f212f0dcda543aa03949622bfa9036f2cf15a15e8030b3e5d78d7114b6a92d370e352a423d746ff707751fd92c6007c78ee9d041747"])
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r4 = memfd_create(&(0x7f0000000080), 0x2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r5, 0x0, 0xffffffffffffffff}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r6}, 0x10)
fsetxattr$security_capability(r4, &(0x7f0000000240), &(0x7f0000000400)=@v3={0x3000000, [{0x2, 0x1}, {0x3, 0x8}], r3}, 0x18, 0x0)

1.284559796s ago: executing program 5 (id=1274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000005c0), 0x10)
recvmmsg(r2, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}, 0x7ffd}, {{0x0, 0x0, &(0x7f00000021c0)=[{0x0}, {&(0x7f0000000380)=""/47, 0x2f}], 0x2}, 0xc}], 0x2, 0x10002, 0x0)
r3 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r3, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10, &(0x7f00000000c0)=[{0x0, 0x4f}], 0x1, &(0x7f0000000180)=[@ip_pktinfo={{0x2f, 0x0, 0x7, {0x0, @dev, @loopback}}}], 0x30}, 0x0)

1.130746359s ago: executing program 6 (id=1278):
lsm_set_self_attr(0x0, 0x0, 0x65, 0x0) (fail_nth: 1)

1.130229389s ago: executing program 6 (id=1279):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000004c0)={r0, &(0x7f0000000040)="1ba2b4f68af75ffe49385fa5a34cf145e3aa93b92314066a5b9c7c61f0bcc4ec7320c3cebc7921ee6a1060542a9f0f1a7a90f6971262bfad71d2fce7f9ac", &(0x7f0000000340)=""/230}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r2, 0x0, 0x4ab}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x100000, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)

1.088781129s ago: executing program 6 (id=1281):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x8000000008}, 0x18)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000080851000000600000018100000", @ANYRES32=r1, @ANYBLOB="00000000000000006600000000000000180000000000000000000000000000009500000000000000360a000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)

1.025024051s ago: executing program 6 (id=1283):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = io_uring_setup(0x2c93, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x3000, 0x0, 0x9f8})
io_uring_enter(r1, 0x0, 0xcb, 0xf, &(0x7f0000000000), 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
pipe(&(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r4, 0x40304580, &(0x7f0000000b40)={0x52, 0x5, 0x1, {0x0, 0x1}, {0x45, 0x2}, @ramp={0x5, 0xfb, {0x1, 0x0, 0xc74, 0x7}}})
write$char_usb(r4, &(0x7f0000000040)="e2", 0x2250)
sendmsg$NFT_MSG_GETGEN(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, 0x10, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x7}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x48801}, 0x20000801)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000440)={[{@resuid}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@dioread_lock}, {@grpjquota}, {@quota}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@minixdf}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x28, 0x2, 0xfd, 0x5ae9}, {0x20, 0x7f, 0x4, 0xfffff00c}, {0x6, 0x0, 0x7, 0x7}]}, 0x10)
sendmmsg$inet(r6, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)='*s', 0x2}], 0x1}}], 0x1, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x27ffff7, 0x4012011, r5, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r8, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x7, 0x1003, 0x7})
r9 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$USBDEVFS_SUBMITURB(r10, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x18, 0x2c, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8001}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ldst={0x1, 0x0, 0x3, 0xb, 0x2, 0xfffffffffffffff8, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xe}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ldst={0x1, 0x1, 0x2, 0x5, 0x0, 0x40, 0xfffffffffffffffc}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x6, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x1}, @alu={0x4, 0x1, 0x8, 0x3, 0x3, 0xfffffffffffffff0, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000003c0)='GPL\x00', 0x7, 0xca, &(0x7f0000000680)=""/202, 0x41100, 0x50, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000780)={0x9, 0x2}, 0xfc1a, 0x10, &(0x7f00000007c0)={0x5, 0xe, 0x0, 0x1}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000800)=[0xffffffffffffffff, r0, r0, r3, r3, 0xffffffffffffffff, r3, 0xffffffffffffffff], &(0x7f0000000840)=[{0x5, 0x3, 0xf, 0x2}, {0x4, 0x4, 0xa, 0x6}, {0x4, 0x1, 0xc, 0x9}, {0x1, 0x5, 0xd, 0x8}, {0x0, 0x1, 0x9, 0x3}], 0x10, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000280)='global_dirty_state\x00', r11, 0x0, 0xffffffffffffffff}, 0x18)

577.733879ms ago: executing program 4 (id=1296):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{}, [@TCA_NETEM_LOSS={0x4, 0x2}, @TCA_NETEM_RATE={0x14, 0xd}]}}}]}, 0x64}}, 0x0)

557.39524ms ago: executing program 2 (id=1298):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'pim6reg\x00', 0x7c2})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0xffffffffffffffff}], 0x9, 0x0)
socket(0x21, 0x80805, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x20044890}, 0x2000c094)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
socket$inet6(0xa, 0x3, 0xff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x5, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8971, &(0x7f0000000000)={'netdevsim0\x00', @remote})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="2f3254c3fa6239d3b0a3cacab8286758c5642eabb71f9eedbb3217bdf03dc1b42cb6879fbf4f43be13000050a90a25a687272b9af18c55ac33db9cc84ecbcfd1658eb5112bb2060aefd19f73c887d44ed46643c70663e617d7e60b013366e170b673f67bbc69356bd5d7575ca5399751a91b9e3f3401c9556ef4a15d1b27997765"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="060000000400000099000000"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
perf_event_open(&(0x7f0000000a80)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcae, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x1c, r9, 0x1, 0x70bd27, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="7048d70526de07bccab6a58b641ba74d15dd88570000"], 0x1c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5454}, 0x94)

534.30273ms ago: executing program 4 (id=1299):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0, 0x0, 0x1000000000000}, 0x18)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffe4)

500.984061ms ago: executing program 4 (id=1300):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[], 0xb8}}, 0x0)

495.522121ms ago: executing program 3 (id=1301):
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18)
add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xfffffffb}, 0x48, 0xffffffffffffffff)
openat$selinux_user(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
dup(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$zero(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
close(r6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r7}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x1a5002, 0x0)

453.399381ms ago: executing program 4 (id=1302):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r3}, &(0x7f0000000880), &(0x7f00000008c0)=r2}, 0x20)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0b0000000201000080e76f4300"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r6}, 0x9)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000002000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a3100000000340008800c00024000000000000080010c00024000000000000000040c00014000000000000000000c00014000000000000000014c000480080002404c82f47c080001400000000008000140000000010800014000000003080002404f32945f080001400000000308000140000000020800024019885f270800014000000003fd000c00a03ac330bf11a2145946e6d945deece8485ee69dbc29a8dd5dbce127f829a3adf5c4171b4bedbbc9b913a67b9ee679020f0200000064419faae0136b893d91d95b1174f115798a1abfdc06983fb83f2116a85a00dd35cdf9d8f81683e5e2ebcca132a712e0be44c12c02ac92fbbb86ed717ce0cbd6a0134f899e23ca6d2f063d26be86555cc0e9c7a25d77e6c0f4217794be96b5d797e3116d874c3adfb096e0567ec28bd1e4d8d6713109695f1f3a877d89d20e19304501aeb851d14c4f9b2d769d554fe5308810d19bb040c1977bce50b894f2c45a1f0e80c8256b6dcb072f9d91d94a67bba9f62eb2f192fa4b3786d9a774b99aa332dfbb000000080007"], 0x25c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c10)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140))
setxattr$incfs_metadata(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000640)="22b586351ec57c677d48644710fac1497a46fbc7d8caefd22ea595d6ccf4cd830c056a09d631eaeff6872857ef682962cbac1837c3fdbc987ddaff160993049c67732dcda5344fa984b9587b0404f352318ce3ade5dde1081c4c62", 0x5b, 0x1)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r7, &(0x7f0000000280)=""/172, 0xac, 0xe0)
ioctl$PIO_CMAP(r7, 0x4b71, &(0x7f0000000200)={0x80, 0xfffffffffffffff8, 0x2, 0x8, 0x4, 0x93e})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x80450, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r8=>0xffffffffffffffff})
setsockopt$sock_int(r8, 0x1, 0x20, &(0x7f0000001740)=0x7ffffffd, 0x4)
write$binfmt_script(r8, 0x0, 0x6f4000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00'}, 0x18)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)

452.539201ms ago: executing program 3 (id=1303):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800001bc81a000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000101180000000000000000000000002000009500000000000000360a000000000000180100002020782500000000002020207b1af8ff00000000bfa10000000000000701000000ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
pipe(&(0x7f0000000500)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r5, 0x0, r3, 0x0, 0xf3a, 0x0)
tee(r2, 0xffffffffffffffff, 0xf3a, 0x4)
write$binfmt_elf64(r4, &(0x7f0000000380)=ANY=[], 0x18c6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3204064, &(0x7f0000000280)={[], [{@smackfsfloor={'smackfsfloor', 0x3d, 'kmem_cache_free\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}, 0x0, 0x560, &(0x7f0000001600)="$eJzs3c9rHFUcAPDvbJI2/aFNoRQVkUAPVmo3TeKPCh7qUaRY0Htdkmko2XRLdlOaWLA92IsepAgiFsS73j0W/wH/ioIWipSgBy+Rmcw2v3aTbbJtUvfzgcm+NzO7b97OfF/e2zfLBtCzhrM/pYiXI+KbJOJIRCTFtv4oNg4v77f46MZEtiSxtPTJX0m+X5ZvvlbzeYeKzEsR8duXEadKG8utzy9MV6rVdLbIjzRmro7U5xdOX56pTKVT6ZWx8fGzb4+PvffuO12r6xsX/vn+43sfnv3qxOJ3vzw4eieJc3G42La6Hjtwc3VmOIaL92Qgzq3bcbQLhe0lyW4fANvSV8T5QGRtwJHoK6Ie+P/7IiKWgB6ViH/oUc1+QHNs36Vx8HPj4QfLA6CN9e9f/mwkBvOx0cHFZM3IKBvvDnWh/KyMX/+8eydbonufQwBs6eatiDjT37+x/UuK9m/7znSwz/oytH/w7NzL+j9vtur/lB73f6JF/+dQi9jdjq3jv/SgC8W0lfX/3m/Z/308aTXUV+ReyPt8A8mly9U0a9tejIiTMbA/y282n3N28f5Su22r+3/ZkpXf7AsWx/Ggf//a50xWGpWd1Hm1h7ciXmnZ/03iVv44mPd115//7P240GEZx9O7r7XbtnX9n66lnyJeb3n+V2a0ks3nJ0fy62GkeVVs9Pft47+3K3+365+d/4Ob138oWT1fW48nnu37cfDftN22NfWPzq//fcmneXpfse56pdGY/XplnzXrx1bWN/P54+hy/U+e2Lz9a3X9H4iIzzqs/+1jP7/aUf136fxPPtH5f/LE/Y8+/6Fd+Z21f2/lqZPFmnXt32Cr1+30AHf6/gEAAAAAAMBeUoqIw5GUyo/TpVK5vHx/x7E4WKrW6o1Tl2pzVyYj/67sUAyUmjPdR/IJ0eX7IUaL+2Gb90eMrcuPR8TRiPi270CeL0/UqpO7XXkAAAAAAAAAAAAAAAAAAADYIw61+f5/5o++3T464Knzk9/Qu7aM/2780hOwJ/n/D71L/EPvEv/Qu8Q/9C7xD71L/EPvEv/Qu8Q/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZWnx0Y2JLD95bX5uunbt9GRany7PzE2UJ2qzV8tTtdpUNS1P1Ga2er1qrXZ1dCzmro800npjpD6/cHGmNnelcfHyTGUqvZgOPJNaAQAAAAAAAAAAAAAAAAAAwPOlPr8wXalW01kJiW0l+vfGYUh0ObHbLRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArPgvAAD//5J9OBc=")
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)

422.796762ms ago: executing program 5 (id=1304):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000950088950f47bd1f"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r2)

406.837202ms ago: executing program 2 (id=1305):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_DELOBJ={0x14, 0x14, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x3}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x3c}}, 0x20050800)

390.618103ms ago: executing program 2 (id=1306):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x20900, 0x4, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x56}], 0xee01}, 0x18, 0x0)

370.328123ms ago: executing program 4 (id=1307):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2})
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x525, &(0x7f0000000100)="$eJzs3c9vG1kdAPCv3fxw03SThT0sCNiyLBRU1U7c3Wi1B1guSGi1WqRlTwh1o8SNothxFDulCZFIJW5ckajECf4EDkgckHrizg1uXIoEUoGKqkFCyGjscZo4dhM1cdzGn4808ps3k/l+n6V5L37+8QIYWlciYicixiLi04iYSusz6Rbvt7bkvCePthd2H20vZKLR+PifI+mZ2wvt89supdfMRXyU7I93iVvb3FqZL5dL6+l+oV5ZK9Q2t64vV+aXSkul1WJxbnZu5t0b7xRPra1vVH7z8DvLH3zy+9998cEfd77x4yTnb7UOjSVtO7VA+7Sel9GY3FeXPHMf9CPYAFxI2zM26ER4LtmI+ExEvJmW9+QGlxMA0F+NxlQ0pvbv95Y5xjkAwIsvec0/GZlsPn39PxnZbD7fnMPLvRYT2XK1Vr92q7qxuhjNOazpGM3eWi6XZtK5wukYzST7s83y0/1ix/6NiHg1In4+frG5n1+olhcH9U8PAAy5Sx3j/+Px1vh/DN4hAICXmZEcAIbP4fF/dCB5AABnx+t/ABg++8b/bt/VBQDOoVzHd/8BgPPvyPn/1+MnPzybVACAM+L9fwAYKt/78MNka+ymv3+9eHtzY6V6+/piqbaSr2ws5Beq62v5pWp1qfmbPZWjrleuVtdm346NO4V6qVYv1Da3blaqG6v1m83f9b5Z8sUCABi8V9+4/+dMROy8d7G5RXstBx8IgHPPbQ7D68KgEwAGZmTQCQADYz4eyBxxvOdHhO71/puLJ8gH6L+rn+sx/9/tf4O7e6X/Nc4uRaBPzP/D8DrZ/L/ZA3iZmf+H4dVoZKznDwBD5hiv4H1EEM65537/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYZHPLZPPpWuCTkc3m8xGXI2I6RjO3lsulmYh4JSL+ND46nuzPDjppAOCEsn/PpOt/XZ16a7Lz6FjmP+PNx4j40S8//sWd+Xp9fTap/9deff1eWl/sGmC8/20AAPYZ6axoj9Ptcby9vu+TR9sL7e0sE3z47dbioknc3XRrp95KPhejETHx78yBxmROaWHinbsR8Xpn+7N7x6fTlU874yexL/ctfjRbOHkgfvZA/GzzWOsxeS4+ewq5wLC5n/Q/73e7/7JxpfmY3n+Zg51pLn52uHN9Du3+b7fR2f+17vePLueafU23/u/KcWO8/Yfv9jx290Lj8yMRu4f63/aK0LlmqVv8t7pd8KfffLzRUfWXL3zpzV7xG7+KuBrPit8qFeqVtUJtc+v6cmV+qbRUWi0W52bnZt698U6x0JyjLrRnqg/7x3vXXund/oiJHvFzR7T/q70u2uHX//30B19+Rvyvf6Vb/Gy89oz4yZj4tWPGn5/4bc/lu5P4iz3aP3Ig/tiBv0vqrh0z/oO/bi0e81QA4AzUNrdW5svl0rrCSQu5fl350gvSQIUehb99cuCeGng+p1IYWJcEnJGnN/2gMwEAAAAAAAAAAAAAAHqpfT/9yb8+fhlu0G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/Pp/AAAA///RQMtW")
open(&(0x7f00000000c0)='./file0/file0\x00', 0x30d880, 0x0)
ioctl$TUNGETVNETLE(r0, 0x800454dd, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000480)='svcrdma_post_send\x00', r1}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd27, 0x10, {{@in=@remote, @in=@local, 0x100, 0x0, 0xffff, 0x0, 0xa, 0x80, 0x60}, {0x9, 0x0, 0x7, 0xc, 0x8}, {0x1, 0x0, 0x80}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, [@tmpl={0x44, 0x5, [{{@in6=@mcast1, 0x0, 0x33}, 0x0, @in6=@mcast1, 0x3504, 0x1, 0x0, 0x1, 0x0, 0xabf}]}]}, 0xfc}}, 0x20004040)
socket$kcm(0x2, 0x200000000000001, 0x106)
syz_open_procfs$pagemap(0x0, 0x0)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x5, @mcast1={0xff, 0x7}, 0x3}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})

300.620134ms ago: executing program 3 (id=1308):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000080851000000600000018100000", @ANYRES32], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)

272.285515ms ago: executing program 3 (id=1309):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{}, [@TCA_NETEM_LOSS={0x4, 0x2}, @TCA_NETEM_RATE={0x14, 0xd}]}}}]}, 0x64}}, 0x0)

252.453075ms ago: executing program 2 (id=1310):
r0 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000280))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000f40)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000300000000000000000000000000000000000032d296f2ea99314ddaaccf9b613ab840dd6bc3f4d52a4f15a12aa18dcabe00f4d1f9e936656224c6fdf08b12f2e364fe56c57838af7c26c4650096b5909038673adc83aad6e287773b4e1274f7c91e9976d445d8915c096335cb7a3be0c6693e6eca70d80b669eb6cf957b7cd388d9057a8e1dd62ec6338142e65f1ddeffb171ec12c7cbab6c3bf4cc44e5f9820092a98c26fdaf0e6b19268d36149d4c71100b0542447ed6f34e06cd84d16eb5cbeed4f3545c34c0d6c3842d3352aa1043c640b84c1c1e000f320257"], 0x0, 0x27}, 0x28)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r3, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000300)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400), <r5=>0x0, 0x5c, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0xb9, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f0000000380)={0x0, 0x7f, 0x5})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r11}, 0x10)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r12}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
pipe(&(0x7f00000007c0))
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r13}, 0x10)
io_uring_enter(r0, 0x66a8, 0x4000, 0xf, 0x0, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="620ac4ff0000000071104d000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed4040, &(0x7f0000000000)={[{@init_itable_val={'init_itable', 0x3d, 0x23}}, {@stripe={'stripe', 0x3d, 0x1}}, {@journal_dev={'journal_dev', 0x3d, 0x403}}, {@journal_async_commit}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nolazytime}, {}]}, 0xf5, 0x47a, &(0x7f0000000ac0)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKd1WwhSwEBNhBBFDxjjwZB4Nx5N/As86cWoJxOveDckxHABPa2ZnRnaLrulpQu7uJ9PMux7M7O89903b/fNe7sNoG+NZf8kEesj4mJEjEZEpfmEsfzh2pWztX+unK0lUa+/9XeSPS2uXjlbK/6LxpZZl++o14v8mhblnn83ojo7O3OyyE/MHftg4tTpM88eOVY9PHN45vjUgQN792wf2j+1ryNxZnFd3frxiW1bXn3nwuu1gxfe+/X7rL7ri+NlHJ00lr+6LT3R6cK6bMOCdFLpYkVYkazdBovtYozGQIxcPzYar3zW1coBt1ul1edz4Vwd+B/LBupAPyo/6LP733K7Q+OOnnD5xXzCI4v7WrHlRyqRFucMNt3fdtJwRBw89+832Ra3aR4CAGChH7PxzzOtxn9pPLDgvHuKNZSNEXFvRGyKiPsiYnNE3B/ROPfBiHhoheU3r5DcOP5JLy3K1gdWWMLSsvHf88Xa1uLxXzn6i40DRW5DI/7B5NCR2ZndxWuyKwbXZPnJRU9Z7KeX//iqed+XxTT72ILxX7Zl5S+OML3UPEE3XZ2rrj7y3OVPI7ZWWsWfXF8HTCJiS0RsvcUyjjz13bZ2x1rFX46Fb6oD60z1byOezNv/XDTFX0rark9OPrd/at/EcMzO7J4or4ob/fb7+Tfblb+q+Dsga/+1La//PP7sHjEZjjh1+szRxnrtqVso5M/Pa0mbQ5tvGv+N139tZ8RQ8nYjPVSeVTwOJa9lDyPl/o+qc3Mnp+afW+Ybj5N5/Lt2zMdfjfn+vym/PWu8Eg9HRHYRb4+IRyLi0aLtHouIxyNixxLh//LSzvfbHWvf/kvMyndQFv/0Eu2fveVlqfn2X3li4OjPP7Qrv76s9t/bSO0q9izn/W+5FVzNawcAAAB3i7TxHfgkHb+eTtPx8fw7/JtjbVqJiKcPnfjw+HT+XfmNMZiWM12jC+ZDJ4u54TI/1ZTfU8wbfz0w0siP107MTnc7eOhz69r0/8xfnV1qAXqR32tB/9L/oX/p/9C/9H/oXy90uwJAdwy13v3Jna4H0BUrH/8P35Z6AHee+3/oX/o/9C/9H/pS29/Gp6v6yf/dmqj0RjVaJkZ6oxplItKeqEbnEm98kXeJXqlPmags+49Z3GJiTctD3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iz/AgAA///NIdoS")

207.033156ms ago: executing program 3 (id=1311):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0, 0x0, 0x1000000000000}, 0x18)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffe4)

175.569907ms ago: executing program 3 (id=1312):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r1)

168.450767ms ago: executing program 6 (id=1313):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[], 0xb8}}, 0x0)

116.574868ms ago: executing program 4 (id=1314):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x63cf80fb, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000001000/0x4000)=nil)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000540), 0x0, 0x200c4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x48000}, 0x40008c0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000d00)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1a"], 0x20)
socket$unix(0x1, 0xc, 0x0)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000040)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e90021118db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052", 0x33}, {&(0x7f0000000280)="edce35b4db1b4d", 0x28}], 0x2)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001780), 0x161801, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f00000017c0)='schedstat\x00')
getsockopt$ARPT_SO_GET_ENTRIES(r8, 0x0, 0x61, &(0x7f00000001c0), &(0x7f0000000200)=0x24)
mount$9p_fd(0x0, &(0x7f0000001800)='.\x00', &(0x7f0000001840), 0x11, &(0x7f0000001980)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r7}})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f0000000140)={{0x0, 0x3, 0x9, 0x2, 0xffffff92}})
r9 = dup(r6)
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])

63.961509ms ago: executing program 6 (id=1315):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r2)

25.66971ms ago: executing program 2 (id=1316):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000a80)='kfree\x00', r0}, 0x18)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe)
listen(r1, 0x0)
shutdown(r1, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r3, 0x4c80, 0xffffffffffffffb6)

0s ago: executing program 2 (id=1317):
r0 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000280))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000f40)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000300000000000000000000000000000000000032d296f2ea99314ddaaccf9b613ab840dd6bc3f4d52a4f15a12aa18dcabe00f4d1f9e936656224c6fdf08b12f2e364fe56c57838af7c26c4650096b5909038673adc83aad6e287773b4e1274f7c91e9976d445d8915c096335cb7a3be0c6693e6eca70d80b669eb6cf957b7cd388d9057a8e1dd62ec6338142e65f1ddeffb171ec12c7cbab6c3bf4cc44e5f9820092a98c26fdaf0e6b19268d36149d4c71100b0542447ed6f34e06cd84d16eb5cbeed4f3545c34c0d6c3842d3352aa1043c640b84c1c1e000f320257"], 0x0, 0x27}, 0x28)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r3, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000300)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400), <r5=>0x0, 0x5c, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0xb9, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f0000000380)={0x0, 0x7f, 0x5})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r11}, 0x10)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r12}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
pipe(&(0x7f00000007c0))
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r13}, 0x10)
io_uring_enter(r0, 0x66a8, 0x4000, 0xf, 0x0, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="620ac4ff0000000071104d000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed4040, &(0x7f0000000000)={[{@init_itable_val={'init_itable', 0x3d, 0x23}}, {@stripe={'stripe', 0x3d, 0x1}}, {@journal_dev={'journal_dev', 0x3d, 0x403}}, {@journal_async_commit}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nolazytime}, {}]}, 0xf5, 0x47a, &(0x7f0000000ac0)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKd1WwhSwEBNhBBFDxjjwZB4Nx5N/As86cWoJxOveDckxHABPa2ZnRnaLrulpQu7uJ9PMux7M7O89903b/fNe7sNoG+NZf8kEesj4mJEjEZEpfmEsfzh2pWztX+unK0lUa+/9XeSPS2uXjlbK/6LxpZZl++o14v8mhblnn83ojo7O3OyyE/MHftg4tTpM88eOVY9PHN45vjUgQN792wf2j+1ryNxZnFd3frxiW1bXn3nwuu1gxfe+/X7rL7ri+NlHJ00lr+6LT3R6cK6bMOCdFLpYkVYkazdBovtYozGQIxcPzYar3zW1coBt1ul1edz4Vwd+B/LBupAPyo/6LP733K7Q+OOnnD5xXzCI4v7WrHlRyqRFucMNt3fdtJwRBw89+832Ra3aR4CAGChH7PxzzOtxn9pPLDgvHuKNZSNEXFvRGyKiPsiYnNE3B/ROPfBiHhoheU3r5DcOP5JLy3K1gdWWMLSsvHf88Xa1uLxXzn6i40DRW5DI/7B5NCR2ZndxWuyKwbXZPnJRU9Z7KeX//iqed+XxTT72ILxX7Zl5S+OML3UPEE3XZ2rrj7y3OVPI7ZWWsWfXF8HTCJiS0RsvcUyjjz13bZ2x1rFX46Fb6oD60z1byOezNv/XDTFX0rark9OPrd/at/EcMzO7J4or4ob/fb7+Tfblb+q+Dsga/+1La//PP7sHjEZjjh1+szRxnrtqVso5M/Pa0mbQ5tvGv+N139tZ8RQ8nYjPVSeVTwOJa9lDyPl/o+qc3Mnp+afW+Ybj5N5/Lt2zMdfjfn+vym/PWu8Eg9HRHYRb4+IRyLi0aLtHouIxyNixxLh//LSzvfbHWvf/kvMyndQFv/0Eu2fveVlqfn2X3li4OjPP7Qrv76s9t/bSO0q9izn/W+5FVzNawcAAAB3i7TxHfgkHb+eTtPx8fw7/JtjbVqJiKcPnfjw+HT+XfmNMZiWM12jC+ZDJ4u54TI/1ZTfU8wbfz0w0siP107MTnc7eOhz69r0/8xfnV1qAXqR32tB/9L/oX/p/9C/9H/oXy90uwJAdwy13v3Jna4H0BUrH/8P35Z6AHee+3/oX/o/9C/9H/pS29/Gp6v6yf/dmqj0RjVaJkZ6oxplItKeqEbnEm98kXeJXqlPmags+49Z3GJiTctD3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iz/AgAA///NIdoS")

kernel console output (not intermixed with test programs):

.359731][ T5416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.359799][ T5416] RIP: 0033:0x7fb0c02eeba9
[   83.359818][ T5416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.359840][ T5416] RSP: 002b:00007fb0bed57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   83.359929][ T5416] RAX: ffffffffffffffda RBX: 00007fb0c0535fa0 RCX: 00007fb0c02eeba9
[   83.360008][ T5416] RDX: 0000000000000094 RSI: 0000200000000280 RDI: 0000000000000005
[   83.360023][ T5416] RBP: 00007fb0bed57090 R08: 0000000000000000 R09: 0000000000000000
[   83.360038][ T5416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.360053][ T5416] R13: 00007fb0c0536038 R14: 00007fb0c0535fa0 R15: 00007ffe41d2bd48
[   83.360077][ T5416]  </TASK>
[   83.360099][ T5416] syz.0.662: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[   83.415784][ T5422] process 'syz.4.665' launched './file1' with NULL argv: empty string added
[   83.417962][ T5416] ,cpuset=
[   83.437527][ T3553] vhci_hcd: vhci_device speed not set
[   83.443115][ T5416] /,mems_allowed=0
[   83.471961][ T5418] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   83.474836][ T5416] 
[   83.474851][ T5416] CPU: 1 UID: 0 PID: 5416 Comm: syz.0.662 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   83.474961][ T5416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   83.474979][ T5416] Call Trace:
[   83.474991][ T5416]  <TASK>
[   83.475000][ T5416]  __dump_stack+0x1d/0x30
[   83.475029][ T5416]  dump_stack_lvl+0xe8/0x140
[   83.475058][ T5416]  dump_stack+0x15/0x1b
[   83.475081][ T5416]  warn_alloc+0x12b/0x1a0
[   83.475230][ T5416]  ? should_failslab+0x8c/0xb0
[   83.475347][ T5416]  __vmalloc_node_range_noprof+0x497/0xe00
[   83.475434][ T5416]  ? cred_has_capability+0x210/0x280
[   83.475468][ T5416]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   83.475580][ T5416]  __vmalloc_noprof+0x83/0xc0
[   83.475686][ T5416]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   83.475725][ T5416]  bpf_prog_alloc_no_stats+0x47/0x3a0
[   83.475761][ T5416]  ? bpf_prog_alloc+0x2a/0x150
[   83.475799][ T5416]  bpf_prog_alloc+0x3c/0x150
[   83.475889][ T5416]  bpf_prog_load+0x514/0x1070
[   83.475940][ T5416]  ? security_bpf+0x2b/0x90
[   83.475967][ T5416]  __sys_bpf+0x462/0x7b0
[   83.476075][ T5416]  __x64_sys_bpf+0x41/0x50
[   83.476110][ T5416]  x64_sys_call+0x2aea/0x2ff0
[   83.476140][ T5416]  do_syscall_64+0xd2/0x200
[   83.476182][ T5416]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   83.476362][ T5416]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   83.476448][ T5416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.476545][ T5416] RIP: 0033:0x7fb0c02eeba9
[   83.476567][ T5416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.476665][ T5416] RSP: 002b:00007fb0bed57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   83.476707][ T5416] RAX: ffffffffffffffda RBX: 00007fb0c0535fa0 RCX: 00007fb0c02eeba9
[   83.476723][ T5416] RDX: 0000000000000094 RSI: 0000200000000280 RDI: 0000000000000005
[   83.476741][ T5416] RBP: 00007fb0bed57090 R08: 0000000000000000 R09: 0000000000000000
[   83.476759][ T5416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.476813][ T5416] R13: 00007fb0c0536038 R14: 00007fb0c0535fa0 R15: 00007ffe41d2bd48
[   83.476842][ T5416]  </TASK>
[   83.476954][ T5416] Mem-Info:
[   83.937966][ T5416] active_anon:4080 inactive_anon:0 isolated_anon:0
[   83.937966][ T5416]  active_file:9171 inactive_file:2267 isolated_file:0
[   83.937966][ T5416]  unevictable:0 dirty:481 writeback:0
[   83.937966][ T5416]  slab_reclaimable:3586 slab_unreclaimable:14306
[   83.937966][ T5416]  mapped:29500 shmem:176 pagetables:1198
[   83.937966][ T5416]  sec_pagetables:0 bounce:0
[   83.937966][ T5416]  kernel_misc_reclaimable:0
[   83.937966][ T5416]  free:1888741 free_pcp:12136 free_cma:0
[   83.938080][ T5416] Node 0 active_anon:16320kB inactive_anon:0kB active_file:36684kB inactive_file:9068kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:118000kB dirty:1924kB writeback:0kB shmem:704kB kernel_stack:3392kB pagetables:4792kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   83.938141][ T5416] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   83.938307][ T5416] lowmem_reserve[]: 0 2883 7862 7862
[   83.938339][ T5416] Node 0 DMA32 free:2949292kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952824kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[   83.938446][ T5416] lowmem_reserve[]: 0 0 4978 4978
[   83.938481][ T5416] Node 0 Normal free:4590312kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16320kB inactive_anon:0kB active_file:36684kB inactive_file:9068kB unevictable:0kB writepending:1924kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:45012kB local_pcp:28928kB free_cma:0kB
[   83.938592][ T5416] lowmem_reserve[]: 0 0 0 0
[   83.938623][ T5416] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   83.938868][ T5416] Node 0 DMA32: 5*4kB (M) 3*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949292kB
[   83.939176][ T5416] Node 0 Normal: 192*4kB (UM) 73*8kB (UE) 12*16kB (UM) 23*32kB (M) 58*64kB (UM) 11*128kB (UM) 12*256kB (UM) 9*512kB (UM) 14*1024kB (UME) 5*2048kB (UM) 1111*4096kB (UM) = 4590312kB
[   83.939421][ T5416] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   84.210346][ T5416] 11610 total pagecache pages
[   84.210358][ T5416] 0 pages in swap cache
[   84.210477][ T5416] Free swap  = 124996kB
[   84.210489][ T5416] Total swap = 124996kB
[   84.210502][ T5416] 2097051 pages RAM
[   84.210509][ T5416] 0 pages HighMem/MovableOnly
[   84.210516][ T5416] 80445 pages reserved
[   84.252393][ T5435] loop1: detected capacity change from 0 to 512
[   84.266921][ T5435] EXT4-fs (loop1): external journal device major/minor numbers have changed
[   84.334248][ T5435] EXT4-fs (loop1): failed to open journal device unknown-block(4,3) -6
[   84.336639][ T5447] netlink: 'syz.2.670': attribute type 1 has an invalid length.
[   84.353637][ T5447] netlink: 224 bytes leftover after parsing attributes in process `syz.2.670'.
[   84.406864][ T5453] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   84.414726][ T5453] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   84.424199][ T5453] vhci_hcd vhci_hcd.0: Device attached
[   84.434893][ T5453] netlink: 100 bytes leftover after parsing attributes in process `syz.1.673'.
[   84.451797][ T5453] siw: device registration error -23
[   84.467119][ T5451] loop4: detected capacity change from 0 to 1024
[   84.509589][ T5467] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[   84.516916][ T5467] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   84.525235][ T5467] vhci_hcd vhci_hcd.0: Device attached
[   84.533489][ T5454] vhci_hcd: connection closed
[   84.533698][   T48] vhci_hcd: stop threads
[   84.544240][   T48] vhci_hcd: release socket
[   84.549186][   T48] vhci_hcd: disconnect device
[   84.561804][ T5467] siw: device registration error -23
[   84.603961][ T5474] loop2: detected capacity change from 0 to 8192
[   84.613241][ T5474] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   84.615551][ T3412] vhci_hcd: vhci_device speed not set
[   84.637016][ T5470] vhci_hcd: connection closed
[   84.637546][   T48] vhci_hcd: stop threads
[   84.648642][   T48] vhci_hcd: release socket
[   84.653564][   T48] vhci_hcd: disconnect device
[   84.773088][ T5479] loop2: detected capacity change from 0 to 1024
[   84.811180][ T5482] loop2: detected capacity change from 0 to 512
[   84.827346][ T5482] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.842815][ T5482] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.863526][ T5482] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 3: comm syz.2.683: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[   84.996934][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.021458][ T5486] loop0: detected capacity change from 0 to 512
[   85.031712][ T5486] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   85.079260][ T5486] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #15: comm syz.0.685: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   85.110191][ T5491] usb usb4: usbfs: interface 0 claimed by hub while 'syz.2.686' sets config #0
[   85.123575][ T3304] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz-executor: path /137/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[   85.333072][ T5513] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   85.341216][ T5513] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   85.349546][ T5513] vhci_hcd vhci_hcd.0: Device attached
[   85.386587][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.408633][   T30] kauditd_printk_skb: 1057 callbacks suppressed
[   85.408651][   T30] audit: type=1326 audit(1758196906.678:8029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5512 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f620f38eba9 code=0x7ffc0000
[   85.443600][   T30] audit: type=1326 audit(1758196906.708:8030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5512 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620f38eba9 code=0x7ffc0000
[   85.472329][   T30] audit: type=1326 audit(1758196906.708:8031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5512 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620f38eba9 code=0x7ffc0000
[   85.500729][   T30] audit: type=1326 audit(1758196906.708:8032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5524 comm="syz.2.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5e50c0eba9 code=0x7ffc0000
[   85.528689][   T30] audit: type=1326 audit(1758196906.708:8033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5524 comm="syz.2.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e50c0eba9 code=0x7ffc0000
[   85.556752][   T30] audit: type=1326 audit(1758196906.708:8034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5524 comm="syz.2.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e50c0eba9 code=0x7ffc0000
[   85.585466][ T3412] vhci_hcd: vhci_device speed not set
[   85.593036][ T5513] siw: device registration error -23
[   85.611215][ T5525] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[   85.619697][ T5525] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   85.628139][ T5525] vhci_hcd vhci_hcd.0: Device attached
[   85.631767][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.655390][ T3412] usb 3-1: new full-speed USB device number 7 using vhci_hcd
[   85.665053][   T30] audit: type=1326 audit(1758196906.828:8035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5524 comm="syz.2.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f5e50c10afa code=0x7ffc0000
[   85.691422][   T30] audit: type=1326 audit(1758196906.828:8036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5524 comm="syz.2.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e50c0d510 code=0x7ffc0000
[   85.719109][   T30] audit: type=1326 audit(1758196906.828:8037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5524 comm="syz.2.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5e50c0d65f code=0x7ffc0000
[   85.744602][   T30] audit: type=1326 audit(1758196906.848:8038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5512 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f620f38eba9 code=0x7ffc0000
[   85.776897][ T5533] vhci_hcd: connection closed
[   85.777331][   T48] vhci_hcd: stop threads
[   85.787358][   T48] vhci_hcd: release socket
[   85.792174][   T48] vhci_hcd: disconnect device
[   85.799399][ T5518] vhci_hcd: connection reset by peer
[   85.805663][ T3567] vhci_hcd: vhci_device speed not set
[   85.818944][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.820385][   T48] vhci_hcd: stop threads
[   85.836308][   T48] vhci_hcd: release socket
[   85.841455][   T48] vhci_hcd: disconnect device
[   85.904715][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.002754][   T12] bridge_slave_1: left allmulticast mode
[   86.009535][   T12] bridge_slave_1: left promiscuous mode
[   86.016507][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.025964][   T12] bridge_slave_0: left allmulticast mode
[   86.033064][   T12] bridge_slave_0: left promiscuous mode
[   86.039478][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.090655][   T12] bond1 (unregistering): (slave geneve2): Releasing active interface
[   86.157733][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   86.169240][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   86.181005][   T12] bond0 (unregistering): Released all slaves
[   86.191026][   T12] bond1 (unregistering): Released all slaves
[   86.209042][ T5536] chnl_net:caif_netlink_parms(): no params data found
[   86.230495][   T12] tipc: Left network mode
[   86.251625][   T12] hsr_slave_0: left promiscuous mode
[   86.258308][   T12] hsr_slave_1: left promiscuous mode
[   86.264925][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.273528][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   86.283962][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.292703][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.305886][   T12] veth1_macvtap: left promiscuous mode
[   86.311865][   T12] veth0_macvtap: left promiscuous mode
[   86.318391][   T12] veth1_vlan: left promiscuous mode
[   86.324309][   T12] veth0_vlan: left promiscuous mode
[   86.346418][ T5577] loop3: detected capacity change from 0 to 512
[   86.377814][ T5577] EXT4-fs (loop3): external journal device major/minor numbers have changed
[   86.399730][ T5588] loop2: detected capacity change from 0 to 1024
[   86.423809][ T5589] loop4: detected capacity change from 0 to 512
[   86.432645][ T5589] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   86.461615][ T5588] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.484202][ T5577] EXT4-fs (loop3): failed to open journal device unknown-block(4,3) -6
[   86.493399][ T5588] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.506062][   T12] team0 (unregistering): Port device team_slave_1 removed
[   86.514429][ T5589] EXT4-fs (loop4): failed to open journal device unknown-block(4,3) -6
[   86.526054][   T12] team0 (unregistering): Port device team_slave_0 removed
[   86.570594][ T5588] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.721: bg 0: block 393: padding at end of block bitmap is not set
[   86.607820][ T5606] loop1: detected capacity change from 0 to 512
[   86.634031][ T5606] EXT4-fs (loop1): external journal device major/minor numbers have changed
[   86.645658][ T5536] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.654161][ T5536] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.679238][ T5536] bridge_slave_0: entered allmulticast mode
[   86.679549][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.687000][ T5536] bridge_slave_0: entered promiscuous mode
[   86.704675][ T5536] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.712652][ T5536] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.721011][ T5536] bridge_slave_1: entered allmulticast mode
[   86.736197][ T5536] bridge_slave_1: entered promiscuous mode
[   86.737635][ T5617] random: crng reseeded on system resumption
[   86.786113][ T5536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.810512][ T5617] netlink: 'syz.3.731': attribute type 1 has an invalid length.
[   86.834058][ T5606] EXT4-fs (loop1): failed to open journal device unknown-block(4,3) -6
[   86.846201][ T5536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.892104][ T5536] team0: Port device team_slave_0 added
[   86.904893][ T5536] team0: Port device team_slave_1 added
[   86.922485][ T5628] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[   86.930196][ T5628] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   86.938694][ T5628] vhci_hcd vhci_hcd.0: Device attached
[   86.965477][ T5536] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.973756][ T5536] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.004290][ T5536] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.026934][ T5634] loop4: detected capacity change from 0 to 512
[   87.037909][ T5634] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   87.039429][ T5536] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.055275][ T5536] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.059679][ T5628] siw: device registration error -23
[   87.084386][ T5536] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.127069][ T5644] usb usb4: usbfs: interface 0 claimed by hub while 'syz.2.741' sets config #0
[   87.137741][   T23] vhci_hcd: vhci_device speed not set
[   87.149509][ T5634] EXT4-fs (loop4): failed to open journal device unknown-block(4,3) -6
[   87.165158][ T5640] loop1: detected capacity change from 0 to 1024
[   87.176953][ T5629] vhci_hcd: connection closed
[   87.177093][   T25] vhci_hcd: stop threads
[   87.185282][ T5536] hsr_slave_0: entered promiscuous mode
[   87.187613][   T25] vhci_hcd: release socket
[   87.196079][ T5536] hsr_slave_1: entered promiscuous mode
[   87.199657][   T25] vhci_hcd: disconnect device
[   87.213549][   T23] usb 7-1: new full-speed USB device number 7 using vhci_hcd
[   87.223238][   T23] usb 7-1: enqueue for inactive port 0
[   87.236844][   T23] usb 7-1: enqueue for inactive port 0
[   87.242895][   T23] usb 7-1: enqueue for inactive port 0
[   87.250608][ T5640] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.271757][ T5640] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.315373][   T23] vhci_hcd: vhci_device speed not set
[   87.399659][ T1888] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   87.423763][ T5536] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   87.426761][ T1888] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[   87.450127][ T1888] EXT4-fs (loop1): This should not happen!! Data will be lost
[   87.450127][ T1888] 
[   87.460755][ T1888] EXT4-fs (loop1): Total free blocks count 0
[   87.461459][ T5656] loop4: detected capacity change from 0 to 8192
[   87.471424][ T1888] EXT4-fs (loop1): Free/Dirty block details
[   87.482229][ T5656] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   87.484820][ T1888] EXT4-fs (loop1): free_blocks=4293918720
[   87.502307][ T1888] EXT4-fs (loop1): dirty_blocks=16
[   87.508435][ T1888] EXT4-fs (loop1): Block reservation details
[   87.515586][ T1888] EXT4-fs (loop1): i_reserved_data_blocks=1
[   87.524422][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.526243][ T5536] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   87.584423][ T5536] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   87.601564][ T5536] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   87.638201][ T5662] loop4: detected capacity change from 0 to 512
[   87.648069][ T5662] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   87.694738][ T5662] EXT4-fs (loop4): failed to open journal device unknown-block(4,3) -6
[   87.708390][ T5536] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.746007][ T5536] 8021q: adding VLAN 0 to HW filter on device team0
[   87.777539][ T1888] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.784995][ T1888] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.798422][ T5685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.809775][ T5685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.820471][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.828983][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.851006][ T5685] loop3: detected capacity change from 0 to 1024
[   87.878033][ T5536] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   87.890656][ T5536] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   87.951792][ T5689] loop1: detected capacity change from 0 to 1024
[   88.026531][ T5536] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.068697][ T5692] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.127089][ T5692] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.139597][ T5695] loop1: detected capacity change from 0 to 8192
[   88.161988][ T5695] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   88.186896][ T5692] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.200711][ T5709] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[   88.208585][ T5709] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   88.217128][ T5709] vhci_hcd vhci_hcd.0: Device attached
[   88.237087][ T5692] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.255996][ T5709] __nla_validate_parse: 13 callbacks suppressed
[   88.256016][ T5709] netlink: 100 bytes leftover after parsing attributes in process `syz.2.759'.
[   88.285214][ T1888] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.330286][ T1888] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.355134][ T1888] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.395396][ T3567] vhci_hcd: vhci_device speed not set
[   88.419530][ T5536] veth0_vlan: entered promiscuous mode
[   88.432079][ T5536] veth1_vlan: entered promiscuous mode
[   88.452485][ T5536] veth0_macvtap: entered promiscuous mode
[   88.460171][ T3567] usb 5-1: new full-speed USB device number 5 using vhci_hcd
[   88.468621][ T1888] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.479332][ T5536] veth1_macvtap: entered promiscuous mode
[   88.486575][ T5710] vhci_hcd: connection reset by peer
[   88.492924][   T25] vhci_hcd: stop threads
[   88.496180][ T5536] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.499023][   T25] vhci_hcd: release socket
[   88.509544][ T5536] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.512489][   T25] vhci_hcd: disconnect device
[   88.534616][ T1888] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.547521][ T1888] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.643689][ T1888] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.764108][ T1888] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.873468][ T5738] loop1: detected capacity change from 0 to 512
[   88.886358][ T5738] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   89.021252][ T5738] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.766: Failed to acquire dquot type 0
[   89.126154][ T5738] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[   89.182135][ T5736] loop5: detected capacity change from 0 to 8192
[   89.260050][ T5744] netlink: 8 bytes leftover after parsing attributes in process `syz.2.768'.
[   89.284667][ T5745] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #15: comm syz.1.766: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   89.309385][ T5736] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   89.344090][ T3306] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 3: comm syz-executor: path /173/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[   89.552019][ T5755] random: crng reseeded on system resumption
[   89.564146][   T25] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.618622][   T25] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.671514][   T25] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.778863][   T25] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.821207][ T5759] chnl_net:caif_netlink_parms(): no params data found
[   89.831470][ T5774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.779'.
[   89.875138][ T5759] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.884863][ T5759] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.893234][ T5759] bridge_slave_0: entered allmulticast mode
[   89.901453][ T5759] bridge_slave_0: entered promiscuous mode
[   89.920546][ T5759] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.929133][ T5759] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.938246][ T5759] bridge_slave_1: entered allmulticast mode
[   89.946376][ T5759] bridge_slave_1: entered promiscuous mode
[   89.973464][   T25] bridge_slave_1: left allmulticast mode
[   89.980030][   T25] bridge_slave_1: left promiscuous mode
[   89.987331][   T25] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.996283][   T25] bridge_slave_0: left allmulticast mode
[   90.002980][   T25] bridge_slave_0: left promiscuous mode
[   90.010689][   T25] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.097838][   T25] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   90.110492][   T25] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   90.121905][ T5784] loop4: detected capacity change from 0 to 1024
[   90.133329][   T25] bond0 (unregistering): Released all slaves
[   90.140747][ T5784] EXT4-fs: Ignoring removed nobh option
[   90.147668][ T5784] EXT4-fs: Ignoring removed bh option
[   90.157524][ T5784] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.157991][ T5759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.188474][ T5759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.227409][   T25] hsr_slave_0: left promiscuous mode
[   90.234657][   T25] hsr_slave_1: left promiscuous mode
[   90.241032][   T25] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.254417][   T25] batman_adv: batadv0: Removing interface: batadv_slave_1
[   90.272336][   T25] veth1_macvtap: left promiscuous mode
[   90.284983][   T25] veth0_macvtap: left promiscuous mode
[   90.294135][ T5791] random: crng reseeded on system resumption
[   90.301576][   T25] veth1_vlan: left promiscuous mode
[   90.316345][   T25] veth0_vlan: left promiscuous mode
[   90.392579][   T25] team0 (unregistering): Port device team_slave_1 removed
[   90.404896][   T25] team0 (unregistering): Port device team_slave_0 removed
[   90.446508][ T5759] team0: Port device team_slave_0 added
[   90.460511][ T5759] team0: Port device team_slave_1 added
[   90.481792][ T5795] netlink: 8 bytes leftover after parsing attributes in process `syz.2.786'.
[   90.495155][ T5759] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.503368][ T5759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.533983][ T5759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.534360][   T30] kauditd_printk_skb: 699 callbacks suppressed
[   90.534378][   T30] audit: type=1326 audit(1758196911.798:8736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5792 comm="syz.5.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   90.547969][ T5759] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.587265][   T30] audit: type=1326 audit(1758196911.858:8737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5792 comm="syz.5.785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   90.592296][ T5759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.650524][ T5759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.688375][ T5759] hsr_slave_0: entered promiscuous mode
[   90.695818][ T5759] hsr_slave_1: entered promiscuous mode
[   90.703162][ T5759] debugfs: 'hsr0' already exists in 'hsr'
[   90.710864][ T5759] Cannot create hsr debugfs directory
[   90.716956][ T3412] usb 3-1: enqueue for inactive port 0
[   90.724869][ T3412] usb 3-1: enqueue for inactive port 0
[   90.796077][ T3412] vhci_hcd: vhci_device speed not set
[   90.830280][ T5759] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   90.849812][ T5759] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   90.869858][ T5759] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   90.884034][ T5759] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   90.893763][ T5800] usb usb4: usbfs: interface 0 claimed by hub while 'syz.2.787' sets config #0
[   90.923460][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.945507][   T30] audit: type=1326 audit(1758196912.208:8738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5799 comm="syz.2.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e50c0eba9 code=0x7ffc0000
[   90.978999][   T30] audit: type=1326 audit(1758196912.208:8739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5799 comm="syz.2.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f5e50c0eba9 code=0x7ffc0000
[   91.008288][   T30] audit: type=1326 audit(1758196912.208:8740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5799 comm="syz.2.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e50c0eba9 code=0x7ffc0000
[   91.037653][   T30] audit: type=1326 audit(1758196912.208:8741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5799 comm="syz.2.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f5e50c0eba9 code=0x7ffc0000
[   91.067537][   T30] audit: type=1326 audit(1758196912.208:8742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5799 comm="syz.2.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e50c0eba9 code=0x7ffc0000
[   91.107524][ T5810] loop3: detected capacity change from 0 to 512
[   91.121973][ T5759] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.127601][ T5810] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   91.138109][ T5759] 8021q: adding VLAN 0 to HW filter on device team0
[   91.166439][ T1888] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.175043][ T1888] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.188711][ T1888] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.197518][ T1888] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.269224][ T3313] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   91.312297][ T5759] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.381200][ T5823] netlink: 8 bytes leftover after parsing attributes in process `syz.3.793'.
[   91.478263][ T5840] loop5: detected capacity change from 0 to 512
[   91.519952][ T5848] FAULT_INJECTION: forcing a failure.
[   91.519952][ T5848] name failslab, interval 1, probability 0, space 0, times 0
[   91.535166][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: syz.3.799 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.535195][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   91.535292][ T5848] Call Trace:
[   91.535299][ T5848]  <TASK>
[   91.535308][ T5848]  __dump_stack+0x1d/0x30
[   91.535334][ T5848]  dump_stack_lvl+0xe8/0x140
[   91.535359][ T5848]  dump_stack+0x15/0x1b
[   91.535382][ T5848]  should_fail_ex+0x265/0x280
[   91.535491][ T5848]  should_failslab+0x8c/0xb0
[   91.535525][ T5848]  kmem_cache_alloc_node_noprof+0x57/0x320
[   91.535562][ T5848]  ? __alloc_skb+0x101/0x320
[   91.535586][ T5848]  __alloc_skb+0x101/0x320
[   91.535638][ T5848]  netlink_ack+0xfd/0x500
[   91.535691][ T5848]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[   91.535725][ T5848]  netlink_rcv_skb+0x192/0x220
[   91.535790][ T5848]  ? __pfx_genl_rcv_msg+0x10/0x10
[   91.535833][ T5848]  genl_rcv+0x28/0x40
[   91.535869][ T5848]  netlink_unicast+0x5bd/0x690
[   91.535899][ T5848]  netlink_sendmsg+0x58b/0x6b0
[   91.535984][ T5848]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.536013][ T5848]  __sock_sendmsg+0x145/0x180
[   91.536056][ T5848]  ____sys_sendmsg+0x31e/0x4e0
[   91.536094][ T5848]  ___sys_sendmsg+0x17b/0x1d0
[   91.536155][ T5848]  __x64_sys_sendmsg+0xd4/0x160
[   91.536185][ T5848]  x64_sys_call+0x191e/0x2ff0
[   91.536259][ T5848]  do_syscall_64+0xd2/0x200
[   91.536292][ T5848]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   91.536323][ T5848]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   91.536387][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.536413][ T5848] RIP: 0033:0x7f99239ceba9
[   91.536505][ T5848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.536523][ T5848] RSP: 002b:00007f9922437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.536548][ T5848] RAX: ffffffffffffffda RBX: 00007f9923c15fa0 RCX: 00007f99239ceba9
[   91.536563][ T5848] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000005
[   91.536574][ T5848] RBP: 00007f9922437090 R08: 0000000000000000 R09: 0000000000000000
[   91.536589][ T5848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.536677][ T5848] R13: 00007f9923c16038 R14: 00007f9923c15fa0 R15: 00007fff52fcef68
[   91.536700][ T5848]  </TASK>
[   91.835935][ T5840] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.851721][ T5759] veth0_vlan: entered promiscuous mode
[   91.859005][ T5840] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.873792][ T5759] veth1_vlan: entered promiscuous mode
[   91.887884][ T5840] netlink: 8 bytes leftover after parsing attributes in process `syz.5.797'.
[   91.903918][ T5759] veth0_macvtap: entered promiscuous mode
[   91.941617][ T5759] veth1_macvtap: entered promiscuous mode
[   91.963106][ T5759] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.976979][ T5856] usb usb4: usbfs: interface 0 claimed by hub while 'syz.3.801' sets config #0
[   91.978227][ T5759] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.003486][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.013290][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.027149][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.053300][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.109181][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.126666][   T30] audit: type=1326 audit(1758196913.398:8743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5855 comm="syz.3.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99239ceba9 code=0x7ffc0000
[   92.177120][ T5860] loop6: detected capacity change from 0 to 1024
[   92.184561][   T30] audit: type=1326 audit(1758196913.398:8744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5855 comm="syz.3.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f99239ceba9 code=0x7ffc0000
[   92.212065][   T30] audit: type=1326 audit(1758196913.398:8745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5855 comm="syz.3.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99239ceba9 code=0x7ffc0000
[   92.283227][ T5860] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.306745][ T5860] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.327785][ T5862] loop5: detected capacity change from 0 to 8192
[   92.337383][ T5862] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   92.371130][ T5860] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.777: bg 0: block 393: padding at end of block bitmap is not set
[   92.438154][ T5759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.458205][ T5870] netlink: 8 bytes leftover after parsing attributes in process `syz.4.805'.
[   92.489241][ T5873] loop5: detected capacity change from 0 to 512
[   92.534273][ T5873] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   92.545337][ T5873] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[   92.551049][ T5884] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[   92.562346][ T5884] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   92.572089][ T5884] vhci_hcd vhci_hcd.0: Device attached
[   92.578515][ T5876] loop3: detected capacity change from 0 to 8192
[   92.583783][ T5884] netlink: 100 bytes leftover after parsing attributes in process `syz.4.812'.
[   92.588428][ T5873] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[   92.609441][ T5873] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   92.620616][ T5873] System zones: 0-2, 18-18, 34-35
[   92.625840][ T5884] siw: device registration error -23
[   92.628926][ T5876]  loop3: p1 p4
[   92.638210][ T5873] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.639100][ T5876] loop3: p1 size 196608 extends beyond EOD, truncated
[   92.662018][ T5876] loop3: p4 start 2516584704 is beyond EOD, truncated
[   92.690417][ T5887] vhci_hcd: connection closed
[   92.690637][   T48] vhci_hcd: stop threads
[   92.701883][   T48] vhci_hcd: release socket
[   92.707258][   T48] vhci_hcd: disconnect device
[   92.724259][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.755349][ T3412] vhci_hcd: vhci_device speed not set
[   92.771443][ T5896] loop5: detected capacity change from 0 to 1024
[   92.780696][ T5896] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.797530][ T5896] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.825168][ T5896] netlink: 'syz.5.815': attribute type 10 has an invalid length.
[   92.838352][ T5896] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.849323][ T5896] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   92.891713][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.907163][ T5876] netlink: 'syz.3.809': attribute type 21 has an invalid length.
[   92.916824][ T5876] netlink: 156 bytes leftover after parsing attributes in process `syz.3.809'.
[   92.928493][ T5876] netlink: 4 bytes leftover after parsing attributes in process `syz.3.809'.
[   93.053393][ T5905] random: crng reseeded on system resumption
[   93.067974][ T5905] netlink: 'syz.2.818': attribute type 1 has an invalid length.
[   93.253360][ T5917] netlink: 'syz.2.821': attribute type 1 has an invalid length.
[   93.268696][ T5915] __nla_validate_parse: 1 callbacks suppressed
[   93.268718][ T5915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.822'.
[   93.322755][ T5917] 8021q: adding VLAN 0 to HW filter on device bond1
[   93.371031][ T5912] netlink: 4 bytes leftover after parsing attributes in process `syz.2.821'.
[   93.405880][ T5912] bond1 (unregistering): Released all slaves
[   93.427237][ T5924] netlink: 'syz.4.825': attribute type 1 has an invalid length.
[   93.454891][ T5924] 8021q: adding VLAN 0 to HW filter on device bond1
[   93.515555][ T3567] usb 5-1: enqueue for inactive port 0
[   93.521481][ T3567] usb 5-1: enqueue for inactive port 0
[   93.535648][ T5924] netlink: 4 bytes leftover after parsing attributes in process `syz.4.825'.
[   93.553645][ T5924] bond1 (unregistering): Released all slaves
[   93.618128][ T3567] vhci_hcd: vhci_device speed not set
[   93.625234][ T5935] netlink: 28 bytes leftover after parsing attributes in process `syz.3.829'.
[   93.635693][ T5935] netlink: 68 bytes leftover after parsing attributes in process `syz.3.829'.
[   93.646865][ T5935] FAULT_INJECTION: forcing a failure.
[   93.646865][ T5935] name failslab, interval 1, probability 0, space 0, times 0
[   93.661866][ T5935] CPU: 1 UID: 0 PID: 5935 Comm: syz.3.829 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.661909][ T5935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   93.661924][ T5935] Call Trace:
[   93.661932][ T5935]  <TASK>
[   93.661941][ T5935]  __dump_stack+0x1d/0x30
[   93.661969][ T5935]  dump_stack_lvl+0xe8/0x140
[   93.662008][ T5935]  dump_stack+0x15/0x1b
[   93.662028][ T5935]  should_fail_ex+0x265/0x280
[   93.662098][ T5935]  should_failslab+0x8c/0xb0
[   93.662138][ T5935]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   93.662173][ T5935]  ? __d_alloc+0x3d/0x340
[   93.662208][ T5935]  ? sprintf+0x88/0xb0
[   93.662263][ T5935]  __d_alloc+0x3d/0x340
[   93.662300][ T5935]  d_alloc_parallel+0x53/0xc60
[   93.662346][ T5935]  ? __rcu_read_unlock+0x4f/0x70
[   93.662374][ T5935]  ? __d_lookup+0x316/0x340
[   93.662412][ T5935]  ? default_pointer+0xf2/0x5e0
[   93.662517][ T5935]  __lookup_slow+0x8c/0x250
[   93.662560][ T5935]  lookup_noperm+0xc9/0x180
[   93.662663][ T5935]  simple_start_creating+0x97/0x120
[   93.662695][ T5935]  start_creating+0xe9/0x160
[   93.662791][ T5935]  __debugfs_create_file+0x6b/0x330
[   93.662827][ T5935]  debugfs_create_file_full+0x3f/0x60
[   93.662921][ T5935]  ? __pfx_hsr_dev_setup+0x10/0x10
[   93.662962][ T5935]  ref_tracker_dir_debugfs+0x100/0x1e0
[   93.663034][ T5935]  alloc_netdev_mqs+0x1a2/0xa30
[   93.663078][ T5935]  rtnl_create_link+0x239/0x710
[   93.663127][ T5935]  rtnl_newlink_create+0x14c/0x620
[   93.663154][ T5935]  ? __schedule+0x6b9/0xb30
[   93.663228][ T5935]  rtnl_newlink+0xf29/0x12d0
[   93.663321][ T5935]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[   93.663366][ T5935]  ? xas_load+0x413/0x430
[   93.663409][ T5935]  ? __memcg_slab_free_hook+0x135/0x230
[   93.663454][ T5935]  ? __rcu_read_unlock+0x4f/0x70
[   93.663480][ T5935]  ? avc_has_perm_noaudit+0x1b1/0x200
[   93.663628][ T5935]  ? cred_has_capability+0x210/0x280
[   93.663661][ T5935]  ? selinux_capable+0x31/0x40
[   93.663725][ T5935]  ? security_capable+0x83/0x90
[   93.663756][ T5935]  ? ns_capable+0x7d/0xb0
[   93.663781][ T5935]  ? __pfx_rtnl_newlink+0x10/0x10
[   93.663879][ T5935]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   93.663924][ T5935]  netlink_rcv_skb+0x123/0x220
[   93.663956][ T5935]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   93.664028][ T5935]  rtnetlink_rcv+0x1c/0x30
[   93.664064][ T5935]  netlink_unicast+0x5bd/0x690
[   93.664095][ T5935]  netlink_sendmsg+0x58b/0x6b0
[   93.664161][ T5935]  ? __pfx_netlink_sendmsg+0x10/0x10
[   93.664249][ T5935]  __sock_sendmsg+0x145/0x180
[   93.664292][ T5935]  ____sys_sendmsg+0x31e/0x4e0
[   93.664335][ T5935]  ___sys_sendmsg+0x17b/0x1d0
[   93.664407][ T5935]  __x64_sys_sendmsg+0xd4/0x160
[   93.664446][ T5935]  x64_sys_call+0x191e/0x2ff0
[   93.664472][ T5935]  do_syscall_64+0xd2/0x200
[   93.664511][ T5935]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   93.664603][ T5935]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.664637][ T5935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.664663][ T5935] RIP: 0033:0x7f99239ceba9
[   93.664679][ T5935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.664698][ T5935] RSP: 002b:00007f9922437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.664753][ T5935] RAX: ffffffffffffffda RBX: 00007f9923c15fa0 RCX: 00007f99239ceba9
[   93.664767][ T5935] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[   93.664782][ T5935] RBP: 00007f9922437090 R08: 0000000000000000 R09: 0000000000000000
[   93.664797][ T5935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.664812][ T5935] R13: 00007f9923c16038 R14: 00007f9923c15fa0 R15: 00007fff52fcef68
[   93.664836][ T5935]  </TASK>
[   93.691271][ T5939] netlink: 100 bytes leftover after parsing attributes in process `syz.6.832'.
[   93.699605][ T5935] syz.3.829 (5935) used greatest stack depth: 9608 bytes left
[   93.788442][ T5946] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[   94.109722][ T5946] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   94.118834][ T5946] vhci_hcd vhci_hcd.0: Device attached
[   94.133380][ T5950] netlink: 100 bytes leftover after parsing attributes in process `syz.3.834'.
[   94.152927][ T5941] netlink: 4 bytes leftover after parsing attributes in process `syz.4.833'.
[   94.164164][ T5946] siw: device registration error -23
[   94.172221][ T5941] netlink: 4 bytes leftover after parsing attributes in process `syz.4.833'.
[   94.272582][ T5947] vhci_hcd: connection closed
[   94.272885][ T1888] vhci_hcd: stop threads
[   94.283855][ T1888] vhci_hcd: release socket
[   94.289600][ T1888] vhci_hcd: disconnect device
[   94.306479][ T3412] vhci_hcd: vhci_device speed not set
[   94.368866][ T5968] loop4: detected capacity change from 0 to 8192
[   94.379661][ T5968] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   94.450277][ T5976] loop5: detected capacity change from 0 to 8192
[   94.459639][ T5976] vfat: Unknown parameter 'GPL'
[   94.522505][ T5981] netlink: 4 bytes leftover after parsing attributes in process `syz.4.848'.
[   94.560670][ T5994] FAULT_INJECTION: forcing a failure.
[   94.560670][ T5994] name failslab, interval 1, probability 0, space 0, times 0
[   94.577569][ T5994] CPU: 0 UID: 0 PID: 5994 Comm: syz.6.854 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.577675][ T5994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   94.577692][ T5994] Call Trace:
[   94.577699][ T5994]  <TASK>
[   94.577708][ T5994]  __dump_stack+0x1d/0x30
[   94.577736][ T5994]  dump_stack_lvl+0xe8/0x140
[   94.577761][ T5994]  dump_stack+0x15/0x1b
[   94.577781][ T5994]  should_fail_ex+0x265/0x280
[   94.577864][ T5994]  should_failslab+0x8c/0xb0
[   94.577898][ T5994]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   94.578019][ T5994]  ? kernfs_node_dentry+0x1c5/0x350
[   94.578148][ T5994]  ? __pfx_kernfs_test_super+0x10/0x10
[   94.578177][ T5994]  kstrdup+0x3e/0xd0
[   94.578351][ T5994]  kernfs_node_dentry+0x1c5/0x350
[   94.578377][ T5994]  cgroup_do_get_tree+0x1ee/0x330
[   94.578485][ T5994]  cgroup_get_tree+0xd7/0x280
[   94.578517][ T5994]  vfs_get_tree+0x57/0x1d0
[   94.578621][ T5994]  vfs_cmd_create+0x8a/0x140
[   94.578655][ T5994]  vfs_fsconfig_locked+0x6f/0x210
[   94.578691][ T5994]  __se_sys_fsconfig+0x648/0x770
[   94.578765][ T5994]  __x64_sys_fsconfig+0x67/0x80
[   94.578794][ T5994]  x64_sys_call+0x1f83/0x2ff0
[   94.578824][ T5994]  do_syscall_64+0xd2/0x200
[   94.578914][ T5994]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   94.578944][ T5994]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   94.578996][ T5994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.579025][ T5994] RIP: 0033:0x7fe92c56eba9
[   94.579044][ T5994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.579068][ T5994] RSP: 002b:00007fe92afd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[   94.579093][ T5994] RAX: ffffffffffffffda RBX: 00007fe92c7b5fa0 RCX: 00007fe92c56eba9
[   94.579109][ T5994] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[   94.579125][ T5994] RBP: 00007fe92afd7090 R08: 0000000000000000 R09: 0000000000000000
[   94.579140][ T5994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.579251][ T5994] R13: 00007fe92c7b6038 R14: 00007fe92c7b5fa0 R15: 00007ffd932a2188
[   94.579288][ T5994]  </TASK>
[   94.846758][ T5992] loop5: detected capacity change from 0 to 1024
[   94.881438][ T6005] FAULT_INJECTION: forcing a failure.
[   94.881438][ T6005] name failslab, interval 1, probability 0, space 0, times 0
[   94.895767][ T6005] CPU: 1 UID: 0 PID: 6005 Comm: syz.6.858 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.895804][ T6005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   94.895822][ T6005] Call Trace:
[   94.895831][ T6005]  <TASK>
[   94.895840][ T6005]  __dump_stack+0x1d/0x30
[   94.895870][ T6005]  dump_stack_lvl+0xe8/0x140
[   94.895913][ T6005]  dump_stack+0x15/0x1b
[   94.895967][ T6005]  should_fail_ex+0x265/0x280
[   94.895996][ T6005]  should_failslab+0x8c/0xb0
[   94.896107][ T6005]  kmem_cache_alloc_noprof+0x50/0x310
[   94.896142][ T6005]  ? security_inode_alloc+0x37/0x100
[   94.896178][ T6005]  security_inode_alloc+0x37/0x100
[   94.896285][ T6005]  inode_init_always_gfp+0x4b7/0x500
[   94.896316][ T6005]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   94.896343][ T6005]  alloc_inode+0x58/0x170
[   94.896368][ T6005]  new_inode+0x1d/0xe0
[   94.896397][ T6005]  shmem_get_inode+0x244/0x750
[   94.896450][ T6005]  __shmem_file_setup+0x113/0x210
[   94.896549][ T6005]  shmem_file_setup+0x3b/0x50
[   94.896624][ T6005]  __se_sys_memfd_create+0x2c3/0x590
[   94.896687][ T6005]  __x64_sys_memfd_create+0x31/0x40
[   94.896712][ T6005]  x64_sys_call+0x2abe/0x2ff0
[   94.896738][ T6005]  do_syscall_64+0xd2/0x200
[   94.896778][ T6005]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   94.896887][ T6005]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   94.896924][ T6005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.896949][ T6005] RIP: 0033:0x7fe92c56eba9
[   94.896967][ T6005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.896987][ T6005] RSP: 002b:00007fe92afd6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   94.897088][ T6005] RAX: ffffffffffffffda RBX: 000000000000043b RCX: 00007fe92c56eba9
[   94.897102][ T6005] RDX: 00007fe92afd6ef0 RSI: 0000000000000000 RDI: 00007fe92c5f27e8
[   94.897116][ T6005] RBP: 0000200000000200 R08: 00007fe92afd6bb7 R09: 00007fe92afd6e40
[   94.897130][ T6005] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[   94.897144][ T6005] R13: 00007fe92afd6ef0 R14: 00007fe92afd6eb0 R15: 0000200000000080
[   94.897166][ T6005]  </TASK>
[   95.271100][ T6019] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[   95.278929][ T6019] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   95.287070][ T6019] vhci_hcd vhci_hcd.0: Device attached
[   95.288455][ T6015] loop3: detected capacity change from 0 to 8192
[   95.303762][ T6015] vfat: Unknown parameter 'GPL'
[   95.314377][ T6019] siw: device registration error -23
[   95.356726][ T6032] usb usb4: usbfs: interface 0 claimed by hub while 'syz.6.870' sets config #0
[   95.379547][ T6020] vhci_hcd: connection closed
[   95.380097][ T1888] vhci_hcd: stop threads
[   95.390136][ T1888] vhci_hcd: release socket
[   95.396037][ T1888] vhci_hcd: disconnect device
[   95.444997][ T6036] loop3: detected capacity change from 0 to 512
[   95.454580][ T6038] netlink: 'syz.6.872': attribute type 10 has an invalid length.
[   95.470329][ T6036] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   95.481140][ T6036] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   95.497625][ T6038] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.510275][ T6038] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   95.521166][ T6036] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[   95.534210][ T6036] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   95.555867][ T6036] System zones: 0-2, 18-18, 34-35
[   95.580231][ T6042] loop5: detected capacity change from 0 to 1024
[   95.594899][ T6042] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.604683][ T6036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.652822][ T6042] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.681909][ T6042] netlink: 'syz.5.873': attribute type 10 has an invalid length.
[   95.713204][   T30] kauditd_printk_skb: 529 callbacks suppressed
[   95.713229][   T30] audit: type=1326 audit(1758196916.948:9275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.716327][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.720821][   T30] audit: type=1326 audit(1758196916.948:9276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.786693][   T30] audit: type=1326 audit(1758196916.948:9277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.813795][   T30] audit: type=1326 audit(1758196916.948:9278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.840427][   T30] audit: type=1326 audit(1758196916.948:9279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.869054][   T30] audit: type=1326 audit(1758196916.948:9280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.896476][   T30] audit: type=1326 audit(1758196916.948:9281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.924926][   T30] audit: type=1326 audit(1758196916.948:9282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.951362][   T30] audit: type=1326 audit(1758196916.948:9283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.979275][   T30] audit: type=1326 audit(1758196916.948:9284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[   95.979311][ T6052] netlink: 'syz.4.878': attribute type 1 has an invalid length.
[   95.993207][ T6052] bond1: entered promiscuous mode
[   96.031927][ T6052] 8021q: adding VLAN 0 to HW filter on device bond1
[   96.063358][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.115094][ T6057] loop5: detected capacity change from 0 to 512
[   96.440831][ T6057] EXT4-fs (loop5): external journal device major/minor numbers have changed
[   96.469668][ T6063] loop3: detected capacity change from 0 to 1024
[   96.540171][ T6057] EXT4-fs (loop5): failed to open journal device unknown-block(4,3) -6
[   96.567698][ T6066] loop2: detected capacity change from 0 to 8192
[   96.582168][ T6066] vfat: Unknown parameter 'GPL'
[   96.594188][ T6073] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[   96.603310][ T6073] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   96.614762][ T6073] vhci_hcd vhci_hcd.0: Device attached
[   96.659671][ T6073] siw: device registration error -23
[   96.723299][ T6074] vhci_hcd: connection closed
[   96.723747][   T12] vhci_hcd: stop threads
[   96.734407][   T12] vhci_hcd: release socket
[   96.740046][   T12] vhci_hcd: disconnect device
[   96.872458][ T6099] random: crng reseeded on system resumption
[   96.887022][ T6099] netlink: 'syz.6.893': attribute type 1 has an invalid length.
[   96.971001][ T6104] loop6: detected capacity change from 0 to 8192
[   96.978843][ T6104] vfat: Unknown parameter 'GPL'
[   97.010709][ T6107] loop4: detected capacity change from 0 to 8192
[   97.020589][ T6107] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   97.105572][ T6121] netlink: 'syz.6.902': attribute type 10 has an invalid length.
[   97.152933][ T6126] loop4: detected capacity change from 0 to 512
[   97.161158][ T6126] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   97.193667][ T6126] EXT4-fs (loop4): failed to open journal device unknown-block(4,3) -6
[   97.196835][ T6127] loop6: detected capacity change from 0 to 1024
[   97.228078][ T6127] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.242269][ T6127] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.291657][ T6135] loop4: detected capacity change from 0 to 8192
[   97.301481][ T6135] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   97.328838][   T25] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   97.346473][ T6137] loop5: detected capacity change from 0 to 8192
[   97.354401][ T6137] vfat: Unknown parameter 'GPL'
[   97.360408][   T25] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[   97.375441][   T25] EXT4-fs (loop6): This should not happen!! Data will be lost
[   97.375441][   T25] 
[   97.388833][   T25] EXT4-fs (loop6): Total free blocks count 0
[   97.394979][   T25] EXT4-fs (loop6): Free/Dirty block details
[   97.401493][   T25] EXT4-fs (loop6): free_blocks=4293918720
[   97.408625][   T25] EXT4-fs (loop6): dirty_blocks=16
[   97.414241][   T25] EXT4-fs (loop6): Block reservation details
[   97.422154][   T25] EXT4-fs (loop6): i_reserved_data_blocks=1
[   97.429838][ T5759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.477320][ T6141] usb usb4: usbfs: interface 0 claimed by hub while 'syz.6.908' sets config #0
[   97.499418][ T6145] usb usb4: usbfs: interface 0 claimed by hub while 'syz.5.911' sets config #0
[   97.560277][ T6156] SELinux:  Context system_u:object_r:tpm_device_t:s0 is not valid (left unmapped).
[   97.715711][ T6165] random: crng reseeded on system resumption
[   97.758508][ T6168] random: crng reseeded on system resumption
[   97.900418][ T6172] loop3: detected capacity change from 0 to 8192
[   97.925645][ T6172] vfat: Unknown parameter 'GPL'
[   97.989886][ T6188] loop3: detected capacity change from 0 to 1024
[   98.025255][ T6188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.044017][ T6188] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.080747][ T6188] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.930: bg 0: block 393: padding at end of block bitmap is not set
[   98.126718][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.134214][ T6201] validate_nla: 2 callbacks suppressed
[   98.134259][ T6201] netlink: 'syz.2.932': attribute type 10 has an invalid length.
[   98.175008][ T6201] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.193260][ T6201] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   98.224648][ T6211] loop6: detected capacity change from 0 to 128
[   98.243461][ T6209] loop4: detected capacity change from 0 to 512
[   98.252450][ T6209] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   98.284408][ T6209] EXT4-fs (loop4): failed to open journal device unknown-block(4,3) -6
[   98.357706][ T6223] usb usb4: usbfs: interface 0 claimed by hub while 'syz.3.940' sets config #0
[   98.368240][ T6227] loop4: detected capacity change from 0 to 512
[   98.376742][ T6227] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   98.389023][ T6227] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   98.400568][ T6227] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[   98.411745][ T6227] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   98.423300][ T6227] System zones: 0-2, 18-18, 34-35
[   98.430315][ T6227] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.469576][ T6232] loop5: detected capacity change from 0 to 1024
[   98.487220][ T6232] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.501072][ T6232] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.519694][ T6232] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.944: bg 0: block 393: padding at end of block bitmap is not set
[   98.539290][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.550378][ T6237] loop3: detected capacity change from 0 to 1024
[   98.559845][ T6237] EXT4-fs: Ignoring removed nobh option
[   98.566584][ T6237] EXT4-fs: Ignoring removed bh option
[   98.575868][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.592698][ T6237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.650989][ T6246] loop4: detected capacity change from 0 to 1024
[   98.659845][ T6246] EXT4-fs: Ignoring removed nobh option
[   98.666328][ T6246] EXT4-fs: Ignoring removed bh option
[   98.677088][ T6246] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.696466][ T6245] loop5: detected capacity change from 0 to 1024
[   98.717598][ T6245] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.732059][ T6245] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.825568][ T3417] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   98.844210][ T3417] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[   98.858947][ T3417] EXT4-fs (loop5): This should not happen!! Data will be lost
[   98.858947][ T3417] 
[   98.870409][ T3417] EXT4-fs (loop5): Total free blocks count 0
[   98.878456][ T3417] EXT4-fs (loop5): Free/Dirty block details
[   98.885072][ T3417] EXT4-fs (loop5): free_blocks=4293918720
[   98.891472][ T3417] EXT4-fs (loop5): dirty_blocks=16
[   98.897254][ T3417] EXT4-fs (loop5): Block reservation details
[   98.904277][ T3417] EXT4-fs (loop5): i_reserved_data_blocks=1
[   98.913424][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.000413][ T6259] __nla_validate_parse: 15 callbacks suppressed
[   99.000431][ T6259] netlink: 100 bytes leftover after parsing attributes in process `syz.2.952'.
[   99.033984][ T6260] loop6: detected capacity change from 0 to 512
[   99.044998][ T6260] EXT4-fs (loop6): external journal device major/minor numbers have changed
[   99.089317][ T6260] EXT4-fs (loop6): failed to open journal device unknown-block(4,3) -6
[   99.111104][ T6268] netlink: 'syz.2.954': attribute type 13 has an invalid length.
[   99.264015][ T6279] loop6: detected capacity change from 0 to 512
[   99.272252][ T6279] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   99.282383][ T6279] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[   99.301189][ T6279] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[   99.314164][ T6279] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   99.324180][ T6279] System zones: 0-2, 18-18, 34-35
[   99.332315][ T6279] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.377654][   T87] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.406789][   T87] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.437644][ T5759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.459315][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.473485][   T87] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.486569][   T87] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.490079][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.592704][ T6292] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[   99.600135][ T6292] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   99.609518][ T6292] vhci_hcd vhci_hcd.0: Device attached
[   99.609759][ T6289] loop3: detected capacity change from 0 to 8192
[   99.626502][ T6292] netlink: 100 bytes leftover after parsing attributes in process `syz.6.961'.
[   99.643692][ T6292] siw: device registration error -23
[   99.654241][ T6289] vfat: Unknown parameter 'GPL'
[   99.706745][ T6293] vhci_hcd: connection closed
[   99.707008][ T3417] vhci_hcd: stop threads
[   99.717843][ T3417] vhci_hcd: release socket
[   99.722720][ T3417] vhci_hcd: disconnect device
[   99.733043][ T6299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.963'.
[   99.750862][ T6297] netlink: 28 bytes leftover after parsing attributes in process `syz.2.962'.
[   99.761300][ T6297] netlink: 4 bytes leftover after parsing attributes in process `syz.2.962'.
[   99.799035][ T6304] macvtap0: refused to change device tx_queue_len
[   99.866764][ T6312] loop2: detected capacity change from 0 to 512
[   99.874417][ T6312] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   99.885310][ T6312] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   99.895411][ T6308] loop3: detected capacity change from 0 to 8192
[   99.897038][ T6312] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[   99.906225][ T6308] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   99.924523][ T6312] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   99.937046][ T6312] System zones: 0-2, 18-18, 34-35
[   99.943790][ T6312] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.009309][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.031695][ T6325] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  100.039898][ T6325] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  100.048537][ T6325] vhci_hcd vhci_hcd.0: Device attached
[  100.059016][ T6325] netlink: 100 bytes leftover after parsing attributes in process `syz.2.970'.
[  100.070014][ T6329] loop5: detected capacity change from 0 to 1024
[  100.078465][ T6330] loop3: detected capacity change from 0 to 1024
[  100.088394][ T6330] EXT4-fs: Ignoring removed nobh option
[  100.094762][ T6330] EXT4-fs: Ignoring removed bh option
[  100.097341][ T6329] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.118114][ T6330] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.134066][ T6329] netlink: 'syz.5.971': attribute type 1 has an invalid length.
[  100.143081][ T6329] netlink: 224 bytes leftover after parsing attributes in process `syz.5.971'.
[  100.156533][ T6329] netlink: 12 bytes leftover after parsing attributes in process `syz.5.971'.
[  100.168222][ T6329] netlink: 32 bytes leftover after parsing attributes in process `syz.5.971'.
[  100.179894][ T6326] vhci_hcd: connection closed
[  100.180127][   T25] vhci_hcd: stop threads
[  100.190487][   T25] vhci_hcd: release socket
[  100.195996][   T25] vhci_hcd: disconnect device
[  100.225451][ T3412] vhci_hcd: vhci_device speed not set
[  100.351201][ T6339] loop4: detected capacity change from 0 to 8192
[  100.358867][ T6339] vfat: Unknown parameter 'GPL'
[  100.417325][ T6342] loop4: detected capacity change from 0 to 512
[  100.448608][ T6342] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  100.507214][ T6342] EXT4-fs (loop4): failed to open journal device unknown-block(4,3) -6
[  100.629033][ T6356] netlink: 28 bytes leftover after parsing attributes in process `syz.4.979'.
[  100.681457][ T6360] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.715603][   T30] kauditd_printk_skb: 560 callbacks suppressed
[  100.715621][   T30] audit: type=1326 audit(1758196921.988:9845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  100.776221][ T6360] loop4: detected capacity change from 0 to 512
[  100.790515][ T6360] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.811395][   T30] audit: type=1326 audit(1758196921.988:9846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  100.839196][   T30] audit: type=1326 audit(1758196921.988:9847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  100.865578][   T30] audit: type=1326 audit(1758196922.018:9848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  100.893716][   T30] audit: type=1326 audit(1758196922.038:9849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  100.921801][   T30] audit: type=1326 audit(1758196922.038:9850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  100.948055][   T30] audit: type=1326 audit(1758196922.038:9851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  100.976578][   T30] audit: type=1326 audit(1758196922.038:9852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  101.002195][   T30] audit: type=1326 audit(1758196922.038:9853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f749774eba9 code=0x7ffc0000
[  101.030349][   T30] audit: type=1326 audit(1758196922.038:9854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.4.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f749774ebe3 code=0x7ffc0000
[  101.067196][ T6360] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  101.090150][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.122499][ T6368] netlink: 'syz.3.984': attribute type 10 has an invalid length.
[  101.136309][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.153839][ T6368] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.167698][ T6368] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  101.212787][ T6379] FAULT_INJECTION: forcing a failure.
[  101.212787][ T6379] name failslab, interval 1, probability 0, space 0, times 0
[  101.227818][ T6379] CPU: 1 UID: 0 PID: 6379 Comm: syz.6.989 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  101.227864][ T6379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  101.227879][ T6379] Call Trace:
[  101.227885][ T6379]  <TASK>
[  101.227894][ T6379]  __dump_stack+0x1d/0x30
[  101.227920][ T6379]  dump_stack_lvl+0xe8/0x140
[  101.227945][ T6379]  dump_stack+0x15/0x1b
[  101.227965][ T6379]  should_fail_ex+0x265/0x280
[  101.227996][ T6379]  ? nfc_allocate_device+0xbd/0x2e0
[  101.228068][ T6379]  should_failslab+0x8c/0xb0
[  101.228094][ T6379]  __kmalloc_cache_noprof+0x4c/0x320
[  101.228221][ T6379]  ? __pfx_nci_transceive+0x10/0x10
[  101.228244][ T6379]  nfc_allocate_device+0xbd/0x2e0
[  101.228287][ T6379]  nci_allocate_device+0x13b/0x200
[  101.228318][ T6379]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  101.228363][ T6379]  virtual_ncidev_open+0x55/0x140
[  101.228392][ T6379]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  101.228498][ T6379]  misc_open+0x1d3/0x200
[  101.228594][ T6379]  chrdev_open+0x2e8/0x3a0
[  101.228631][ T6379]  do_dentry_open+0x649/0xa20
[  101.228665][ T6379]  ? __pfx_chrdev_open+0x10/0x10
[  101.228692][ T6379]  vfs_open+0x37/0x1e0
[  101.228823][ T6379]  path_openat+0x1c5e/0x2170
[  101.228857][ T6379]  do_filp_open+0x109/0x230
[  101.228890][ T6379]  do_sys_openat2+0xa6/0x110
[  101.228987][ T6379]  __x64_sys_openat+0xf2/0x120
[  101.229031][ T6379]  x64_sys_call+0x2e9c/0x2ff0
[  101.229059][ T6379]  do_syscall_64+0xd2/0x200
[  101.229101][ T6379]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  101.229160][ T6379]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.229199][ T6379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.229282][ T6379] RIP: 0033:0x7fe92c56eba9
[  101.229510][ T6379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.229538][ T6379] RSP: 002b:00007fe92afd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  101.229562][ T6379] RAX: ffffffffffffffda RBX: 00007fe92c7b5fa0 RCX: 00007fe92c56eba9
[  101.229578][ T6379] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  101.229594][ T6379] RBP: 00007fe92afd7090 R08: 0000000000000000 R09: 0000000000000000
[  101.229655][ T6379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.229669][ T6379] R13: 00007fe92c7b6038 R14: 00007fe92c7b5fa0 R15: 00007ffd932a2188
[  101.229694][ T6379]  </TASK>
[  101.231004][ T6373] usb usb4: usbfs: interface 0 claimed by hub while 'syz.5.985' sets config #0
[  101.294351][ T6383] tipc: Started in network mode
[  101.522717][ T6383] tipc: Node identity 0e5382a451f1, cluster identity 4711
[  101.531534][ T6383] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  101.557461][ T3303] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  101.576897][ T6394] netlink: 'syz.2.994': attribute type 10 has an invalid length.
[  101.602571][ T6397] netem: change failed
[  101.649482][ T6402] loop2: detected capacity change from 0 to 1024
[  101.691618][ T6402] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.691725][ T6387] tipc: Disabling bearer <eth:syzkaller0>
[  101.732776][ T6403] loop4: detected capacity change from 0 to 1024
[  101.740672][ T6402] ext4 filesystem being mounted at /221/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.748027][ T6401] loop6: detected capacity change from 0 to 8192
[  101.762999][ T6401] vfat: Unknown parameter 'GPL'
[  101.816926][ T6402] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.997: bg 0: block 393: padding at end of block bitmap is not set
[  101.840873][ T6403] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.867285][ T6403] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.902480][ T6410] loop5: detected capacity change from 0 to 1024
[  101.915642][ T6423] loop3: detected capacity change from 0 to 1024
[  101.936820][ T6423] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.966059][ T6422] loop2: detected capacity change from 0 to 8192
[  101.993336][ T6422] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  102.017092][   T87] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  102.036436][   T87] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  102.050626][   T87] EXT4-fs (loop4): This should not happen!! Data will be lost
[  102.050626][   T87] 
[  102.062086][   T87] EXT4-fs (loop4): Total free blocks count 0
[  102.071842][   T87] EXT4-fs (loop4): Free/Dirty block details
[  102.072899][ T6430] loop5: detected capacity change from 0 to 512
[  102.078586][   T87] EXT4-fs (loop4): free_blocks=4293918720
[  102.093141][   T87] EXT4-fs (loop4): dirty_blocks=16
[  102.093959][ T6430] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  102.101909][   T87] EXT4-fs (loop4): Block reservation details
[  102.112984][ T6430] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  102.120670][   T87] EXT4-fs (loop4): i_reserved_data_blocks=1
[  102.142572][ T6430] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  102.167178][ T6433] netlink: 'syz.2.1008': attribute type 10 has an invalid length.
[  102.181236][ T6430] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  102.190994][ T6430] System zones: 0-2, 18-18, 34-35
[  102.226936][ T6437] netlink: 'syz.2.1009': attribute type 13 has an invalid length.
[  102.238548][   T48] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  102.262599][   T48] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  102.279721][   T48] EXT4-fs (loop3): This should not happen!! Data will be lost
[  102.279721][   T48] 
[  102.293607][   T48] EXT4-fs (loop3): Total free blocks count 0
[  102.300830][   T48] EXT4-fs (loop3): Free/Dirty block details
[  102.307963][   T48] EXT4-fs (loop3): free_blocks=4293918720
[  102.314739][   T48] EXT4-fs (loop3): dirty_blocks=16
[  102.321157][   T48] EXT4-fs (loop3): Block reservation details
[  102.328935][   T48] EXT4-fs (loop3): i_reserved_data_blocks=1
[  102.450275][ T6443] loop3: detected capacity change from 0 to 1024
[  102.468650][ T6445] loop4: detected capacity change from 0 to 8192
[  102.483328][ T6445] vfat: Unknown parameter 'GPL'
[  102.555155][ T6458] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  102.562686][ T6458] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  102.574531][ T6458] vhci_hcd vhci_hcd.0: Device attached
[  102.602797][ T6458] siw: device registration error -23
[  102.640996][ T6466] loop3: detected capacity change from 0 to 8192
[  102.649113][ T6466] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  102.668996][ T6459] vhci_hcd: connection closed
[  102.669204][   T12] vhci_hcd: stop threads
[  102.679760][   T12] vhci_hcd: release socket
[  102.685598][   T12] vhci_hcd: disconnect device
[  102.749096][ T6470] loop3: detected capacity change from 0 to 8192
[  102.759176][ T6470] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  103.062392][ T6483] loop3: detected capacity change from 0 to 8192
[  103.070249][ T6483] vfat: Unknown parameter 'GPL'
[  103.227142][ T6497] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  103.234708][ T6497] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  103.244942][ T6497] vhci_hcd vhci_hcd.0: Device attached
[  103.263247][ T6497] siw: device registration error -23
[  103.283810][ T6502] syz.5.1035 uses obsolete (PF_INET,SOCK_PACKET)
[  103.344556][ T6500] infiniband syz!: set active
[  103.350363][ T6500] infiniband syz!: added team_slave_0
[  103.350859][ T6505] loop2: detected capacity change from 0 to 1024
[  103.366789][ T6499] vhci_hcd: connection closed
[  103.367092][ T6500] RDS/IB: syz!: added
[  103.367257][   T48] vhci_hcd: stop threads
[  103.374752][ T6500] smc: adding ib device syz! with port count 1
[  103.379694][   T48] vhci_hcd: release socket
[  103.384998][ T6500] smc:    ib device syz! port 1 has pnetid 
[  103.392354][   T48] vhci_hcd: disconnect device
[  103.416567][ T6505] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.428293][   T36] vhci_hcd: vhci_device speed not set
[  103.452735][ T6505] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1036: bg 0: block 393: padding at end of block bitmap is not set
[  103.677624][ T6523] loop2: detected capacity change from 0 to 1024
[  103.706425][ T6526] random: crng reseeded on system resumption
[  103.743600][ T6530] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6530 comm=syz.2.1045
[  103.838314][ T6536] loop5: detected capacity change from 0 to 8192
[  103.851870][ T6536] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  103.976035][ T6551] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  103.983824][ T6551] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  103.993130][ T6551] vhci_hcd vhci_hcd.0: Device attached
[  104.012404][ T6551] siw: device registration error -23
[  104.030379][ T6548] loop2: detected capacity change from 0 to 1024
[  104.087351][ T6553] vhci_hcd: connection closed
[  104.087532][   T12] vhci_hcd: stop threads
[  104.098499][   T12] vhci_hcd: release socket
[  104.104014][   T12] vhci_hcd: disconnect device
[  104.122965][ T6562] __nla_validate_parse: 17 callbacks suppressed
[  104.122987][ T6562] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1058'.
[  104.224727][ T6569] loop2: detected capacity change from 0 to 8192
[  104.233650][ T6569] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  104.268487][ T6577] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  104.275644][ T6577] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  104.285093][ T6577] vhci_hcd vhci_hcd.0: Device attached
[  104.301059][ T6577] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1065'.
[  104.322009][ T6577] siw: device registration error -23
[  104.385597][ T6586] loop2: detected capacity change from 0 to 8192
[  104.394376][ T6586] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  104.408988][ T6580] vhci_hcd: connection closed
[  104.436706][   T48] vhci_hcd: stop threads
[  104.448062][   T48] vhci_hcd: release socket
[  104.452558][   T48] vhci_hcd: disconnect device
[  104.481519][ T6593] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1071'.
[  104.520179][ T6599] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1073'.
[  104.530849][ T6599] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1073'.
[  104.566542][ T6601] loop2: detected capacity change from 0 to 1024
[  104.575775][ T6601] EXT4-fs: Ignoring removed nobh option
[  104.582025][ T6601] EXT4-fs: Ignoring removed bh option
[  104.651650][ T6608] random: crng reseeded on system resumption
[  104.666247][ T6608] netlink: 'syz.3.1075': attribute type 1 has an invalid length.
[  104.675129][ T6608] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1075'.
[  104.746626][ T6610] usb usb4: usbfs: interface 0 claimed by hub while 'syz.3.1076' sets config #0
[  104.849271][ T6615] loop3: detected capacity change from 0 to 1024
[  104.857535][ T6615] EXT4-fs: Ignoring removed nobh option
[  104.863636][ T6615] EXT4-fs: Ignoring removed bh option
[  104.993399][ T6621] loop4: detected capacity change from 0 to 1024
[  105.017082][ T6621] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.108028][   T12] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  105.125683][   T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  105.141282][   T12] EXT4-fs (loop4): This should not happen!! Data will be lost
[  105.141282][   T12] 
[  105.153293][   T12] EXT4-fs (loop4): Total free blocks count 0
[  105.160394][   T12] EXT4-fs (loop4): Free/Dirty block details
[  105.167901][   T12] EXT4-fs (loop4): free_blocks=4293918720
[  105.174985][   T12] EXT4-fs (loop4): dirty_blocks=16
[  105.181323][   T12] EXT4-fs (loop4): Block reservation details
[  105.188212][   T12] EXT4-fs (loop4): i_reserved_data_blocks=1
[  105.250803][ T6628] loop6: detected capacity change from 0 to 1024
[  105.270721][ T6628] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.293299][ T6628] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1081: bg 0: block 393: padding at end of block bitmap is not set
[  105.346976][ T6634] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1083'.
[  105.357791][ T6632] netlink: 'syz.4.1082': attribute type 2 has an invalid length.
[  105.415925][ T6642] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1087'.
[  105.481792][ T6646] loop2: detected capacity change from 0 to 512
[  105.500870][ T6646] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  105.511369][ T6654] loop5: detected capacity change from 0 to 1024
[  105.539905][ T6658] random: crng reseeded on system resumption
[  105.550667][ T6646] EXT4-fs (loop2): failed to open journal device unknown-block(4,3) -6
[  105.552161][ T6658] netlink: 'syz.4.1094': attribute type 1 has an invalid length.
[  105.569110][ T6658] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1094'.
[  105.602646][ T6654] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.627137][ T6654] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1092: bg 0: block 393: padding at end of block bitmap is not set
[  105.658899][ T6668] loop6: detected capacity change from 0 to 1024
[  105.667461][ T6668] EXT4-fs: Ignoring removed nobh option
[  105.674122][ T6668] EXT4-fs: Ignoring removed bh option
[  105.696037][ T6670] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1097'.
[  105.799307][   T30] kauditd_printk_skb: 843 callbacks suppressed
[  105.799322][   T30] audit: type=1326 audit(1758196927.068:10697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  105.835515][   T30] audit: type=1326 audit(1758196927.098:10698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  105.863167][   T30] audit: type=1326 audit(1758196927.098:10699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  105.892647][   T30] audit: type=1326 audit(1758196927.098:10700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  105.921558][   T30] audit: type=1326 audit(1758196927.098:10701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  105.923484][ T6680] loop3: detected capacity change from 0 to 8192
[  105.948808][   T30] audit: type=1326 audit(1758196927.098:10702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  105.949081][   T30] audit: type=1326 audit(1758196927.108:10703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  105.964644][ T6686] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  105.983959][   T30] audit: type=1326 audit(1758196927.108:10704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  106.010176][ T6686] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  106.010339][ T6686] vhci_hcd vhci_hcd.0: Device attached
[  106.017998][   T30] audit: type=1326 audit(1758196927.108:10705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  106.054984][ T6680] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  106.061468][   T30] audit: type=1326 audit(1758196927.108:10706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.5.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  106.129977][ T6686] siw: device registration error -23
[  106.167516][ T6694] loop2: detected capacity change from 0 to 8192
[  106.176419][ T6694] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  106.191828][ T6690] vhci_hcd: connection closed
[  106.193052][   T12] vhci_hcd: stop threads
[  106.203768][   T12] vhci_hcd: release socket
[  106.209511][   T12] vhci_hcd: disconnect device
[  106.225585][   T36] vhci_hcd: vhci_device speed not set
[  106.265060][ T6699] syzkaller0: refused to change device tx_queue_len
[  106.410983][ T6717] FAULT_INJECTION: forcing a failure.
[  106.410983][ T6717] name failslab, interval 1, probability 0, space 0, times 0
[  106.424649][ T6717] CPU: 0 UID: 0 PID: 6717 Comm: syz.2.1116 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.424705][ T6717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  106.424719][ T6717] Call Trace:
[  106.424728][ T6717]  <TASK>
[  106.424738][ T6717]  __dump_stack+0x1d/0x30
[  106.424765][ T6717]  dump_stack_lvl+0xe8/0x140
[  106.424790][ T6717]  dump_stack+0x15/0x1b
[  106.424810][ T6717]  should_fail_ex+0x265/0x280
[  106.424866][ T6717]  ? do_mq_timedreceive+0x23c/0x6d0
[  106.424928][ T6717]  should_failslab+0x8c/0xb0
[  106.424959][ T6717]  __kmalloc_cache_noprof+0x4c/0x320
[  106.425042][ T6717]  do_mq_timedreceive+0x23c/0x6d0
[  106.425075][ T6717]  __x64_sys_mq_timedreceive+0xc6/0x160
[  106.425160][ T6717]  x64_sys_call+0x2906/0x2ff0
[  106.425182][ T6717]  do_syscall_64+0xd2/0x200
[  106.425292][ T6717]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  106.425319][ T6717]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  106.425352][ T6717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.425374][ T6717] RIP: 0033:0x7f5e50c0eba9
[  106.425445][ T6717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.425484][ T6717] RSP: 002b:00007f5e4f677038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f3
[  106.425504][ T6717] RAX: ffffffffffffffda RBX: 00007f5e50e55fa0 RCX: 00007f5e50c0eba9
[  106.425516][ T6717] RDX: 0000000000018fe8 RSI: 000020000001d600 RDI: 0000000000000003
[  106.425529][ T6717] RBP: 00007f5e4f677090 R08: 0000000000000000 R09: 0000000000000000
[  106.425544][ T6717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.425556][ T6717] R13: 00007f5e50e56038 R14: 00007f5e50e55fa0 R15: 00007fffd26f7f88
[  106.425576][ T6717]  </TASK>
[  106.656743][ T6720] netlink: 'syz.4.1119': attribute type 13 has an invalid length.
[  106.729847][ T6723] loop3: detected capacity change from 0 to 1024
[  106.740440][ T6720] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.748663][ T6720] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.757646][ T6723] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.758879][ T6727] netlink: 'syz.6.1121': attribute type 13 has an invalid length.
[  106.807390][ T6720] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.819159][ T6720] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.933351][ T6727] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.941414][ T6727] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.980096][ T6745] netlink: 'syz.2.1128': attribute type 13 has an invalid length.
[  107.001176][ T6727] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.012984][ T6727] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  107.084135][   T48] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  107.096235][   T48] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  107.138761][   T48] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  107.161863][   T48] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  107.194029][ T3417] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  107.205947][ T3417] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  107.218390][ T3417] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  107.230743][ T3417] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  107.256334][   T48] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  107.274852][   T48] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  107.289195][   T48] EXT4-fs (loop3): This should not happen!! Data will be lost
[  107.289195][   T48] 
[  107.300593][   T48] EXT4-fs (loop3): Total free blocks count 0
[  107.308173][   T48] EXT4-fs (loop3): Free/Dirty block details
[  107.315773][   T48] EXT4-fs (loop3): free_blocks=4293918720
[  107.322519][   T48] EXT4-fs (loop3): dirty_blocks=16
[  107.328388][   T48] EXT4-fs (loop3): Block reservation details
[  107.335180][   T48] EXT4-fs (loop3): i_reserved_data_blocks=1
[  107.343914][ T6763] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(4)
[  107.351094][ T6763] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  107.359903][ T6763] vhci_hcd vhci_hcd.0: Device attached
[  107.404831][ T6763] siw: device registration error -23
[  107.411021][ T6772] loop2: detected capacity change from 0 to 512
[  107.418397][ T3313] EXT4-fs unmount: 21 callbacks suppressed
[  107.418417][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.425703][ T6772] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  107.446668][ T6772] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  107.459337][ T6772] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  107.471126][ T6772] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  107.484554][ T6765] vhci_hcd: connection closed
[  107.484880][ T3417] vhci_hcd: stop threads
[  107.487330][ T6772] System zones: 
[  107.490246][ T3417] vhci_hcd: release socket
[  107.495449][ T6772] 0-2, 18-18, 34-35
[  107.499770][ T3417] vhci_hcd: disconnect device
[  107.505722][ T6772] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.545391][   T36] vhci_hcd: vhci_device speed not set
[  107.608771][ T6782] loop5: detected capacity change from 0 to 1024
[  107.616548][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.636976][ T6788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.637071][ T6782] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.647182][ T6788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.663596][ T6782] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.693559][ T6782] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1139: bg 0: block 393: padding at end of block bitmap is not set
[  107.712190][ T6788] loop2: detected capacity change from 0 to 1024
[  107.748278][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.879927][ T6796] random: crng reseeded on system resumption
[  108.033511][ T6806] netlink: 'syz.6.1149': attribute type 13 has an invalid length.
[  108.131425][ T6808] netlink: 'syz.6.1150': attribute type 1 has an invalid length.
[  108.148253][ T6808] 8021q: adding VLAN 0 to HW filter on device bond1
[  108.239742][ T6826] loop6: detected capacity change from 0 to 1024
[  108.248495][ T6826] EXT4-fs: Ignoring removed nobh option
[  108.254757][ T6826] EXT4-fs: Ignoring removed bh option
[  108.277208][ T6826] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.684282][ T6842] loop5: detected capacity change from 0 to 512
[  108.692970][ T6842] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  108.742264][ T6842] EXT4-fs (loop5): failed to open journal device unknown-block(4,3) -6
[  108.753521][ T6845] netlink: 'syz.3.1164': attribute type 1 has an invalid length.
[  108.775075][ T6845] 8021q: adding VLAN 0 to HW filter on device bond1
[  108.864167][ T6852] loop5: detected capacity change from 0 to 8192
[  108.873490][ T6852] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  109.029379][ T5759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.063054][ T6872] loop3: detected capacity change from 0 to 512
[  109.087657][ T6872] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  109.132004][ T6876] netlink: 'syz.6.1176': attribute type 1 has an invalid length.
[  109.133955][ T6877] loop5: detected capacity change from 0 to 8192
[  109.157510][ T6876] 8021q: adding VLAN 0 to HW filter on device bond2
[  109.210593][ T6877] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  109.215515][ T6872] EXT4-fs (loop3): failed to open journal device unknown-block(4,3) -6
[  109.306669][ T6887] loop4: detected capacity change from 0 to 8192
[  109.325006][ T6887] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  109.337403][ T6900] __nla_validate_parse: 10 callbacks suppressed
[  109.337421][ T6900] netlink: 100 bytes leftover after parsing attributes in process `syz.6.1185'.
[  109.374244][ T6903] loop3: detected capacity change from 0 to 1024
[  109.423505][ T6903] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.588991][ T6903] veth0: entered promiscuous mode
[  109.597185][ T6902] veth0: left promiscuous mode
[  109.619948][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.630456][ T6913] loop5: detected capacity change from 0 to 2048
[  109.650335][ T6913] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  109.764549][ T6924] loop3: detected capacity change from 0 to 512
[  109.773045][ T6924] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  109.784025][ T6924] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  109.796134][ T6924] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  109.808444][ T6924] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  109.818282][ T6924] System zones: 0-2, 18-18, 34-35
[  109.824830][ T6924] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.905804][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.939684][ T6931] loop6: detected capacity change from 0 to 512
[  109.955732][ T6931] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  109.986551][ T6931] EXT4-fs (loop6): failed to open journal device unknown-block(4,3) -6
[  110.246148][ T6953] loop3: detected capacity change from 0 to 8192
[  110.265709][ T6953] vfat: Unknown parameter 'GPL'
[  110.314069][ T5536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  110.320140][ T6955] loop4: detected capacity change from 0 to 512
[  110.338233][ T6955] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  110.348951][ T6955] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  110.362060][ T6955] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  110.395496][ T6955] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  110.404946][ T6955] System zones: 0-2, 18-18, 34-35
[  110.411891][ T6955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.441161][ T6957] loop3: detected capacity change from 0 to 8192
[  110.446593][ T6964] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  110.450361][ T6957] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  110.456212][ T6964] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  110.456340][ T6964] vhci_hcd vhci_hcd.0: Device attached
[  110.490487][ T6964] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1209'.
[  110.516541][ T6964] siw: device registration error -23
[  110.523326][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.595188][ T6965] vhci_hcd: connection closed
[  110.595558][ T1888] vhci_hcd: stop threads
[  110.606308][ T1888] vhci_hcd: release socket
[  110.611211][ T1888] vhci_hcd: disconnect device
[  110.633199][ T6980] random: crng reseeded on system resumption
[  110.729145][ T3384] vhci_hcd: vhci_device speed not set
[  110.777577][ T6985] loop2: detected capacity change from 0 to 8192
[  110.785134][ T6985] vfat: Unknown parameter 'GPL'
[  110.875469][ T6991] loop3: detected capacity change from 0 to 512
[  110.905600][ T6991] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  110.914751][ T6995] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1221'.
[  110.952281][ T6991] EXT4-fs (loop3): failed to open journal device unknown-block(4,3) -6
[  110.987501][ T7003] loop2: detected capacity change from 0 to 512
[  110.996597][ T6998] netlink: 'syz.6.1222': attribute type 13 has an invalid length.
[  111.006344][ T7003] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  111.017567][ T7003] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  111.034468][ T7003] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  111.058856][ T7003] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  111.072079][ T7003] System zones: 0-2, 18-18, 34-35
[  111.085860][ T7003] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.207117][   T30] kauditd_printk_skb: 352 callbacks suppressed
[  111.207133][   T30] audit: type=1400 audit(1758196932.458:11059): avc:  denied  { create } for  pid=7009 comm="syz.6.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  111.248201][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.298864][ T7019] FAULT_INJECTION: forcing a failure.
[  111.298864][ T7019] name failslab, interval 1, probability 0, space 0, times 0
[  111.313176][ T7019] CPU: 0 UID: 0 PID: 7019 Comm: syz.2.1228 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  111.313208][ T7019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  111.313225][ T7019] Call Trace:
[  111.313232][ T7019]  <TASK>
[  111.313240][ T7019]  __dump_stack+0x1d/0x30
[  111.313305][ T7019]  dump_stack_lvl+0xe8/0x140
[  111.313325][ T7019]  dump_stack+0x15/0x1b
[  111.313341][ T7019]  should_fail_ex+0x265/0x280
[  111.313398][ T7019]  ? __se_sys_mount+0xef/0x2e0
[  111.313425][ T7019]  should_failslab+0x8c/0xb0
[  111.313457][ T7019]  __kmalloc_cache_noprof+0x4c/0x320
[  111.313500][ T7019]  ? memdup_user+0x99/0xd0
[  111.313527][ T7019]  __se_sys_mount+0xef/0x2e0
[  111.313553][ T7019]  ? fput+0x8f/0xc0
[  111.313613][ T7019]  ? ksys_write+0x192/0x1a0
[  111.313674][ T7019]  __x64_sys_mount+0x67/0x80
[  111.313705][ T7019]  x64_sys_call+0x2b4d/0x2ff0
[  111.313732][ T7019]  do_syscall_64+0xd2/0x200
[  111.313778][ T7019]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  111.313817][ T7019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.313844][ T7019] RIP: 0033:0x7f5e50c0eba9
[  111.313864][ T7019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.313888][ T7019] RSP: 002b:00007f5e4f677038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  111.313954][ T7019] RAX: ffffffffffffffda RBX: 00007f5e50e55fa0 RCX: 00007f5e50c0eba9
[  111.313969][ T7019] RDX: 0000200000000040 RSI: 0000200000000080 RDI: 0000000000000000
[  111.313984][ T7019] RBP: 00007f5e4f677090 R08: 0000200000000400 R09: 0000000000000000
[  111.313999][ T7019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.314014][ T7019] R13: 00007f5e50e56038 R14: 00007f5e50e55fa0 R15: 00007fffd26f7f88
[  111.314057][ T7019]  </TASK>
[  111.519080][   T30] audit: type=1400 audit(1758196932.568:11060): avc:  denied  { create } for  pid=7018 comm="syz.2.1228" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  111.546079][   T30] audit: type=1400 audit(1758196932.818:11061): avc:  denied  { unlink } for  pid=3309 comm="syz-executor" name="file0" dev="tmpfs" ino=1441 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  111.636957][ T7032] loop6: detected capacity change from 0 to 512
[  111.644836][ T7027] netlink: 'syz.2.1234': attribute type 13 has an invalid length.
[  111.656590][ T7032] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  111.667371][ T7032] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  111.687635][ T7032] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  111.705858][ T7032] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  111.724424][ T7032] System zones: 0-2, 18-18, 34-35
[  111.730972][ T7032] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.771195][ T7036] netlink: 'syz.3.1237': attribute type 13 has an invalid length.
[  111.808126][ T5759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.823820][   T30] audit: type=1326 audit(1758196933.088:11062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7041 comm="syz.5.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  111.851036][   T30] audit: type=1326 audit(1758196933.088:11063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7041 comm="syz.5.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  111.880495][   T30] audit: type=1326 audit(1758196933.088:11064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7041 comm="syz.5.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  111.908560][   T30] audit: type=1326 audit(1758196933.088:11065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7041 comm="syz.5.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  111.939659][   T30] audit: type=1326 audit(1758196933.118:11066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7041 comm="syz.5.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  111.967540][   T30] audit: type=1326 audit(1758196933.118:11067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7041 comm="syz.5.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  111.995572][   T30] audit: type=1326 audit(1758196933.118:11068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7041 comm="syz.5.1239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0ba4beba9 code=0x7ffc0000
[  112.031985][ T7036] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.040044][ T7036] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.101730][ T7036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.114103][ T7036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.122973][ T7051] netlink: 'syz.6.1241': attribute type 13 has an invalid length.
[  112.162602][ T3417] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.174525][ T3417] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.195413][ T3417] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.219189][ T3417] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.239351][ T7056] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  112.247744][ T7056] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  112.256505][ T7056] vhci_hcd vhci_hcd.0: Device attached
[  112.284494][ T7056] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1243'.
[  112.304743][ T7062] loop5: detected capacity change from 0 to 164
[  112.379567][ T7072] loop6: detected capacity change from 0 to 1024
[  112.389876][ T7057] vhci_hcd: connection closed
[  112.390317][ T3417] vhci_hcd: stop threads
[  112.401133][ T3417] vhci_hcd: release socket
[  112.405838][ T7075] loop4: detected capacity change from 0 to 512
[  112.406743][ T3417] vhci_hcd: disconnect device
[  112.420822][ T7075] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  112.432936][ T7075] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  112.441762][ T7072] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.443338][ T3384] vhci_hcd: vhci_device speed not set
[  112.470804][ T7075] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  112.481495][ T7075] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  112.491239][ T7075] System zones: 0-2, 18-18, 34-35
[  112.498049][ T7075] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.524591][ T5759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.535532][ T7085] netlink: 'syz.5.1252': attribute type 13 has an invalid length.
[  112.547543][ T7081] loop3: detected capacity change from 0 to 8192
[  112.564673][ T7081] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  112.578179][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.611043][ T7085] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.618862][ T7085] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.698480][ T7085] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.712454][ T7085] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.808316][ T7100] SELinux:  policydb version 280 does not match my version range 15-35
[  112.818947][ T7100] SELinux: failed to load policy
[  112.832051][ T7100] loop4: detected capacity change from 0 to 512
[  112.840833][ T7100] EXT4-fs (loop4): orphan cleanup on readonly fs
[  112.855367][ T7100] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #11: block 1728053262: comm syz.4.1259: lblock 0 mapped to illegal pblock 1728053262 (length 1)
[  112.878743][   T41] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.879197][ T7100] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  112.904356][ T7100] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.1259: corrupted inode contents
[  112.917416][   T41] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.936741][   T41] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.957618][ T7100] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #15: comm syz.4.1259: mark_inode_dirty error
[  112.982169][   T41] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  112.992178][ T7100] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #15: comm syz.4.1259: corrupted inode contents
[  113.007856][ T7100] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #15: comm syz.4.1259: mark_inode_dirty error
[  113.022166][ T7100] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #15: comm syz.4.1259: mark inode dirty (error -117)
[  113.060711][ T7100] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  113.089563][ T7100] EXT4-fs (loop4): 1 orphan inode deleted
[  113.097523][ T7100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  113.112676][ T7113] loop2: detected capacity change from 0 to 1024
[  113.143522][ T7113] EXT4-fs: Ignoring removed nobh option
[  113.150177][ T7113] EXT4-fs: Ignoring removed bh option
[  113.174465][ T7116] loop3: detected capacity change from 0 to 1024
[  113.182609][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.229399][ T7113] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.251807][ T7127] raw_sendmsg: syz.5.1267 forgot to set AF_INET. Fix it!
[  113.282873][ T7125] loop4: detected capacity change from 0 to 512
[  113.294028][ T7116] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.315818][ T7125] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1265: corrupted inode contents
[  113.341161][ T7116] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.354184][ T7134] random: crng reseeded on system resumption
[  113.355457][ T7125] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm syz.4.1265: mark_inode_dirty error
[  113.377048][ T7125] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1265: corrupted inode contents
[  113.392081][ T7125] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.1265: mark_inode_dirty error
[  113.407910][ T7125] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1265: corrupted inode contents
[  113.424234][ T7125] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  113.434602][ T7125] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1265: corrupted inode contents
[  113.448460][ T7125] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm syz.4.1265: mark_inode_dirty error
[  113.461095][ T7125] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  113.473051][ T7125] EXT4-fs (loop4): 1 truncate cleaned up
[  113.482682][ T7125] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.507475][ T7138] loop5: detected capacity change from 0 to 512
[  113.514694][   T25] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 1
[  113.526207][ T7138] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  113.529395][ T7125] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.561412][ T7125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.592126][ T7138] EXT4-fs (loop5): failed to open journal device unknown-block(4,3) -6
[  113.690828][   T25] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  113.721937][   T25] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  113.736335][   T25] EXT4-fs (loop3): This should not happen!! Data will be lost
[  113.736335][   T25] 
[  113.748204][   T25] EXT4-fs (loop3): Total free blocks count 0
[  113.754925][   T25] EXT4-fs (loop3): Free/Dirty block details
[  113.762904][   T25] EXT4-fs (loop3): free_blocks=4293918720
[  113.769021][   T25] EXT4-fs (loop3): dirty_blocks=16
[  113.774509][   T25] EXT4-fs (loop3): Block reservation details
[  113.781401][   T25] EXT4-fs (loop3): i_reserved_data_blocks=1
[  113.789707][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.823327][ T7146] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  113.831253][ T7146] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  113.839809][ T7146] vhci_hcd vhci_hcd.0: Device attached
[  113.852491][ T7146] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1271'.
[  113.869051][ T7146] siw: device registration error -23
[  113.930178][ T7147] vhci_hcd: connection closed
[  113.930551][   T12] vhci_hcd: stop threads
[  113.942352][   T12] vhci_hcd: release socket
[  113.947094][   T12] vhci_hcd: disconnect device
[  113.968950][ T7155] netlink: 'syz.6.1275': attribute type 13 has an invalid length.
[  114.018721][ T7160] 9pnet_fd: Insufficient options for proto=fd
[  114.088136][ T7167] random: crng reseeded on system resumption
[  114.133528][ T7168] loop4: detected capacity change from 0 to 8192
[  114.141896][ T7168] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  114.155206][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.246876][ T7181] loop6: detected capacity change from 0 to 1024
[  114.254258][ T7181] EXT4-fs: Ignoring removed nobh option
[  114.260694][ T7181] EXT4-fs: Ignoring removed bh option
[  114.260887][ T7178] loop2: detected capacity change from 0 to 8192
[  114.275980][ T7178] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  114.279983][ T7181] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.334565][ T7185] loop2: detected capacity change from 0 to 1024
[  114.348840][ T7185] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.365668][ T7185] ext4 filesystem being mounted at /277/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.382824][ T7185] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1286: bg 0: block 393: padding at end of block bitmap is not set
[  114.413595][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.479447][ T7191] loop4: detected capacity change from 0 to 1024
[  114.493033][ T7193] loop2: detected capacity change from 0 to 8192
[  114.500968][ T7193] vfat: Unknown parameter 'GPL'
[  114.513529][ T7196] loop3: detected capacity change from 0 to 512
[  114.522915][ T7196] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  114.533621][ T7196] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  114.551409][ T7196] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  114.565172][ T7196] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  114.577525][ T7196] System zones: 0-2, 18-18, 34-35
[  114.584422][ T7196] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.634573][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.757318][ T7223] netlink: 'syz.4.1302': attribute type 13 has an invalid length.
[  114.822385][ T7233] loop2: detected capacity change from 0 to 1024
[  114.838875][ T7227] loop3: detected capacity change from 0 to 1024
[  114.848450][ T7233] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.863326][ T7233] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.874260][ T7238] loop4: detected capacity change from 0 to 512
[  114.879710][ T7233] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1306: bg 0: block 393: padding at end of block bitmap is not set
[  114.903327][ T7238] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  114.915410][ T7238] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  114.936050][ T7238] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  114.951865][ T7238] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  114.952818][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.963064][ T7238] System zones: 0-2, 18-18, 34-35
[  114.980916][ T7238] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.035243][ T5759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.051470][ T7248] loop2: detected capacity change from 0 to 512
[  115.063442][ T7248] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  115.087051][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.128171][ T7248] EXT4-fs (loop2): failed to open journal device unknown-block(4,3) -6
[  115.212657][ T7265] ==================================================================
[  115.221670][ T7265] BUG: KCSAN: data-race in getrusage / vms_clear_ptes
[  115.231255][ T7265] 
[  115.234174][ T7265] write to 0xffff888109853518 of 8 bytes by task 7264 on cpu 0:
[  115.242452][ T7265]  vms_clear_ptes+0x18f/0x2d0
[  115.247360][ T7265]  vms_complete_munmap_vmas+0x159/0x440
[  115.253119][ T7265]  do_vmi_align_munmap+0x383/0x3d0
[  115.258817][ T7265]  do_vmi_munmap+0x1db/0x220
[  115.263900][ T7265]  __vm_munmap+0x1a1/0x280
[  115.268706][ T7265]  __x64_sys_munmap+0x36/0x50
[  115.273861][ T7265]  x64_sys_call+0x9c0/0x2ff0
[  115.280435][ T7265]  do_syscall_64+0xd2/0x200
[  115.285589][ T7265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.292206][ T7265] 
[  115.294934][ T7265] read to 0xffff888109853518 of 8 bytes by task 7265 on cpu 1:
[  115.303896][ T7265]  getrusage+0xa52/0xbb0
[  115.308649][ T7265]  io_sq_thread+0x5dd/0x1190
[  115.314011][ T7265]  ret_from_fork+0x11f/0x1b0
[  115.319255][ T7265]  ret_from_fork_asm+0x1a/0x30
[  115.324946][ T7265] 
[  115.327568][ T7265] value changed: 0x000000000000150c -> 0x00000000000016d6
[  115.336512][ T7265] 
[  115.339926][ T7265] Reported by Kernel Concurrency Sanitizer on:
[  115.347412][ T7265] CPU: 1 UID: 0 PID: 7265 Comm: iou-sqp-7264 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  115.359332][ T7265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  115.371271][ T7265] ==================================================================
[  115.382305][ T7264] loop2: detected capacity change from 0 to 512
[  115.390425][ T7264] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  115.425792][ T7264] EXT4-fs (loop2): failed to open journal device unknown-block(4,3) -6