last executing test programs:

6m45.407389119s ago: executing program 3 (id=288):
fspick(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)

6m45.331228699s ago: executing program 3 (id=289):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000000)={[{@nodioread_nolock}, {@inlinecrypt}, {@minixdf}, {@barrier}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3)

6m45.145308139s ago: executing program 3 (id=292):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000001480)='./file2\x00', 0x10, &(0x7f0000000000)=ANY=[], 0xff, 0x11f3, &(0x7f0000001b80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x101300, 0x0)

6m44.897809408s ago: executing program 3 (id=295):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x440, &(0x7f0000000340), 0x1, 0x58c, &(0x7f00000005c0)="$eJzs3T1sG2UfAPD/neO3X3mbvtL7Si+oQwVIRarqJP2AwtSuiEqVOiCxlMhxoyhOHMUONFGGdK8QHRCgLmWDgRHEwIBYkFhYWUDMSBWNQGo6gJG/0jaxg1OaOI1/P+nse+45+/88d/4/9p3u5AD61rHaQxrxTERcSiKGHqobiGblscZ6qytL+fsrS/kkqtXLvyaRRMS9laV8a/2k+XwoIpYj4v8R8U024kS6MW55YXFqrFgszDXLw5Xp2eHywuLJyemxicJEYeb0y6+cPXfm7Oip0c6Nz26trzd+uvnuje9fu33z08+OLuffH0vifAw26x7ux5PU2CbZOL9u+ZntCNZDSa8bwGPJNPO8lkr/i6HINLO+nerQjjYN2GbVfRHVrUiWt7Q6sJslW8t/YM9o/Q6oHf+2pp38/XHnQuMApBZ3tTk1agYa5yZif/3Y5OBvySNHJrXjzSM72VD2pOXrETEyMLDx8580P3+Pb+RJNJBt9fWFxo7auP/TtfEn2ow/g61zp/9Qa/xb3TD+PYif6TD+Xeoyxh9v/vxRx/jXI55tGz9Zi5+0iZ9GxFtdxr/1xpfnOtVVP444Hu3jtySbnx8evjpZLIw0HtvG+Or40Vc36//BDvEb52z3179m2m3/2S77/8W3nz+3vEn8F5/ffP+32/4HIuK9LuP/594nr3equ3M9uVv7FbDV/V9bdrvL+C+dP/Zjh6oDXb4FAAAAAAAAAADQRlq/li1Jc2vzaZrLNe7h/W8cTIulcuXE1dL8zHjjmrcjkU1bV1oNNcpJrTzavB63VT61rnw60wyYOVAv5/Kl4niP+w4AAAAAAAAAAAAAAAAAAAC7xaF19///nqnf/7/+76qBvarzX34De538h/71aP4nPWsHsPN8/0Pfqsp/6F/yH/qX/If+Jf+hf8l/6F/yH/qX/AcAAAAAAAAAAAAAAAAAAAAAAAAAgG1x6eLF2lS9v7KUr5XHBxbmp0pvnxwvlKdy0/P5XL40N5ubKJUmioVcvjT9d+9XLJVmR2Jm/tpwpVCuDJcXFq9Ml+ZnKlcmp8cmClcK2R3pFQAAAAAAAAAAAAAAAAAAADxdButTkuYiIq3Pp2kuF/HviDgS2eTqZLEwEhGHI+KHTHZfrTza60YDAAAAAAAAAAAAAAAAAADAHlNeWJwaKxYLc30yM7BhyXedV46I5SfbjNo7bvlV2ea+2i3b8GmbObw7mvGUzfR4YAIAAAAAAAAAAAAAAAAAgD704Kbfbl/x5/Y2CAAAAAAAAAAAAAAAAAAAAPpS+ksSEbXp+NALg+tr/5WsZurPEfHOrcsfXBurVOZGa8vvri2vfNhcfqoX7Qe61crTVh4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5QXFqfGisXC3DbO9LqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/jrwAAAP//iG/XoQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x161090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000c80)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x21af8d1, 0x0)

6m44.782015708s ago: executing program 3 (id=297):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000001400)={0x8, 0x120, 0xfa00, {0x2, {0x7fffffff, 0x9, "61394fda195b3909670b803238bf9ee8945c70c20bf56dece2292c0dae30a37b7aa39647178a54ffa76837c63323be1d57d0cc321fcd206fc61e389040c02efe0a2262e5e14959ad3548674a5098da896d23dad91a6ca63149e6580f55549f94fc1a67277905b417ce6d0e6832c38bef240251b7a5208ec3f8e478c762424368a83f84c4e8775ad56b60c4fc67e70a55f494c305db876192090ab7336c596f1c5fc89164441c7f0d0ae87b0deb96d46d66e0dbd0072465bcdd53a70a6ac154df6c1fa4346a161bbcec0cf21d0d7b8ffb30323ee39af358216fadeb06a8a4353d1f68e96771bb7e7def54fde897692317a4c3728508babcbddaba3ea03b360ed2", 0x6, 0x18, 0x7, 0x0, 0x9, 0x8, 0x7}}}, 0x128)

6m44.100269446s ago: executing program 3 (id=304):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
syz_mount_image$msdos(&(0x7f0000003a40), &(0x7f0000000f00)='.\x00', 0x1a0a438, &(0x7f0000000080)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

6m44.089441286s ago: executing program 32 (id=304):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
syz_mount_image$msdos(&(0x7f0000003a40), &(0x7f0000000f00)='.\x00', 0x1a0a438, &(0x7f0000000080)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

5m1.712564106s ago: executing program 1 (id=2649):
unshare(0x2a020480)

5m1.661096676s ago: executing program 1 (id=2650):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)

5m1.558005196s ago: executing program 1 (id=2653):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc8000, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x80001, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

5m1.463503796s ago: executing program 1 (id=2655):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x80, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x0, 0x0, @buffer={0x2, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
bpf$LINK_DETACH(0x22, &(0x7f00000001c0)=r3, 0x4)

5m1.155107025s ago: executing program 1 (id=2658):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x0, &(0x7f0000000280)={[{@inlinecrypt}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@nombcache}, {@data_err_abort}, {@sysvgroups}, {@dioread_nolock}, {@init_itable_val={'init_itable', 0x3d, 0x7}}]}, 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000000500"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
write$cgroup_int(r2, &(0x7f0000000000), 0xfffffd26)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x401c5820, &(0x7f00000001c0)=0x8)

5m0.726454064s ago: executing program 1 (id=2668):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000880)={0x14, r2, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x14}}, 0x20004020)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000001cc0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@access_uid}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@access_uid}]}})

4m45.675370587s ago: executing program 33 (id=2668):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000880)={0x14, r2, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x14}}, 0x20004020)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000001cc0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@access_uid}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@access_uid}]}})

53.054517309s ago: executing program 2 (id=7275):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x11c, 0xffffffffffffffff})
r1 = gettid()
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x320, 0x8, 0x7f02ae, 0x0, 0x200, 0x3f0, 0x2e8, 0x2e8, 0x3f0, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x300, 0x320, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @fd}, @common=@hl={{0x28}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private2, [], [], 'veth0_to_team\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r5, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
preadv(r4, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/257, 0x101}], 0x1, 0x8000, 0xc)

52.114603127s ago: executing program 2 (id=7294):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = socket$kcm(0x2, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
times(0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}]}, 0xff, 0x241, &(0x7f0000001cc0)="$eJzs3T1oLFUYBuB3Zne9N/cuctVGEH9ARDQQrp1gExuFgIQgIqgQEbFREiEm2CVWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7CQSkxXUjTviPA/Mzg/nzHeGmffsNsMGaK1rSWaTdJJMJ+klKU43uKterh3vbk7tLiaDweM/FsN29X7tpN/VJBtJHkyyUxZ5sZusbT998PPeo/e+sdq7573tp6YmepHHDg/2Hzt6d/71D+ceWPv8y+/ni8ym/4frunjFiGPdIrn53yj2H1F0mx4Bf8XCqx98VeX+liR3D/PfS5n65r25csNOL/e/82d93/rhi9smOVbg4g0Gveo7cGMAtE6ZpJ+inElSb5flzEz9G/7rzpXypeWVV6ZfWF5der7pmQq4KP1k/5GPL3109Uz+v+vU+Qf+v6r8P7Gw9U21fdRpejTARNxer6r8Tz+7fl/kH1pH/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/aS/6hvU7nHwBol8Glpt9ABprS9PwDAAAAAAAAAAAAAAAAAACctzm1u3iyTKrmp28nhw8n6Y6q3xn+H3Fyefh55aeiava7ou42lmfuHPMEY3q/4bevb/y22fqf3dFs/fWlZOO1JNe73fPPX3H8/P1zN404dvnUdu+5MQv8TcWZ/YeenGz9s37darb+3F7ySTX/XB81/5S5dbgePf/0q/s3Zv2XfxnzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEzMbwEAAP//lf1tTw==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpgid(0xffffffffffffffff)

51.992825487s ago: executing program 2 (id=7296):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f00000001c0)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
utimes(&(0x7f00000005c0)='./file0\x00', 0x0)

51.672078166s ago: executing program 2 (id=7301):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000880)=@newqdisc={0xf8, 0x24, 0xf0b, 0x18000000, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xe}, {0xffff, 0xffff}, {0x0, 0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xc8, 0x2, {{0x0, 0x0, 0x0, 0x1, 0x5, 0xf}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x3, 0x401, 0x40, 0xf, 0x101}}]}, @TCA_NETEM_CORR={0x10, 0x1, {0x2, 0xe8, 0x18a}}, @TCA_NETEM_RATE64={0xc, 0x8, 0x2d6ca6cddc1df37}, @TCA_NETEM_RATE={0x14, 0x6, {0x3, 0x8, 0x3ff, 0x800}}, @TCA_NETEM_RATE={0x14, 0x6, {0x8, 0x7ed, 0x0, 0x80}}, @TCA_NETEM_ECN={0x8}, @TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x7, 0x9, 0xfffffff9, 0x4}}, @NETEM_LOSS_GI={0x18, 0x1, {0x2, 0x3, 0xfffffff9, 0xc64, 0xa}}]}, @TCA_NETEM_REORDER={0xc, 0x3, {0x8000, 0x1}}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4048005}, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000180)={[{@journal_dev={'journal_dev', 0x3d, 0x3}}]}, 0x0, 0x537, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPCvJ4mTbtNmF3qACtgFCgtarb3xtlHVC90LCFWVEIgD4rANiTcKseMQO1UTIpH+DXDgCn8CByQOSD1x4MYRiQNCKgekBSLQBgkkoxlPUm/idL2Nf0D8+UijmTfPM9/3ksy8mefJvAAm1o2IOIiIYkS8FREL+fpCPsXrnSn93KPD/ZWjw/2VQrTb3/pbIctP10XXNqln833ORcQ3vxbxvcLZuM3dvY3lWq26nafLrfpWubm7d3u9vrxWXatuVipLi0t3Xr37SmVgdb1e/8XDr66/8e1f/+rT7//u4Ms/TIs1n+d112OQOlWfOYmTmo6IN4YRbAym8nlxzOXgo0ki4mMR8bns+F+IqeyvEwC4zNrthWgvdKcBgMsuyfrACkkp7wuYjyQplTp9eC/ElaTWaLZuPWjsbK52+squxkzyYL1WvXNt9g8/yK4YZgppejHLy/KzdOVU+m5EXIuIn8w+k6VLK43a6vguewBgoj17qv3/52yn/e9Dj2/1AID/G3PjLgAAMHLafwCYPNp/AJg8fbT/+Zf9B0MvCwAwGk9x/58MsxwAwOjo/weAyaP9B4CJ8o0330yn9lH+/uvVt3d3Nhpv316tNjdK9Z2V0kpje6u01misZe/sqT9pf7VGY2vx5dh5p9yqNlvl5u7e/XpjZ7N1P3uv9/3qzEhqBQB8mGvX3/t9ISIOXnsmm6JrLAdtNVxunueByeUlfjC5jPYFk6v/e/zfDrUcwPj0vA+Y67n4uJ8+RRDPGcH/lJuf7L//3xjPcLno/4fJNfWRtpodeDmA0dP/D5Or3S6cHvO/eJIFAFxKF3jGv/2jQV2EAGP1pOeAB/L9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwy8xHx/SgkpXws8PlIklIp4rmIuBozhQfrteqdiHg+rkfEzGyaXhx3oQGAC0r+UsjH/7q58NL86dxi4V/ZYP/FtPXP120vpuv/frJ+9nj4sMoH211gXEEAYMDeWW61tiv5vOtG/tHh/srxNMryPLwX/8mHIl45OtzPpk7OdExn87nsWuLKPwp5ujMW6YsRMTWA+AfvRsQnetW/kPWNXM1HPu2OH3ns50YaP3ksfpLldebpxdfHB1AWmDTv3YuI13sdf0ncyOa9j/+57Ax1cQ/vdXZ2fO47OtwvHsc/Pv9N9YifHvM3+o3x8m++fmZle6GT927Ei9OPxT85/xzHL5wT/6U+4//xU5/58VfOyWv/LOJm9I7fHavcqm+Vm7t7t9fry2vVtepmpbK0uHTn1buvVMpZH3X5uKf6rL++duv588qW1v/KOfHneta/eLLtF/qs/8///dZ3P/sh8b/0+V7xk3ihZ/yOtE38Yp/xl6/88tzhu9P4q+fU/0m//1t9xn//z3urfX4UABiB5u7exnKtVt2+0EJ6FzqI/ZxZSIs40B32WCh2Ff5PMdxYT7UwM6yf6tAXpk+uFQe75++kexxxdZKB1+JCC49GFWu85yVg+D446MddEgAAAAAAAAAAAAAA4Dyj+NelcdcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+u/AQAA//9xkcaD")
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000004000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000b1e7e5f5096787143b39ffffb703100008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
quotactl$Q_SETQUOTA(0xffffffff80000900, &(0x7f0000000c80)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0xc)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r8, 0x400, 0x70bd2c, 0x25dfdbfc, {{}, {}, {0x14, 0x17, {0x0, 0x3, @l2={'eth', 0x3a, 'wg1\x00'}}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)
r9 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r9, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r10 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r10, 0x6, 0x0, 0x0, 0x0)
r11 = fsmount(r10, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x200000000, 0x0, 0x0, 0x0, {0x3a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r11}}, 0x58)
sendmsg$rds(r9, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000004680)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000002bc0)=[{&(0x7f0000001900)=""/135, 0x87}], 0x1}}], 0x48}, 0x0)
r12 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r13 = add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f00000001c0)="a6", 0x1, r12)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r12, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@keyring={'key_or_keyring:', r13})
keyctl$restrict_keyring(0x1d, r12, &(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000040)='-%\x00')
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x2674, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

51.481105936s ago: executing program 2 (id=7308):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="fdffffffffffffff", @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
openat$binfmt_register(0xffffff9c, &(0x7f0000000080), 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
r2 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000140)={{{@in6=@local, @in6=@empty, 0x0, 0x0, 0x0, 0x100, 0x2}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x826}, {0xfffffffffffffffc, 0x0, 0x0, 0xc4a}, 0x0, 0x4, 0x1, 0x0, 0x0, 0x1}, {{@in6=@local, 0x0, 0x33}, 0x0, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3503, 0x4, 0x2, 0x4, 0x0, 0xb, 0x1}}, 0xe8)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'syzkaller0\x00'})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
fdatasync(r4)

50.673980893s ago: executing program 2 (id=7325):
preadv2(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000280)=""/119, 0x77}, {&(0x7f0000000040)=""/52, 0x34}, {0x0}], 0x3, 0x2, 0xfffffff7, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x75, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r3}, 0x69)

50.662170573s ago: executing program 34 (id=7325):
preadv2(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000280)=""/119, 0x77}, {&(0x7f0000000040)=""/52, 0x34}, {0x0}], 0x3, 0x2, 0xfffffff7, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x75, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r3}, 0x69)

3.074024038s ago: executing program 4 (id=8075):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32, @ANYBLOB="0a0001"], 0x48}}, 0x0)

2.940275067s ago: executing program 4 (id=8078):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x11c, 0xffffffffffffffff})
r1 = gettid()
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r5, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
preadv(r4, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/257, 0x101}], 0x1, 0x8000, 0xc)

2.222545325s ago: executing program 0 (id=8089):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x80003, 0x0)
write(r1, &(0x7f0000000000)="850000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd0000", 0x23)
dup2(r0, r1)

2.176408425s ago: executing program 0 (id=8090):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x11c, 0xffffffffffffffff})
r1 = gettid()
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x320, 0x8, 0x7f02ae, 0x0, 0x200, 0x3f0, 0x2e8, 0x2e8, 0x3f0, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x300, 0x320, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @fd}, @common=@hl={{0x28}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private2, [], [], 'veth0_to_team\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f00000005c0)='mm_page_free\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'})
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r6, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
preadv(r5, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/257, 0x101}], 0x1, 0x8000, 0xc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='kmem_cache_free\x00', r7}, 0x18)
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r8, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x2}, 0x8)

1.800773015s ago: executing program 4 (id=8096):
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1050f0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2904, 0x4, 0x4, 0x0, 0x0, 0xfffffffe, 0xffff, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x0)

1.766423825s ago: executing program 4 (id=8098):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000180)={[{@journal_dev={'journal_dev', 0x3d, 0x3}}]}, 0x0, 0x537, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPCvJ4mTbtNmF3qACtgFCgtarb3xtlHVC90LCFWVEIgD4rANiTcKseMQO1UTIpH+DXDgCn8CByQOSD1x4MYRiQNCKgekBSLQBgkkoxlPUm/idL2Nf0D8+UijmTfPM9/3ksy8mefJvAAm1o2IOIiIYkS8FREL+fpCPsXrnSn93KPD/ZWjw/2VQrTb3/pbIctP10XXNqln833ORcQ3vxbxvcLZuM3dvY3lWq26nafLrfpWubm7d3u9vrxWXatuVipLi0t3Xr37SmVgdb1e/8XDr66/8e1f/+rT7//u4Ms/TIs1n+d112OQOlWfOYmTmo6IN4YRbAym8nlxzOXgo0ki4mMR8bns+F+IqeyvEwC4zNrthWgvdKcBgMsuyfrACkkp7wuYjyQplTp9eC/ElaTWaLZuPWjsbK52+squxkzyYL1WvXNt9g8/yK4YZgppejHLy/KzdOVU+m5EXIuIn8w+k6VLK43a6vguewBgoj17qv3/52yn/e9Dj2/1AID/G3PjLgAAMHLafwCYPNp/AJg8fbT/+Zf9B0MvCwAwGk9x/58MsxwAwOjo/weAyaP9B4CJ8o0330yn9lH+/uvVt3d3Nhpv316tNjdK9Z2V0kpje6u01misZe/sqT9pf7VGY2vx5dh5p9yqNlvl5u7e/XpjZ7N1P3uv9/3qzEhqBQB8mGvX3/t9ISIOXnsmm6JrLAdtNVxunueByeUlfjC5jPYFk6v/e/zfDrUcwPj0vA+Y67n4uJ8+RRDPGcH/lJuf7L//3xjPcLno/4fJNfWRtpodeDmA0dP/D5Or3S6cHvO/eJIFAFxKF3jGv/2jQV2EAGP1pOeAB/L9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwy8xHx/SgkpXws8PlIklIp4rmIuBozhQfrteqdiHg+rkfEzGyaXhx3oQGAC0r+UsjH/7q58NL86dxi4V/ZYP/FtPXP120vpuv/frJ+9nj4sMoH211gXEEAYMDeWW61tiv5vOtG/tHh/srxNMryPLwX/8mHIl45OtzPpk7OdExn87nsWuLKPwp5ujMW6YsRMTWA+AfvRsQnetW/kPWNXM1HPu2OH3ns50YaP3ksfpLldebpxdfHB1AWmDTv3YuI13sdf0ncyOa9j/+57Ax1cQ/vdXZ2fO47OtwvHsc/Pv9N9YifHvM3+o3x8m++fmZle6GT927Ei9OPxT85/xzHL5wT/6U+4//xU5/58VfOyWv/LOJm9I7fHavcqm+Vm7t7t9fry2vVtepmpbK0uHTn1buvVMpZH3X5uKf6rL++duv588qW1v/KOfHneta/eLLtF/qs/8///dZ3P/sh8b/0+V7xk3ihZ/yOtE38Yp/xl6/88tzhu9P4q+fU/0m//1t9xn//z3urfX4UABiB5u7exnKtVt2+0EJ6FzqI/ZxZSIs40B32WCh2Ff5PMdxYT7UwM6yf6tAXpk+uFQe75++kexxxdZKB1+JCC49GFWu85yVg+D446MddEgAAAAAAAAAAAAAA4Dyj+NelcdcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+u/AQAA//9xkcaD")
quotactl$Q_SETQUOTA(0xffffffff80000900, &(0x7f0000000c80)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

1.657607794s ago: executing program 7 (id=8103):
r0 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchmodat(r1, &(0x7f00000000c0)='./file0\x00', 0x0)
open(&(0x7f0000000040)='.\x00', 0x418601, 0x8)

1.629581164s ago: executing program 4 (id=8105):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x2, 0x5, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000680)="03", 0x1}], 0x1}], 0x1, 0x880)
sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000001c0)=[{0x0, 0x2}], 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c0000000000000002002b0388edb6556900"/51, @ANYRES32=0x0], 0x30}], 0x1, 0x0)
socket(0x2, 0x80805, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mknodat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x200, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810)

1.445954894s ago: executing program 7 (id=8107):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r1, 0x200, &(0x7f0000000080)={0x0, 0x300})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x3, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000008c0)='page_pool_state_hold\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000008c0)='page_pool_state_hold\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r5, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)

1.370500643s ago: executing program 7 (id=8108):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx  \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1050f0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2904, 0x4, 0x4, 0x0, 0x0, 0xfffffffe, 0xffff, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x0)

1.369844333s ago: executing program 7 (id=8109):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000540), 0x84)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000080), 0x9}, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1e, 0x12, r3, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000200)={[{@i_version}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@data_err_abort}], [{@seclabel}]}, 0x1, 0x43d, &(0x7f0000000900)="$eJzs281vG0UbAPBn7SR9+/FSU5WPpgUCBRHxkTRpKT1wAYHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFrgYrTZ3cR27LQOTlzw7ydtMrM7zszj3bFnZ7IB9K2R9EcSsS8ifomI/Vm2scBI9uvmytL0HytL00nUaq//nqyWu7GyNF0ULV63t8gMRJQ+TuJwi3oXLl0+N1Wtzl7M8+OL598ZX7h0+em581NnZ8/OXpg8derE8YlnT04+05U407huDL8/f+TQy29efXX69NW3fvgqKeJviqNLRjY7+Fit1uXqeuv/delkoIcNoSPlrJvG4Gr/3x/lWD95++Olj3raOGBb1Wq12r3tDy/XgP+wJHrdAqA3ii/69P632HZo6HFHuP58dgOUxn0z37IjA1HKyww23d9200hEnF7+8/N0i+2ZhwAAaPBNOv55Kh//NSz8lKJ+XuiufA2lEhF3R8SBiDgZEQcj4p6I1bL3RcT9HdbfvEiycfxTutbhn+xIOv57Ll/bahz/FaO/qJQj/iqGy5UYTM7MVWeP5e/JaAzuSvMTm9Tx7Ys/f9ruWP34L93S+ouxYN6OawO7Gl8zM7U49U9irnf9w4jhgVbxJ2srAellcSgihrdYx9wTXx5pd+zW8Tcaqs90YZ2p9kXE49n5X46m+AvJ5uuT4/+L6uyx8eKq2OjHn6681q7+TuPvtvT872l5/a/FX0nq12sXOq/jyq+ftL2n2er1P5S80bDvvanFxYsTEUPJK1mj6/dPNpWbXC+fxj96tHX/PxDr78ThiEgv4gci4sGIeChv+8MR8UhEHN0k/u9fePTtxj1JB/FvrzT+mY7O/3piKJr3tE6Uz333dUOllegg/vT8n1hNjeZ7bufz73batbWrGQAAAP59ShGxL5LS2Fq6VBoby/6H/2DsKVXnFxafPDP/7oWZ7BmBSgyWipmubD44mw+dyG/ri/xkU/54Pm/8WXn3an5ser460+vgoc/tbdP/U7+Ve906YNt5Xgv6l/4P/Uv/h/6l/0P/atH/d/eiHcDOa/X9/0EP2gHsvKb+b9kP+oj7f+hf+j/0L/0f+tLC7rj1Q/ISEhsSUbojmiGxTYlefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0x98BAAD///1B6is=")
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="00d7f2687351e9091c9497000800000085001000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r5=>0x0})
bind$can_j1939(r3, &(0x7f00000002c0)={0x1d, r5, 0x2, {0x0, 0xf0, 0x4}, 0xfe}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)

1.008103752s ago: executing program 0 (id=8110):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1f, 0x0, "4a349800000000806913220909000909000a48"}) (async)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x7e)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000002880)=0x9)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20) (async)
r4 = memfd_secret(0x0) (async)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r4)
ioctl$SCSI_IOCTL_GET_PCI(r6, 0x2284, &(0x7f0000000000))
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) (async)
r8 = socket(0x2, 0x3, 0xff)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) (async)
connect$inet(r8, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) (async)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r7, r9, 0x0) (async)
sendmsg$key(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x18}}, 0x20) (async)
r10 = socket$netlink(0x10, 0x3, 0x0) (async)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r11, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="4000000010001fff000000008000000000000000", @ANYRES32=r3, @ANYBLOB="00000091da6f50d7b4e3b200"/36, @ANYRES32=r12, @ANYBLOB="b5c53f84b15b355a7293b09daac25ef199a2e675b0671c00aa6baea7"], 0x40}, 0x1, 0x0, 0x0, 0x24008090}, 0x4080)

957.702942ms ago: executing program 7 (id=8111):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000000), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x18c, 0x203, 0x8000000, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

919.254462ms ago: executing program 0 (id=8112):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb790789005e107538e486dd6317ce22000000fffe800000000000"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)

759.827962ms ago: executing program 6 (id=8114):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x21, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4000000, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])

697.525502ms ago: executing program 5 (id=8115):
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

673.072482ms ago: executing program 7 (id=8116):
r0 = socket(0x2, 0x5, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000680)="03", 0x1}], 0x1}], 0x1, 0x880)
sendmmsg$inet_sctp(r0, &(0x7f0000000bc0), 0x0, 0x0)

631.824561ms ago: executing program 5 (id=8117):
r0 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchmodat(r1, &(0x7f00000000c0)='./file0\x00', 0x0)
open(&(0x7f0000000040)='.\x00', 0x418601, 0x8)

617.130551ms ago: executing program 6 (id=8118):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f00000003c0)='./mnt\x00', 0x0) (fail_nth: 1)

594.983241ms ago: executing program 5 (id=8119):
unshare(0x66000080)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00100000000039000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000018000000000000000018110000", @ANYRESDEC=r0, @ANYRES64=r0], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='mm_page_alloc\x00', r1}, 0x10) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="5800000010000104000020000000000000000000", @ANYRES32=0x0, @ANYBLOB="2b12020000000000280012800b00010067656e6576650000180002"], 0x58}}, 0x0)

429.791801ms ago: executing program 0 (id=8120):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
r1 = socket(0x10, 0x3, 0x9)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000"], 0x28}}, 0x24080880)
bind$rxrpc(r0, 0x0, 0x0)

365.944831ms ago: executing program 5 (id=8121):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b0000000700000006000000080000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, 0x0)

289.343251ms ago: executing program 5 (id=8122):
r0 = socket(0x2, 0x5, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000680)}], 0x1}], 0x1, 0x880)

276.488921ms ago: executing program 4 (id=8123):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x3, 0x4)
dup(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006", @ANYRESOCT=r0, @ANYBLOB="624a43a1ea185f86a7ef90c8b52b0b4511479231530c20ecc0d4301a4de249e9d4287a596d39032e9f76bf5cda9ef995f686e61ee070a0fc137762af216f4abee04b61ec935297b2fc6a5debabcb2d704b74024b90e2a4b4a8c514b197174c85ae24ff4279210734df00fad6bb5e4a32eebbfcacf2732d6a00ffd472a919a089b3"], 0x48)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x16, "ca2b5718d452c196000000000000f7ffffff00"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup3(r3, r2, 0x0)
read$watch_queue(r4, &(0x7f00000016c0)=""/4109, 0x100d)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x9)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r5}, 0x18)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
r6 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r6, 0x567, 0x60, 0x0, 0x0, 0x0)

254.793711ms ago: executing program 0 (id=8124):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x2, 0x5, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000680)="03", 0x1}], 0x1}], 0x1, 0x880)
sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000001c0)=[{0x0, 0x2}], 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c0000000000000002002b0388edb6556900"/51, @ANYRES32=0x0], 0x30}], 0x1, 0x0)
socket(0x2, 0x80805, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mknodat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x200, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810)

254.522221ms ago: executing program 6 (id=8125):
pipe2$9p(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x840)
io_uring_enter(0xffffffffffffffff, 0x184c, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="2100000000000000000000000000100000040000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="000000000000000200b5b20000000000000000020000000000"], 0x48)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
socket$unix(0x1, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00"/11], 0x48)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x4000054)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a00000000000000000000000000000900010073797a30000000002c000000030a00000000000000000000000000000900010073797a30000000000900030073797a30000000006c000000060a000000000000000000000000000008000b4000000000440004802c0001800a0001006c696d69740000001c0002800c00014000005300000000000c0002400000000000000000140001800b0001006c6f6f6b75700000040002800900010073797a300000000014000000110001"], 0xe0}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014000100626f6e643000"], 0x4b0}}, 0x0)

199.453591ms ago: executing program 5 (id=8126):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x11c, 0xffffffffffffffff})
r1 = gettid()
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x320, 0x8, 0x7f02ae, 0x0, 0x200, 0x3f0, 0x2e8, 0x2e8, 0x3f0, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x300, 0x320, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @fd}, @common=@hl={{0x28}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private2, [], [], 'veth0_to_team\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f00000005c0)='mm_page_free\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'})
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r6, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
preadv(r5, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/257, 0x101}], 0x1, 0x8000, 0xc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='kmem_cache_free\x00', r7}, 0x18)
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r8, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x2}, 0x8)

198.533421ms ago: executing program 6 (id=8127):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x21, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4000000, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x18, 0x30, 0x9, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])

128.825321ms ago: executing program 6 (id=8128):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="2600000000000000fcffffff0000000000000000", @ANYRES32, @ANYBLOB="0000040000000000000000000000000000400000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000030000000100000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b097ead85847817353d2dbad05dd5", 0x1c, 0xfffffffffffffffd)

0s ago: executing program 6 (id=8129):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x21, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4000000, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])

kernel console output (not intermixed with test programs):

  413.506128][T24910] loop6: detected capacity change from 0 to 256
[  413.525829][T24910] netlink: '+}[@': attribute type 10 has an invalid length.
[  413.561611][T24910] team0: Device hsr_slave_0 failed to register rx_handler
[  413.700430][T24933] FAULT_INJECTION: forcing a failure.
[  413.700430][T24933] name failslab, interval 1, probability 0, space 0, times 0
[  413.713196][T24933] CPU: 0 UID: 0 PID: 24933 Comm: syz.6.7184 Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0
[  413.724099][T24933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  413.734180][T24933] Call Trace:
[  413.737476][T24933]  <TASK>
[  413.740442][T24933]  dump_stack_lvl+0xf2/0x150
[  413.745162][T24933]  dump_stack+0x15/0x1a
[  413.749421][T24933]  should_fail_ex+0x223/0x230
[  413.754150][T24933]  should_failslab+0x8f/0xb0
[  413.758831][T24933]  __kmalloc_noprof+0xab/0x3f0
[  413.763623][T24933]  ? __se_sys_memfd_create+0x230/0x5c0
[  413.769272][T24933]  __se_sys_memfd_create+0x230/0x5c0
[  413.774599][T24933]  __x64_sys_memfd_create+0x31/0x40
[  413.779890][T24933]  x64_sys_call+0x2d4c/0x2dc0
[  413.784586][T24933]  do_syscall_64+0xc9/0x1c0
[  413.789136][T24933]  ? clear_bhb_loop+0x55/0xb0
[  413.793911][T24933]  ? clear_bhb_loop+0x55/0xb0
[  413.798617][T24933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.804611][T24933] RIP: 0033:0x7f63a7f05d29
[  413.809091][T24933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.828743][T24933] RSP: 002b:00007f63a6570e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  413.837340][T24933] RAX: ffffffffffffffda RBX: 0000000000000667 RCX: 00007f63a7f05d29
[  413.845445][T24933] RDX: 00007f63a6570ef0 RSI: 0000000000000000 RDI: 00007f63a7f82469
[  413.853472][T24933] RBP: 0000000020000d40 R08: 00007f63a6570bb7 R09: 00007f63a6570e40
[  413.861525][T24933] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000240
[  413.869680][T24933] R13: 00007f63a6570ef0 R14: 00007f63a6570eb0 R15: 0000000020000ac0
[  413.877667][T24933]  </TASK>
[  413.911577][T24933] loop6: detected capacity change from 0 to 128
[  413.918055][T24933] vfat: Unknown parameter 'iso9660'
[  413.983199][T24940] xt_connbytes: Forcing CT accounting to be enabled
[  414.000652][T24940] Cannot find add_set index 0 as target
[  414.068299][T24950] loop6: detected capacity change from 0 to 128
[  414.180123][T24925] loop2: detected capacity change from 0 to 128
[  414.203898][T24961] loop4: detected capacity change from 0 to 164
[  414.221650][T24961] Unable to read rock-ridge attributes
[  414.233008][T24961] Unable to read rock-ridge attributes
[  414.240956][T24961] iso9660: Corrupted directory entry in block 4 of inode 1792
[  414.261592][T24925] syz.2.7182: attempt to access beyond end of device
[  414.261592][T24925] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  414.301064][T24964] loop4: detected capacity change from 0 to 512
[  414.305304][T24925] syz.2.7182: attempt to access beyond end of device
[  414.305304][T24925] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[  414.322763][T24925] syz.2.7182: attempt to access beyond end of device
[  414.322763][T24925] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  414.329435][T24964] EXT4-fs: Ignoring removed i_version option
[  414.367091][T24964] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  414.376728][T24925] syz.2.7182: attempt to access beyond end of device
[  414.376728][T24925] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  414.383031][T24964] EXT4-fs (loop4): 1 truncate cleaned up
[  414.396265][T24964] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.404177][T24967] loop6: detected capacity change from 0 to 512
[  414.431137][T24925] syz.2.7182: attempt to access beyond end of device
[  414.431137][T24925] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  414.446231][T24925] syz.2.7182: attempt to access beyond end of device
[  414.446231][T24925] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  414.460471][T24925] syz.2.7182: attempt to access beyond end of device
[  414.460471][T24925] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  414.473986][T24925] syz.2.7182: attempt to access beyond end of device
[  414.473986][T24925] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  414.487268][T24925] syz.2.7182: attempt to access beyond end of device
[  414.487268][T24925] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  414.503666][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.531919][T24967] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.582958][T24967] ext4 filesystem being mounted at /167/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  414.603940][T24967] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  414.618562][T24967] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  414.630994][T24967] EXT4-fs (loop6): This should not happen!! Data will be lost
[  414.630994][T24967] 
[  414.640757][T24967] EXT4-fs (loop6): Total free blocks count 0
[  414.646837][T24967] EXT4-fs (loop6): Free/Dirty block details
[  414.652849][T24967] EXT4-fs (loop6): free_blocks=65280
[  414.658265][T24967] EXT4-fs (loop6): dirty_blocks=1
[  414.663390][T24967] EXT4-fs (loop6): Block reservation details
[  414.669438][T24967] EXT4-fs (loop6): i_reserved_data_blocks=1
[  414.684335][T24978] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  414.805716][T22202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.875902][T24983] lo speed is unknown, defaulting to 1000
[  414.882599][T24983] lo speed is unknown, defaulting to 1000
[  414.888787][T24983] lo speed is unknown, defaulting to 1000
[  414.938833][T24983] infiniband s
z1: set active
[  414.943659][T24983] infiniband s
z1: added lo
[  414.952280][ T3921] lo speed is unknown, defaulting to 1000
[  415.083098][T24983] RDS/IB: s
z1: added
[  415.087130][T24983] smc: adding ib device s
z1 with port count 1
[  415.093441][T24983] smc:    ib device s
z1 port 1 has pnetid 
[  415.100054][T24983] lo speed is unknown, defaulting to 1000
[  415.152749][T24983] lo speed is unknown, defaulting to 1000
[  415.208019][T24983] lo speed is unknown, defaulting to 1000
[  415.256118][T24983] lo speed is unknown, defaulting to 1000
[  415.290336][   T35] lo speed is unknown, defaulting to 1000
[  415.309603][T24983] lo speed is unknown, defaulting to 1000
[  415.327964][T24996] loop2: detected capacity change from 0 to 128
[  415.335257][T25001] loop6: detected capacity change from 0 to 512
[  415.353851][T25001] EXT4-fs: Ignoring removed i_version option
[  415.359100][T24983] lo speed is unknown, defaulting to 1000
[  415.366618][T25001] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  415.393630][T24983] lo speed is unknown, defaulting to 1000
[  415.406917][   T29] kauditd_printk_skb: 236 callbacks suppressed
[  415.406933][   T29] audit: type=1326 audit(1737244024.583:47084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.428162][T24983] lo speed is unknown, defaulting to 1000
[  415.436787][   T29] audit: type=1326 audit(1737244024.583:47085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.466059][   T29] audit: type=1326 audit(1737244024.583:47086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.471177][T24983] lo speed is unknown, defaulting to 1000
[  415.489852][   T29] audit: type=1326 audit(1737244024.583:47087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.519195][   T29] audit: type=1326 audit(1737244024.583:47088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.542983][   T29] audit: type=1326 audit(1737244024.583:47089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.566701][   T29] audit: type=1326 audit(1737244024.583:47090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.590294][   T29] audit: type=1326 audit(1737244024.583:47091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.614141][   T29] audit: type=1326 audit(1737244024.583:47092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25002 comm="syz.0.7213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  415.628452][T25001] EXT4-fs (loop6): 1 truncate cleaned up
[  415.637806][T24984] lo speed is unknown, defaulting to 1000
[  415.646195][T25001] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  415.649307][T24984] lo speed is unknown, defaulting to 1000
[  415.649513][T24984] lo speed is unknown, defaulting to 1000
[  415.674315][T24984] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  415.680414][T24996] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  415.687219][T24984] lo speed is unknown, defaulting to 1000
[  415.697271][T24996] ext4 filesystem being mounted at /95/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  415.699790][T24984] lo speed is unknown, defaulting to 1000
[  415.715594][T24984] lo speed is unknown, defaulting to 1000
[  415.715804][T25008] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  415.722162][T24984] lo speed is unknown, defaulting to 1000
[  415.734561][T24984] lo speed is unknown, defaulting to 1000
[  415.740713][T24984] lo speed is unknown, defaulting to 1000
[  415.746733][T24984] lo speed is unknown, defaulting to 1000
[  415.752765][T24984] lo speed is unknown, defaulting to 1000
[  415.758842][T24984] lo speed is unknown, defaulting to 1000
[  415.771889][T22202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.889361][   T29] audit: type=1326 audit(1737244025.053:47093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25017 comm="syz.5.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7d5915d29 code=0x7ffc0000
[  415.919419][T23053] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  415.924531][T25028] netlink: 96 bytes leftover after parsing attributes in process `syz.6.7225'.
[  415.949376][T25028] netlink: 'syz.6.7225': attribute type 29 has an invalid length.
[  415.959291][T25026] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  415.985910][T25028] loop6: detected capacity change from 0 to 164
[  416.111271][T25037] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7228'.
[  416.139612][T25041] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  416.156396][T25037] hsr_slave_1 (unregistering): left promiscuous mode
[  416.290038][T25032] loop2: detected capacity change from 0 to 128
[  416.667879][T25061] loop6: detected capacity change from 0 to 128
[  416.674431][T25071] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  416.820586][T25079] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  417.109277][T25091] netlink: 14 bytes leftover after parsing attributes in process `syz.6.7249'.
[  417.432368][T25098] netlink: '+}[@': attribute type 10 has an invalid length.
[  417.463814][T25098] team0: Device hsr_slave_0 failed to register rx_handler
[  417.739949][T25104] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  417.791053][T25106] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  417.813176][T25106] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  417.834793][T25108] netlink: '+}[@': attribute type 10 has an invalid length.
[  417.852628][T25108] team0: Device hsr_slave_0 failed to register rx_handler
[  417.990592][T25114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7260'.
[  418.569640][T25132] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  418.574194][T25135] netlink: '+}[@': attribute type 10 has an invalid length.
[  418.592042][T25135] team0: Device hsr_slave_0 failed to register rx_handler
[  418.598760][T25132] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  418.645468][T25137] loop5: detected capacity change from 0 to 256
[  418.675370][T25137] netlink: '+}[@': attribute type 10 has an invalid length.
[  418.683257][T25137] team0: Device hsr_slave_0 failed to register rx_handler
[  418.874157][T25153] can0: slcan on ttyS3.
[  418.950204][T25153] can0 (unregistered): slcan off ttyS3.
[  419.000776][T25153] SELinux: syz.5.7278 (25153) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  419.328890][T25192] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  419.347852][T25195] loop4: detected capacity change from 0 to 128
[  419.358062][T25195] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  419.382970][T25195] ext4 filesystem being mounted at /159/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  419.407749][T22674] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  419.420244][T25199] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  419.427945][T25199] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  419.535179][T25207] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7289'.
[  419.606733][T25215] loop5: detected capacity change from 0 to 128
[  419.617191][T25215] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  419.631534][T25215] ext4 filesystem being mounted at /272/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  419.697156][T25218] loop2: detected capacity change from 0 to 128
[  419.704796][T21510] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  419.725020][T25218] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  419.738216][T25218] ext4 filesystem being mounted at /106/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  419.896094][T23053] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  419.960382][T25226] loop2: detected capacity change from 0 to 512
[  419.989379][T25226] EXT4-fs: Ignoring removed i_version option
[  420.017764][T25226] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  420.044331][T25226] EXT4-fs (loop2): 1 truncate cleaned up
[  420.051513][T25226] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.124748][T23053] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.197518][T25240] loop2: detected capacity change from 0 to 512
[  420.221288][T25240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.234371][T25240] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  420.248207][T25240] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.7301: Failed to acquire dquot type 0
[  420.306322][T23053] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 3: comm syz-executor: path /108/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  420.321534][T25223] loop5: detected capacity change from 0 to 128
[  420.356190][T23053] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 12: comm syz-executor: path /108/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  420.385322][T25223] bio_check_eod: 2559 callbacks suppressed
[  420.385344][T25223] syz.5.7295: attempt to access beyond end of device
[  420.385344][T25223] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  420.426196][T23053] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 13: comm syz-executor: path /108/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  420.458048][T23053] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 14: comm syz-executor: path /108/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=1, rec_len=0, size=2048 fake=0
[  420.485594][T25253] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7306'.
[  420.506747][T23053] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 15: comm syz-executor: path /108/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  420.561125][T23053] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /108/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  420.599007][T23053] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 17: comm syz-executor: path /108/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  420.648554][T23053] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #2: block 18: comm syz-executor: lblock 23 mapped to illegal pblock 18 (length 1)
[  420.701587][T25268] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  420.709200][T25268] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  420.735943][T23053] __quota_error: 4372 callbacks suppressed
[  420.735959][T23053] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  420.747658][   T29] audit: type=1400 audit(1737244029.933:51464): avc:  denied  { remove_name } for  pid=23053 comm="syz-executor" name="lost+found" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  420.752209][T23053] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 64512
[  420.776528][   T29] audit: type=1400 audit(1737244029.933:51465): avc:  denied  { rmdir } for  pid=23053 comm="syz-executor" name="lost+found" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  420.785499][T23053] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz-executor: Failed to acquire dquot type 0
[  420.835788][T25279] loop5: detected capacity change from 0 to 128
[  420.853654][T25279] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  420.872600][T25279] ext4 filesystem being mounted at /276/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  420.954702][T21510] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  420.995782][T25288] xt_connbytes: Forcing CT accounting to be enabled
[  421.005516][T25288] Cannot find add_set index 0 as target
[  421.042119][T23053] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.054445][  T175] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.099631][T25294] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  421.137107][  T175] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.205140][   T29] audit: type=1400 audit(1737244030.403:51466): avc:  denied  { mounton } for  pid=25305 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  421.227598][T25300] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  421.236447][  T175] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.241182][T25300] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  421.290626][T25312] can0: slcan on ttyS3.
[  421.326235][  T175] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.349273][T25312] can0 (unregistered): slcan off ttyS3.
[  421.361915][T25316] can0: slcan on ttyS3.
[  421.417397][  T175] bridge_slave_1: left allmulticast mode
[  421.423404][  T175] bridge_slave_1: left promiscuous mode
[  421.429165][  T175] bridge0: port 2(bridge_slave_1) entered disabled state
[  421.437261][T25316] can0 (unregistered): slcan off ttyS3.
[  421.461900][  T175] bridge_slave_0: left allmulticast mode
[  421.468063][  T175] bridge_slave_0: left promiscuous mode
[  421.473831][  T175] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.481457][   T29] audit: type=1326 audit(1737244030.663:51467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25326 comm="syz.0.7335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  421.505360][   T29] audit: type=1326 audit(1737244030.663:51468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25326 comm="syz.0.7335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  421.528985][   T29] audit: type=1326 audit(1737244030.663:51469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25326 comm="syz.0.7335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  421.552595][   T29] audit: type=1326 audit(1737244030.663:51470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25326 comm="syz.0.7335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  421.576255][   T29] audit: type=1326 audit(1737244030.663:51471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25326 comm="syz.0.7335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  421.708062][T25282] loop4: detected capacity change from 0 to 128
[  421.791448][  T175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  421.803016][  T175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  421.831653][  T175] bond0 (unregistering): Released all slaves
[  421.845156][T25325] can0: slcan on ttyS3.
[  421.899114][T25315] can0 (unregistered): slcan off ttyS3.
[  421.976044][T25349] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7339'.
[  421.976865][T25305] lo speed is unknown, defaulting to 1000
[  422.099510][T25356] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  422.112872][T25356] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  422.123720][T25305] lo speed is unknown, defaulting to 1000
[  422.189364][   T54] kworker/u8:4: attempt to access beyond end of device
[  422.189364][   T54] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  422.210788][  T175] hsr_slave_0: left promiscuous mode
[  422.224409][  T175] hsr_slave_1: left promiscuous mode
[  422.238444][T25368] xt_connbytes: Forcing CT accounting to be enabled
[  422.245295][T25368] Cannot find add_set index 0 as target
[  422.245718][  T175] veth1_macvtap: left promiscuous mode
[  422.256475][  T175] veth0_macvtap: left promiscuous mode
[  422.262083][  T175] veth1_vlan: left promiscuous mode
[  422.267336][  T175] veth0_vlan: left promiscuous mode
[  422.287539][T25371] loop4: detected capacity change from 0 to 128
[  422.337742][T25332] loop5: detected capacity change from 0 to 128
[  422.344259][T25371] syz.4.7345: attempt to access beyond end of device
[  422.344259][T25371] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  422.422872][T25376] loop4: detected capacity change from 0 to 128
[  422.429598][T25332] syz.5.7336: attempt to access beyond end of device
[  422.429598][T25332] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  422.445834][  T175] team0 (unregistering): Port device team_slave_1 removed
[  422.460710][T25376] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  422.475133][  T175] team0 (unregistering): Port device team_slave_0 removed
[  422.480964][T25376] ext4 filesystem being mounted at /169/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  422.565327][T22674] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  422.632017][T25386] loop4: detected capacity change from 0 to 256
[  422.657225][T25305] chnl_net:caif_netlink_parms(): no params data found
[  422.744513][T25386] netlink: '+}[@': attribute type 10 has an invalid length.
[  422.767338][T25386] team0: Device hsr_slave_0 failed to register rx_handler
[  422.777662][T25399] netlink: 96 bytes leftover after parsing attributes in process `syz.0.7350'.
[  422.799326][T25399] netlink: 'syz.0.7350': attribute type 29 has an invalid length.
[  422.856404][T25305] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.863630][T25305] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.896806][T25305] bridge_slave_0: entered allmulticast mode
[  422.903518][T25305] bridge_slave_0: entered promiscuous mode
[  422.910573][T25305] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.917808][T25305] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.924976][T25305] bridge_slave_1: entered allmulticast mode
[  422.931527][T25305] bridge_slave_1: entered promiscuous mode
[  422.958443][T25305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  422.977357][T25411] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7351'.
[  422.978641][T25305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  423.039547][T25305] team0: Port device team_slave_0 added
[  423.056387][T25305] team0: Port device team_slave_1 added
[  423.080651][T25305] batman_adv: batadv0: Adding interface: batadv_slave_0
[  423.087674][T25305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  423.113624][T25305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  423.127687][T25305] batman_adv: batadv0: Adding interface: batadv_slave_1
[  423.134675][T25305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  423.160665][T25305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  423.232171][T25305] hsr_slave_0: entered promiscuous mode
[  423.249275][T25305] hsr_slave_1: entered promiscuous mode
[  423.255418][T25305] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  423.273196][T25305] Cannot create hsr debugfs directory
[  423.480954][T25305] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  423.500516][T25305] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  423.520094][T25305] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  423.538755][T25305] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  423.582108][T25305] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.589243][T25305] bridge0: port 2(bridge_slave_1) entered forwarding state
[  423.596638][T25305] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.603758][T25305] bridge0: port 1(bridge_slave_0) entered forwarding state
[  423.632124][  T175] bridge0: port 1(bridge_slave_0) entered disabled state
[  423.640542][  T175] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.686372][T25305] 8021q: adding VLAN 0 to HW filter on device bond0
[  423.702244][T25305] 8021q: adding VLAN 0 to HW filter on device team0
[  423.713951][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.721068][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  423.750833][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.758041][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  423.788315][T25305] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  423.798784][T25305] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  424.000086][T25305] 8021q: adding VLAN 0 to HW filter on device batadv0
[  424.334793][T25305] veth0_vlan: entered promiscuous mode
[  424.362231][T25305] veth1_vlan: entered promiscuous mode
[  424.396699][T25305] veth0_macvtap: entered promiscuous mode
[  424.433415][T25305] veth1_macvtap: entered promiscuous mode
[  424.460929][T25305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.471502][T25305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.481413][T25305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.489308][T25525] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  424.491864][T25305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.500796][T25525] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  424.509082][T25305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.526572][T25305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.538318][T25305] batman_adv: batadv0: Interface activated: batadv_slave_0
[  424.567919][T25305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  424.578593][T25305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.588450][T25305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  424.598957][T25305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.608785][T25305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  424.617853][T25530] loop5: detected capacity change from 0 to 128
[  424.619339][T25305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.642266][T25305] batman_adv: batadv0: Interface activated: batadv_slave_1
[  424.656269][T25305] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  424.665232][T25305] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  424.674081][T25305] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  424.682839][T25305] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  424.700947][T25530] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  424.703788][T25535] loop4: detected capacity change from 0 to 128
[  424.721428][T25530] ext4 filesystem being mounted at /289/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  424.767895][T25535] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  424.795064][T25535] ext4 filesystem being mounted at /175/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  424.846264][T25540] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7369'.
[  424.863758][T21510] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  424.922943][T25562] can0: slcan on ttyS3.
[  424.988139][T22674] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  424.989721][T25560] can0 (unregistered): slcan off ttyS3.
[  425.107615][T25586] loop6: detected capacity change from 0 to 512
[  425.114871][T25586] EXT4-fs: Ignoring removed i_version option
[  425.125430][T25586] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  425.136999][T25586] EXT4-fs (loop6): 1 truncate cleaned up
[  425.143150][T25586] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  425.225688][T22202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.268321][T25603] Cannot find add_set index 0 as target
[  425.309309][    C0] bridge0: received packet on gretap1 with own address as source address (addr:e6:5d:32:8e:16:80, vlan:0)
[  425.508877][T25617] s
z1: rxe_newlink: already configured on lo
[  425.778700][   T29] kauditd_printk_skb: 88 callbacks suppressed
[  425.778717][   T29] audit: type=1400 audit(1737244034.973:51560): avc:  denied  { sys_chroot } for  pid=25623 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  425.875914][   T29] audit: type=1400 audit(1737244035.013:51561): avc:  denied  { setgid } for  pid=25623 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  425.897029][   T29] audit: type=1400 audit(1737244035.013:51562): avc:  denied  { setuid } for  pid=25623 comm="dhcpcd" capability=7  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  425.918292][   T29] audit: type=1400 audit(1737244035.013:51563): avc:  denied  { setrlimit } for  pid=25623 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  426.173515][T25630] rdma_rxe: rxe_newlink: failed to add lo
[  426.628289][   T29] audit: type=1326 audit(1737244035.803:51564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25573 comm="syz.0.7376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  426.651958][   T29] audit: type=1326 audit(1737244035.823:51565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25573 comm="syz.0.7376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  426.697685][   T29] audit: type=1326 audit(1737244035.883:51566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25573 comm="syz.0.7376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f32cd6ecce7 code=0x7ffc0000
[  426.721315][   T29] audit: type=1326 audit(1737244035.883:51567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25573 comm="syz.0.7376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f32cd691f29 code=0x7ffc0000
[  426.745057][   T29] audit: type=1326 audit(1737244035.883:51568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25573 comm="syz.0.7376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  426.768733][   T29] audit: type=1326 audit(1737244035.883:51569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25573 comm="syz.0.7376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  426.996170][T25665] can0: slcan on ttyS3.
[  427.078853][T25666] rdma_rxe: rxe_newlink: failed to add lo
[  427.109068][T25664] can0 (unregistered): slcan off ttyS3.
[  427.542172][T25672] loop7: detected capacity change from 0 to 128
[  427.578861][T25672] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  427.601667][T25672] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  427.660490][T25305] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  427.699522][T25676] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  427.707173][T25676] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  427.870234][T25694] loop5: detected capacity change from 0 to 128
[  427.902219][T25694] syz.5.7412: attempt to access beyond end of device
[  427.902219][T25694] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  428.007831][T25701] loop5: detected capacity change from 0 to 256
[  428.049606][T25699] netlink: 'vfat': attribute type 10 has an invalid length.
[  428.058078][T25699] team0: Device hsr_slave_0 failed to register rx_handler
[  428.068245][T25703] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  428.144571][T25705] rdma_rxe: rxe_newlink: failed to add lo
[  428.387156][T25686] loop7: detected capacity change from 0 to 128
[  428.583991][T25686] syz.7.7409: attempt to access beyond end of device
[  428.583991][T25686] loop7: rw=2049, sector=145, nr_sectors = 896 limit=128
[  428.650282][T25723] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  428.707874][T25729] loop5: detected capacity change from 0 to 128
[  428.752558][T25729] syz.5.7425: attempt to access beyond end of device
[  428.752558][T25729] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  428.863000][T25733] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  428.964053][T25743] Cannot find add_set index 0 as target
[  429.077484][T25748] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  429.124205][T25756] loop7: detected capacity change from 0 to 128
[  429.155843][T25756] syz.7.7438: attempt to access beyond end of device
[  429.155843][T25756] loop7: rw=2049, sector=145, nr_sectors = 896 limit=128
[  429.453488][T25768] rdma_rxe: rxe_newlink: failed to add lo
[  429.747868][T25770] loop4: detected capacity change from 0 to 512
[  429.806133][T25770] EXT4-fs: Ignoring removed i_version option
[  429.827980][T25770] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  429.858980][T25770] EXT4-fs (loop4): 1 truncate cleaned up
[  429.865145][T25770] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  429.915373][T25763] loop7: detected capacity change from 0 to 128
[  429.928248][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.012391][T25763] syz.7.7440: attempt to access beyond end of device
[  430.012391][T25763] loop7: rw=2049, sector=145, nr_sectors = 896 limit=128
[  430.114523][T25763] syz.7.7440: attempt to access beyond end of device
[  430.114523][T25763] loop7: rw=524288, sector=145, nr_sectors = 224 limit=128
[  430.192508][T25763] syz.7.7440: attempt to access beyond end of device
[  430.192508][T25763] loop7: rw=0, sector=145, nr_sectors = 8 limit=128
[  430.265440][T25763] syz.7.7440: attempt to access beyond end of device
[  430.265440][T25763] loop7: rw=0, sector=145, nr_sectors = 8 limit=128
[  430.279154][T25792] rdma_rxe: rxe_newlink: failed to add lo
[  430.562836][T25798] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  430.857416][T25782] Set syz1 is full, maxelem 65536 reached
[  430.886360][T25783] Set syz1 is full, maxelem 65536 reached
[  430.963109][T25820] can0: slcan on ttyS3.
[  431.006892][T25826] syz.7.7461[25826] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  431.007017][T25826] syz.7.7461[25826] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  431.018633][T25826] syz.7.7461[25826] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  431.048294][T25824] loop5: detected capacity change from 0 to 512
[  431.068850][T25824] EXT4-fs: Ignoring removed i_version option
[  431.153391][T25829] siw: device registration error -23
[  431.166702][T25824] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  431.251038][T25824] EXT4-fs (loop5): 1 truncate cleaned up
[  431.257814][T25824] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.275460][T25833] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  431.282984][T25819] can0 (unregistered): slcan off ttyS3.
[  431.492461][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.535782][   T29] kauditd_printk_skb: 2278 callbacks suppressed
[  431.535799][   T29] audit: type=1326 audit(1737244040.733:53848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25834 comm="syz.7.7463" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f810456cce7 code=0x0
[  431.710327][   T29] audit: type=1326 audit(1737244040.913:53849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.769048][   T29] audit: type=1326 audit(1737244040.913:53850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.792893][   T29] audit: type=1326 audit(1737244040.913:53851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.816641][   T29] audit: type=1326 audit(1737244040.913:53852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.840433][   T29] audit: type=1326 audit(1737244040.913:53853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.864265][   T29] audit: type=1326 audit(1737244040.913:53854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.888098][   T29] audit: type=1326 audit(1737244040.913:53855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.889832][T25865] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  431.911608][   T29] audit: type=1326 audit(1737244040.913:53856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.942229][   T29] audit: type=1326 audit(1737244040.913:53857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25857 comm="syz.6.7473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63a7f05d29 code=0x7ffc0000
[  431.984054][T25871] loop5: detected capacity change from 0 to 256
[  432.024945][T25871] netlink: '+}[@': attribute type 10 has an invalid length.
[  432.039258][T25871] team0: Device hsr_slave_0 failed to register rx_handler
[  432.180822][T25878] loop5: detected capacity change from 0 to 512
[  432.223717][T25878] EXT4-fs (loop5): 1 orphan inode deleted
[  432.237568][T25878] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  432.250475][   T54] EXT4-fs error (device loop5): ext4_release_dquot:6961: comm kworker/u8:4: Failed to release dquot type 1
[  432.271153][T25878] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  432.332040][T25878] bridge_slave_0: left allmulticast mode
[  432.337747][T25878] bridge_slave_0: left promiscuous mode
[  432.343500][T25878] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.369782][T25886] loop4: detected capacity change from 0 to 512
[  432.387843][T25878] bridge_slave_1: left allmulticast mode
[  432.393624][T25878] bridge_slave_1: left promiscuous mode
[  432.399469][T25878] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.410025][T25886] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  432.419203][T25886] EXT4-fs (loop4): ea_inode feature is not supported for Hurd
[  432.525223][T25878] bond0: (slave bond_slave_0): Releasing backup interface
[  432.552506][T25878] bond0: (slave bond_slave_1): Releasing backup interface
[  432.629892][T25898] siw: device registration error -23
[  432.717736][T25878] team0: Port device team_slave_0 removed
[  432.736543][T25878] team0: Port device team_slave_1 removed
[  432.990681][T25909] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  433.017970][T25909] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  433.036559][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.077125][T25911] loop5: detected capacity change from 0 to 512
[  433.102003][T25911] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  433.141699][T25911] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  433.178303][T25911] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.7489: Failed to acquire dquot type 0
[  433.309452][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.315161][T25927] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  433.326268][T25925] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7495'.
[  433.386426][T25939] loop5: detected capacity change from 0 to 128
[  433.428271][T25930] lo speed is unknown, defaulting to 1000
[  433.440127][T25939] syz.5.7499: attempt to access beyond end of device
[  433.440127][T25939] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  433.527093][T25948] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  433.538152][T25948] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  433.622895][T25930] lo speed is unknown, defaulting to 1000
[  433.725426][T25954] rdma_rxe: rxe_newlink: failed to add lo
[  434.303617][T25963] siw: device registration error -23
[  434.872871][T25953] loop5: detected capacity change from 0 to 128
[  434.925626][T25953] syz.5.7504: attempt to access beyond end of device
[  434.925626][T25953] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  434.946480][T25953] syz.5.7504: attempt to access beyond end of device
[  434.946480][T25953] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[  434.960844][T25953] syz.5.7504: attempt to access beyond end of device
[  434.960844][T25953] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.009470][T25953] syz.5.7504: attempt to access beyond end of device
[  435.009470][T25953] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.038538][T25953] syz.5.7504: attempt to access beyond end of device
[  435.038538][T25953] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.098157][T25953] syz.5.7504: attempt to access beyond end of device
[  435.098157][T25953] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.209697][T26001] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  435.228479][T26001] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  435.390170][T26018] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7518'.
[  435.484658][T26016] delete_channel: no stack
[  435.619878][T26040] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  435.926490][T26071] rdma_rxe: rxe_newlink: failed to add lo
[  436.342453][T26077] loop6: detected capacity change from 0 to 128
[  436.393910][T26077] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  436.437850][T26077] ext4 filesystem being mounted at /232/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  436.490958][T22202] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  436.673976][T26102] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  436.761414][T26111] loop6: detected capacity change from 0 to 512
[  436.793051][T26111] EXT4-fs: Ignoring removed i_version option
[  436.813991][T26111] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  436.842221][T26111] EXT4-fs (loop6): 1 truncate cleaned up
[  436.858481][T26111] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.899698][T22202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.005932][   T29] kauditd_printk_skb: 857 callbacks suppressed
[  437.005950][   T29] audit: type=1326 audit(1737244046.203:54712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  437.036010][   T29] audit: type=1326 audit(1737244046.203:54713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  437.059623][   T29] audit: type=1326 audit(1737244046.203:54714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  437.124322][   T29] audit: type=1326 audit(1737244046.203:54715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  437.148078][   T29] audit: type=1326 audit(1737244046.323:54716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f76d523cce7 code=0x7ffc0000
[  437.172195][   T29] audit: type=1326 audit(1737244046.323:54717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f76d51e1f29 code=0x7ffc0000
[  437.195931][   T29] audit: type=1326 audit(1737244046.323:54718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f76d523cce7 code=0x7ffc0000
[  437.219562][   T29] audit: type=1326 audit(1737244046.323:54719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f76d51e1f29 code=0x7ffc0000
[  437.241493][T26139] netlink: 55631 bytes leftover after parsing attributes in process `syz.6.7543'.
[  437.243170][   T29] audit: type=1326 audit(1737244046.323:54720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f76d523cce7 code=0x7ffc0000
[  437.275902][   T29] audit: type=1326 audit(1737244046.323:54721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25972 comm="syz.4.7512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f76d51e1f29 code=0x7ffc0000
[  437.563581][T26160] siw: device registration error -23
[  438.123374][T26163] siw: device registration error -23
[  438.544020][T26172] loop4: detected capacity change from 0 to 256
[  438.651965][T26172] netlink: '+}[@': attribute type 10 has an invalid length.
[  438.659669][T26172] team0: Device hsr_slave_0 failed to register rx_handler
[  438.761081][T26191] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  438.768519][T26191] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  438.837765][T26198] Cannot find add_set index 0 as target
[  438.939211][T26194] loop7: detected capacity change from 0 to 512
[  439.011490][T26194] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  439.052839][T26214] loop4: detected capacity change from 0 to 512
[  439.060441][T26194] System zones: 0-2, 18-18, 34-34
[  439.069363][T26194] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.7553: bg 0: block 248: padding at end of block bitmap is not set
[  439.120466][T26194] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.7553: Failed to acquire dquot type 1
[  439.169676][T26194] EXT4-fs (loop7): 1 truncate cleaned up
[  439.176294][T26194] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  439.269096][T26194] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  439.317306][T26214] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  439.402228][T26229] siw: device registration error -23
[  439.459093][T26214] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  439.552782][T26214] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.7557: Failed to acquire dquot type 0
[  439.805537][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  439.822410][  T383] EXT4-fs error (device loop7): ext4_release_dquot:6961: comm kworker/u8:6: Failed to release dquot type 1
[  439.835094][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  439.898226][T26235] netlink: '+}[@': attribute type 10 has an invalid length.
[  439.921277][T26235] team0: Device hsr_slave_0 failed to register rx_handler
[  439.939636][T26243] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  439.955282][T26243] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  440.019522][T26252] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  440.029294][    C0] bridge0: received packet on gretap1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  440.050905][T26256] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  440.893839][T26291] rdma_rxe: rxe_newlink: failed to add lo
[  440.900086][T26291] siw: device registration error -23
[  441.532691][T26316] netlink: '+}[@': attribute type 10 has an invalid length.
[  441.570875][T26316] team0: Device hsr_slave_0 failed to register rx_handler
[  441.687127][T26325] loop7: detected capacity change from 0 to 512
[  441.764535][T26293] loop5: detected capacity change from 0 to 128
[  441.778303][T26299] loop6: detected capacity change from 0 to 128
[  441.791670][T26325] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  441.807071][T26325] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  441.832269][T26325] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.7599: Failed to acquire dquot type 0
[  441.867255][T26299] syz.6.7588: attempt to access beyond end of device
[  441.867255][T26299] loop6: rw=2049, sector=145, nr_sectors = 896 limit=128
[  441.892350][T26299] syz.6.7588: attempt to access beyond end of device
[  441.892350][T26299] loop6: rw=524288, sector=145, nr_sectors = 224 limit=128
[  441.892475][T26293] syz.5.7585: attempt to access beyond end of device
[  441.892475][T26293] loop5: rw=2049, sector=145, nr_sectors = 528 limit=128
[  441.936090][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.945268][T26299] syz.6.7588: attempt to access beyond end of device
[  441.945268][T26299] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  441.989104][T26299] syz.6.7588: attempt to access beyond end of device
[  441.989104][T26299] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  442.002559][T26337] xt_connbytes: Forcing CT accounting to be enabled
[  442.013695][T26310] syz.5.7585: attempt to access beyond end of device
[  442.013695][T26310] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[  442.021981][T26337] Cannot find add_set index 0 as target
[  442.034413][T26299] syz.6.7588: attempt to access beyond end of device
[  442.034413][T26299] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  442.036002][T26310] syz.5.7585: attempt to access beyond end of device
[  442.036002][T26310] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  442.076895][T26310] syz.5.7585: attempt to access beyond end of device
[  442.076895][T26310] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  442.170486][T26310] syz.5.7585: attempt to access beyond end of device
[  442.170486][T26310] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  442.199643][T26343] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  442.215599][T26343] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  442.307854][   T29] kauditd_printk_skb: 452 callbacks suppressed
[  442.307954][   T29] audit: type=1326 audit(1737244051.503:55167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.384281][   T29] audit: type=1326 audit(1737244051.503:55168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.407976][   T29] audit: type=1326 audit(1737244051.503:55169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.431717][   T29] audit: type=1326 audit(1737244051.503:55170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.455514][   T29] audit: type=1326 audit(1737244051.503:55171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.479399][   T29] audit: type=1326 audit(1737244051.503:55172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.503123][   T29] audit: type=1326 audit(1737244051.503:55173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.526760][   T29] audit: type=1326 audit(1737244051.503:55174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.550364][   T29] audit: type=1326 audit(1737244051.503:55175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.574086][   T29] audit: type=1326 audit(1737244051.503:55176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26354 comm="syz.4.7610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  442.606544][T26367] loop5: detected capacity change from 0 to 256
[  442.760114][T26372] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  442.803085][T26374] rdma_rxe: rxe_newlink: failed to add lo
[  443.110773][T26378] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  443.178529][T26378] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  443.366284][T26369] loop4: detected capacity change from 0 to 128
[  443.381277][T26403] Cannot find add_set index 0 as target
[  443.569421][T26414] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  443.632733][T26418] loop5: detected capacity change from 0 to 512
[  443.674135][T26418] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  443.684577][T26418] System zones: 0-2, 18-18, 34-34
[  443.701776][T26418] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.7634: bg 0: block 248: padding at end of block bitmap is not set
[  443.776056][T26418] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.7634: Failed to acquire dquot type 1
[  443.828117][T26418] EXT4-fs (loop5): 1 truncate cleaned up
[  443.859371][T26418] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.895979][T26418] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  443.986520][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.006165][ T3390] EXT4-fs error (device loop5): ext4_release_dquot:6961: comm kworker/u8:7: Failed to release dquot type 1
[  444.020528][T26438] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7644'.
[  444.118243][T26431] loop4: detected capacity change from 0 to 128
[  445.082531][T26483] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7657'.
[  445.176504][T26483] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  445.184338][T26483] batman_adv: batadv0: Removing interface: batadv_slave_0
[  445.279978][T26483] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  445.287528][T26483] batman_adv: batadv0: Removing interface: batadv_slave_1
[  445.394886][T26490] loop5: detected capacity change from 0 to 128
[  445.426245][T26464] loop4: detected capacity change from 0 to 128
[  445.442160][T26490] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  445.479684][T26490] ext4 filesystem being mounted at /352/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  445.530512][T21510] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  445.557855][T26499] loop7: detected capacity change from 0 to 128
[  445.566811][T26493] delete_channel: no stack
[  445.708571][T26515] loop7: detected capacity change from 0 to 256
[  445.725071][T26519] ref_ctr increment failed for inode: 0xb26 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888100054540
[  445.769480][T26517] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  445.777459][T26518] uprobe: syz.0.7670:26518 failed to unregister, leaking uprobe
[  445.802701][T26517] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  445.821689][T26528] loop7: detected capacity change from 0 to 128
[  445.835026][T26528] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  445.858749][T26528] ext4 filesystem being mounted at /72/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  445.878207][T26525] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7673'.
[  445.937678][T26540] loop6: detected capacity change from 0 to 128
[  445.948130][T25305] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  445.970174][T26538] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  446.018256][T26549] loop7: detected capacity change from 0 to 256
[  446.160411][T26559] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  446.188173][T26559] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  446.203650][T26565] siw: device registration error -23
[  446.227753][T26562] loop4: detected capacity change from 0 to 512
[  446.274663][T26562] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  446.286449][T26562] System zones: 0-2, 18-18, 34-34
[  446.292970][T26562] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.7688: bg 0: block 248: padding at end of block bitmap is not set
[  446.309744][T26562] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.7688: Failed to acquire dquot type 1
[  446.323363][T26562] EXT4-fs (loop4): 1 truncate cleaned up
[  446.457394][T26572] ref_ctr increment failed for inode: 0x1b0 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888131064fc0
[  446.506114][T26561] delete_channel: no stack
[  446.572017][T26562] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  446.592468][T26573] loop7: detected capacity change from 0 to 512
[  446.604980][T26562] ext4 filesystem being mounted at /217/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  446.615817][T26573] EXT4-fs: Ignoring removed i_version option
[  446.621898][T26573] EXT4-fs: Ignoring removed mblk_io_submit option
[  446.629310][T26573] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  446.645374][T26573] EXT4-fs (loop7): 1 truncate cleaned up
[  446.652768][T26573] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  446.666805][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.677831][   T54] EXT4-fs error (device loop4): ext4_release_dquot:6961: comm kworker/u8:4: Failed to release dquot type 1
[  446.696513][T26571] uprobe: syz.7.7689:26571 failed to unregister, leaking uprobe
[  446.805231][T26579] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7691'.
[  446.855114][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.009928][T26592] loop7: detected capacity change from 0 to 256
[  447.080726][T26575] loop6: detected capacity change from 0 to 128
[  447.208296][T26575] bio_check_eod: 2921 callbacks suppressed
[  447.208393][T26575] syz.6.7690: attempt to access beyond end of device
[  447.208393][T26575] loop6: rw=2049, sector=145, nr_sectors = 896 limit=128
[  447.223441][T26615] loop4: detected capacity change from 0 to 512
[  447.234527][T26615] EXT4-fs: Ignoring removed i_version option
[  447.240622][T26615] EXT4-fs: Ignoring removed mblk_io_submit option
[  447.248350][T26575] syz.6.7690: attempt to access beyond end of device
[  447.248350][T26575] loop6: rw=524288, sector=145, nr_sectors = 224 limit=128
[  447.252153][T26615] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  447.273123][T26575] syz.6.7690: attempt to access beyond end of device
[  447.273123][T26575] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  447.286918][T26575] syz.6.7690: attempt to access beyond end of device
[  447.286918][T26575] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  447.300547][T26575] syz.6.7690: attempt to access beyond end of device
[  447.300547][T26575] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  447.314683][T26575] syz.6.7690: attempt to access beyond end of device
[  447.314683][T26575] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  447.315959][T26615] EXT4-fs (loop4): 1 truncate cleaned up
[  447.331134][T26575] syz.6.7690: attempt to access beyond end of device
[  447.331134][T26575] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  447.334459][T26615] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  447.366648][T26575] syz.6.7690: attempt to access beyond end of device
[  447.366648][T26575] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  447.386389][T26575] syz.6.7690: attempt to access beyond end of device
[  447.386389][T26575] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  447.400065][T26575] syz.6.7690: attempt to access beyond end of device
[  447.400065][T26575] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  447.402073][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.423199][   T29] kauditd_printk_skb: 259 callbacks suppressed
[  447.423213][   T29] audit: type=1326 audit(1737244056.623:55430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7d5915d29 code=0x7ffc0000
[  447.455553][   T29] audit: type=1326 audit(1737244056.653:55431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd7d5915d29 code=0x7ffc0000
[  447.479263][   T29] audit: type=1326 audit(1737244056.653:55432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7d5915d29 code=0x7ffc0000
[  447.502928][   T29] audit: type=1326 audit(1737244056.653:55433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd7d5915d29 code=0x7ffc0000
[  447.504388][T26619] loop5: detected capacity change from 0 to 128
[  447.526516][   T29] audit: type=1326 audit(1737244056.653:55434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd7d5915d63 code=0x7ffc0000
[  447.526551][   T29] audit: type=1326 audit(1737244056.653:55435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd7d59147df code=0x7ffc0000
[  447.526700][   T29] audit: type=1326 audit(1737244056.683:55436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd7d5915db7 code=0x7ffc0000
[  447.603403][   T29] audit: type=1326 audit(1737244056.703:55437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd7d5914690 code=0x7ffc0000
[  447.627103][   T29] audit: type=1326 audit(1737244056.703:55438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd7d591592b code=0x7ffc0000
[  447.650768][   T29] audit: type=1326 audit(1737244056.783:55439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26618 comm="syz.5.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd7d591498a code=0x7ffc0000
[  447.790589][T26632] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  447.880955][T26642] ref_ctr increment failed for inode: 0x5d1 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888100057480
[  447.894858][T26642] loop6: detected capacity change from 0 to 512
[  447.902753][T26642] EXT4-fs: Ignoring removed i_version option
[  447.908813][T26642] EXT4-fs: Ignoring removed mblk_io_submit option
[  447.918534][T26642] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  447.933038][T26642] EXT4-fs (loop6): 1 truncate cleaned up
[  447.943622][T26642] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  447.971372][T26641] uprobe: syz.6.7718:26641 failed to unregister, leaking uprobe
[  447.990660][T26648] loop4: detected capacity change from 0 to 128
[  448.111238][T22202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.154668][T26636] loop5: detected capacity change from 0 to 128
[  448.269504][T26665] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  448.403091][T26673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7730'.
[  448.508141][T26697] loop7: detected capacity change from 0 to 512
[  448.554710][T26697] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.589469][T26697] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  448.649596][T26697] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.7738: Failed to acquire dquot type 0
[  448.664837][T26701] rdma_rxe: rxe_newlink: failed to add lo
[  448.671275][T26701] siw: device registration error -23
[  449.037800][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.353887][T26712] xt_connbytes: Forcing CT accounting to be enabled
[  449.368795][T26712] Cannot find add_set index 0 as target
[  449.375892][T26707] loop7: detected capacity change from 0 to 128
[  449.429950][T26716] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  449.437539][T26716] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  449.503460][T26718] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7745'.
[  449.533655][T26728] 9pnet_fd: Insufficient options for proto=fd
[  449.601334][T26729] delete_channel: no stack
[  450.216188][T26749] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7756'.
[  450.409618][T26760] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  450.417235][T26760] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  450.434253][T26762] 9pnet_fd: Insufficient options for proto=fd
[  450.492694][T26763] delete_channel: no stack
[  450.499785][T26768] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  450.512401][T26768] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  450.569481][T26773] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  450.609944][T26777] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  450.696307][T26784] 9pnet_fd: Insufficient options for proto=fd
[  450.738050][T26789] 9pnet_fd: Insufficient options for proto=fd
[  450.840336][T26792] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  450.847772][T26792] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  450.960925][T26802] delete_channel: no stack
[  451.029144][T26812] loop4: detected capacity change from 0 to 512
[  451.067838][T26812] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  451.076241][T26812] System zones: 0-2, 18-18, 34-34
[  451.112673][T26812] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.7781: bg 0: block 248: padding at end of block bitmap is not set
[  451.135449][T26812] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.7781: Failed to acquire dquot type 1
[  451.154722][T26812] EXT4-fs (loop4): 1 truncate cleaned up
[  451.172073][T26812] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  451.184653][T26812] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  451.208817][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.240722][T26825] 9pnet_fd: Insufficient options for proto=fd
[  451.251723][  T175] EXT4-fs error (device loop4): ext4_release_dquot:6961: comm kworker/u8:5: Failed to release dquot type 1
[  451.308887][T26779] loop5: detected capacity change from 0 to 128
[  451.409779][T26835] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  451.417817][T26835] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  451.675316][T26850] s
z1: rxe_newlink: already configured on lo
[  451.919921][T26855] Cannot find del_set index 1 as target
[  452.299595][T26857] rdma_rxe: rxe_newlink: failed to add lo
[  452.306002][T26857] siw: device registration error -23
[  452.490683][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  452.490708][   T29] audit: type=1326 audit(1737244061.633:55625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.520523][   T29] audit: type=1326 audit(1737244061.633:55626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.544259][   T29] audit: type=1326 audit(1737244061.633:55627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.567928][   T29] audit: type=1326 audit(1737244061.633:55628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.591585][   T29] audit: type=1326 audit(1737244061.633:55629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.615162][   T29] audit: type=1326 audit(1737244061.633:55630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.638737][   T29] audit: type=1326 audit(1737244061.633:55631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.662271][   T29] audit: type=1326 audit(1737244061.633:55632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.685953][   T29] audit: type=1326 audit(1737244061.633:55633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.709503][   T29] audit: type=1326 audit(1737244061.633:55634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26858 comm="syz.4.7799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d5245d29 code=0x7ffc0000
[  452.750656][T26862] 9pnet_fd: Insufficient options for proto=fd
[  452.790309][T26864] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  452.913511][T26878] loop6: detected capacity change from 0 to 512
[  452.925803][T26876] loop4: detected capacity change from 0 to 512
[  452.971526][T26878] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  452.985471][T26876] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  453.001851][T26878] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  453.009941][T26876] System zones: 0-2, 18-18, 34-34
[  453.079061][T26876] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.7803: bg 0: block 248: padding at end of block bitmap is not set
[  453.112596][T26876] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.7803: Failed to acquire dquot type 1
[  453.139688][T26876] EXT4-fs (loop4): 1 truncate cleaned up
[  453.146068][T26876] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  453.158631][T26876] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  453.185703][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.199234][  T175] EXT4-fs error (device loop4): ext4_release_dquot:6961: comm kworker/u8:5: Failed to release dquot type 1
[  453.221181][T22202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.252807][T26872] loop7: detected capacity change from 0 to 128
[  453.332279][T26872] bio_check_eod: 1310 callbacks suppressed
[  453.332298][T26872] syz.7.7805: attempt to access beyond end of device
[  453.332298][T26872] loop7: rw=2049, sector=145, nr_sectors = 896 limit=128
[  453.429808][T26872] syz.7.7805: attempt to access beyond end of device
[  453.429808][T26872] loop7: rw=524288, sector=145, nr_sectors = 224 limit=128
[  453.458803][T26905] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  453.499166][T26872] syz.7.7805: attempt to access beyond end of device
[  453.499166][T26872] loop7: rw=0, sector=145, nr_sectors = 8 limit=128
[  453.563750][T26909] s
z1: rxe_newlink: already configured on lo
[  453.570871][T26872] syz.7.7805: attempt to access beyond end of device
[  453.570871][T26872] loop7: rw=0, sector=145, nr_sectors = 8 limit=128
[  453.666138][T26872] syz.7.7805: attempt to access beyond end of device
[  453.666138][T26872] loop7: rw=0, sector=145, nr_sectors = 8 limit=128
[  453.701447][T26911] loop6: detected capacity change from 0 to 512
[  453.799525][T26911] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  453.881673][T26911] ext4 filesystem being mounted at /292/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  453.954939][T26911] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.7816: Failed to acquire dquot type 0
[  453.989322][T26918] Cannot find add_set index 0 as target
[  454.010974][T22202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  454.032082][T26920] loop7: detected capacity change from 0 to 256
[  454.166205][T26931] loop4: detected capacity change from 0 to 512
[  454.196658][T26931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  454.209353][T26931] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  454.223305][T26931] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  454.244128][T26931] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  454.256557][T26931] EXT4-fs (loop4): This should not happen!! Data will be lost
[  454.256557][T26931] 
[  454.266439][T26931] EXT4-fs (loop4): Total free blocks count 0
[  454.272629][T26931] EXT4-fs (loop4): Free/Dirty block details
[  454.278754][T26931] EXT4-fs (loop4): free_blocks=65280
[  454.284088][T26931] EXT4-fs (loop4): dirty_blocks=1
[  454.289275][T26931] EXT4-fs (loop4): Block reservation details
[  454.295278][T26931] EXT4-fs (loop4): i_reserved_data_blocks=1
[  454.303180][T26937] ref_ctr increment failed for inode: 0xbac offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff8881310679c0
[  454.320708][T26936] uprobe: syz.0.7826:26936 failed to unregister, leaking uprobe
[  454.329484][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  454.424515][T26946] Cannot find add_set index 0 as target
[  454.635174][T26944] loop4: detected capacity change from 0 to 128
[  454.660263][T26955] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  454.666627][T26944] syz.4.7829: attempt to access beyond end of device
[  454.666627][T26944] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  454.667790][T26955] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  454.689277][T26944] syz.4.7829: attempt to access beyond end of device
[  454.689277][T26944] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128
[  454.704811][T26944] syz.4.7829: attempt to access beyond end of device
[  454.704811][T26944] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  454.718694][T26944] syz.4.7829: attempt to access beyond end of device
[  454.718694][T26944] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  454.735246][T26944] syz.4.7829: attempt to access beyond end of device
[  454.735246][T26944] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  455.271654][T26967] loop5: detected capacity change from 0 to 128
[  455.358097][T26982] rdma_rxe: rxe_newlink: failed to add lo
[  455.364738][T26982] siw: device registration error -23
[  455.604324][T26986] loop4: detected capacity change from 0 to 256
[  455.831738][T26991] 9pnet_fd: Insufficient options for proto=fd
[  456.020927][T26994] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7847'.
[  456.189590][T27008] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  456.250968][T27017] 9pnet_fd: Insufficient options for proto=fd
[  456.261465][T27019] Cannot find add_set index 0 as target
[  456.317504][T27023] Cannot find add_set index 0 as target
[  456.854439][T27043] s
z1: rxe_newlink: already configured on lo
[  456.899807][T27047] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  456.916147][T27049] 9pnet_fd: Insufficient options for proto=fd
[  457.109997][T27069] ref_ctr increment failed for inode: 0x2aa offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888100054540
[  457.133540][T27069] loop7: detected capacity change from 0 to 512
[  457.141307][T27069] EXT4-fs: Ignoring removed i_version option
[  457.147406][T27069] EXT4-fs: Ignoring removed mblk_io_submit option
[  457.154945][T27073] 9pnet_fd: Insufficient options for proto=fd
[  457.155112][T27069] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  457.176196][T27069] EXT4-fs (loop7): 1 truncate cleaned up
[  457.187458][T27069] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  457.206988][T27068] uprobe: syz.7.7879:27068 failed to unregister, leaking uprobe
[  457.294932][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.305766][T27082] loop5: detected capacity change from 0 to 512
[  457.332365][T27082] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.361301][T27082] ext4 filesystem being mounted at /396/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  457.393013][T27082] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  457.452067][T27082] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  457.464518][T27082] EXT4-fs (loop5): This should not happen!! Data will be lost
[  457.464518][T27082] 
[  457.474253][T27082] EXT4-fs (loop5): Total free blocks count 0
[  457.480379][T27082] EXT4-fs (loop5): Free/Dirty block details
[  457.486306][T27082] EXT4-fs (loop5): free_blocks=65280
[  457.491785][T27082] EXT4-fs (loop5): dirty_blocks=1
[  457.497031][T27082] EXT4-fs (loop5): Block reservation details
[  457.503053][T27082] EXT4-fs (loop5): i_reserved_data_blocks=1
[  457.676889][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.912552][T27112] ref_ctr increment failed for inode: 0x57f offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888100055a40
[  457.969724][T27112] loop4: detected capacity change from 0 to 512
[  457.976582][T27112] EXT4-fs: Ignoring removed i_version option
[  457.982691][T27112] EXT4-fs: Ignoring removed mblk_io_submit option
[  457.990640][T27086] loop7: detected capacity change from 0 to 128
[  458.025084][T27112] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  458.081408][T27112] EXT4-fs (loop4): 1 truncate cleaned up
[  458.087407][T27112] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  458.179052][T27111] uprobe: syz.4.7895:27111 failed to unregister, leaking uprobe
[  458.341382][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  458.449694][T27124] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  458.564264][T27121] loop5: detected capacity change from 0 to 128
[  458.589213][    C0] bridge0: received packet on gretap1 with own address as source address (addr:e6:5d:32:8e:16:80, vlan:0)
[  458.635275][T27122] bio_check_eod: 17048 callbacks suppressed
[  458.635308][T27122] syz.5.7898: attempt to access beyond end of device
[  458.635308][T27122] loop5: rw=2049, sector=145, nr_sectors = 872 limit=128
[  458.673240][T27121] syz.5.7898: attempt to access beyond end of device
[  458.673240][T27121] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[  458.693735][T27121] syz.5.7898: attempt to access beyond end of device
[  458.693735][T27121] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  458.717604][T27121] syz.5.7898: attempt to access beyond end of device
[  458.717604][T27121] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  458.741521][T27144] 9pnet_fd: Insufficient options for proto=fd
[  458.771650][T27121] syz.5.7898: attempt to access beyond end of device
[  458.771650][T27121] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  458.813461][T27147] 9pnet: Could not find request transport: 0xffffffffffffffff
[  458.842756][T27121] syz.5.7898: attempt to access beyond end of device
[  458.842756][T27121] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  458.844303][   T29] kauditd_printk_skb: 199 callbacks suppressed
[  458.844319][   T29] audit: type=1326 audit(1737244068.043:55829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  458.886065][T27121] syz.5.7898: attempt to access beyond end of device
[  458.886065][T27121] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  458.926823][   T29] audit: type=1326 audit(1737244068.083:55830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  458.950550][   T29] audit: type=1326 audit(1737244068.083:55831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  458.974200][   T29] audit: type=1326 audit(1737244068.083:55832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  458.997914][   T29] audit: type=1326 audit(1737244068.083:55833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  459.021648][   T29] audit: type=1326 audit(1737244068.083:55834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  459.045208][   T29] audit: type=1326 audit(1737244068.083:55835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  459.054473][T27158] loop4: detected capacity change from 0 to 512
[  459.068823][   T29] audit: type=1326 audit(1737244068.083:55836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  459.098593][   T29] audit: type=1326 audit(1737244068.083:55837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  459.122225][   T29] audit: type=1326 audit(1737244068.083:55838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27151 comm="syz.0.7909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32cd6f5d29 code=0x7ffc0000
[  459.152296][T27158] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.174404][T27158] ext4 filesystem being mounted at /261/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  459.187923][T27158] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.7913: Failed to acquire dquot type 0
[  459.288055][T27166] loop5: detected capacity change from 0 to 512
[  459.327782][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.337162][T27166] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  459.389875][T27166] System zones: 0-2, 18-18, 34-34
[  459.418788][T27180] loop7: detected capacity change from 0 to 512
[  459.427810][T27166] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.7918: bg 0: block 248: padding at end of block bitmap is not set
[  459.465093][T27180] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.483070][T27166] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.7918: Failed to acquire dquot type 1
[  459.495163][T27180] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  459.508019][T27180] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.7923: Failed to acquire dquot type 0
[  459.529032][T27166] EXT4-fs (loop5): 1 truncate cleaned up
[  459.537567][T27166] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.558457][T27166] ext4 filesystem being mounted at /403/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  459.586724][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.643845][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.659124][   T36] EXT4-fs error (device loop5): ext4_release_dquot:6961: comm kworker/u8:2: Failed to release dquot type 1
[  459.896137][T27224] loop7: detected capacity change from 0 to 512
[  459.896859][T27220] loop5: detected capacity change from 0 to 512
[  459.915004][T27222] Cannot find add_set index 0 as target
[  459.941339][T27224] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  459.949541][T27224] System zones: 0-2, 18-18, 34-34
[  459.949720][T27220] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.968015][T27224] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.7942: bg 0: block 248: padding at end of block bitmap is not set
[  459.984985][T27233] loop6: detected capacity change from 0 to 512
[  459.990269][T27224] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.7942: Failed to acquire dquot type 1
[  459.991872][T27220] ext4 filesystem being mounted at /405/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  460.018758][T27224] EXT4-fs (loop7): 1 truncate cleaned up
[  460.035603][T27224] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  460.050609][T27220] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.7940: Failed to acquire dquot type 0
[  460.051681][T27224] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  460.076457][T27233] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  460.090515][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.099046][T27233] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  460.111847][ T7451] EXT4-fs error (device loop7): ext4_release_dquot:6961: comm kworker/u8:9: Failed to release dquot type 1
[  460.124267][T27233] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, 
[  460.124364][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.141737][T27233] block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  460.150463][T27233] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  460.162898][T27233] EXT4-fs (loop6): This should not happen!! Data will be lost
[  460.162898][T27233] 
[  460.172605][T27233] EXT4-fs (loop6): Total free blocks count 0
[  460.178714][T27233] EXT4-fs (loop6): Free/Dirty block details
[  460.184788][T27233] EXT4-fs (loop6): free_blocks=65280
[  460.190180][T27233] EXT4-fs (loop6): dirty_blocks=1
[  460.195281][T27233] EXT4-fs (loop6): Block reservation details
[  460.201332][T27233] EXT4-fs (loop6): i_reserved_data_blocks=1
[  460.222744][T22202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.340101][T27255] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  460.347954][T27255] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  460.538143][T27250] loop6: detected capacity change from 0 to 128
[  460.576964][T27250] syz.6.7948: attempt to access beyond end of device
[  460.576964][T27250] loop6: rw=2049, sector=145, nr_sectors = 896 limit=128
[  460.598150][T27250] syz.6.7948: attempt to access beyond end of device
[  460.598150][T27250] loop6: rw=524288, sector=145, nr_sectors = 224 limit=128
[  460.612481][T27250] syz.6.7948: attempt to access beyond end of device
[  460.612481][T27250] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  460.746494][T27267] loop7: detected capacity change from 0 to 512
[  460.780697][T27267] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  460.801898][T27267] System zones: 0-2, 18-18, 34-34
[  460.816023][T27267] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.7957: bg 0: block 248: padding at end of block bitmap is not set
[  460.837662][T27267] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.7957: Failed to acquire dquot type 1
[  460.850864][T27267] EXT4-fs (loop7): 1 truncate cleaned up
[  460.856975][T27267] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  460.870878][T27267] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  460.896429][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.905628][ T7451] EXT4-fs error (device loop7): ext4_release_dquot:6961: comm kworker/u8:9: Failed to release dquot type 1
[  461.137459][T27276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7960'.
[  461.542970][T27307] siw: device registration error -23
[  461.710636][T27313] loop4: detected capacity change from 0 to 128
[  461.993964][T27326] Cannot find add_set index 0 as target
[  462.258076][T27340] ref_ctr increment failed for inode: 0x617 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888100055f80
[  462.281399][T27342] Cannot find add_set index 0 as target
[  462.312279][T27346] loop4: detected capacity change from 0 to 512
[  462.330945][T27314] loop7: detected capacity change from 0 to 128
[  462.337537][T27346] EXT4-fs: Ignoring removed i_version option
[  462.343649][T27346] EXT4-fs: Ignoring removed mblk_io_submit option
[  462.355982][T27346] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  462.368605][T27346] EXT4-fs (loop4): 1 truncate cleaned up
[  462.379655][T27346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  462.404558][T27339] uprobe: syz.4.7987:27339 failed to unregister, leaking uprobe
[  462.565845][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  462.622488][T27359] loop7: detected capacity change from 0 to 512
[  462.678898][T27359] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  462.696614][T27359] System zones: 0-2, 18-18, 34-34
[  462.703053][T27359] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.7991: bg 0: block 248: padding at end of block bitmap is not set
[  462.718382][T27359] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.7991: Failed to acquire dquot type 1
[  462.731002][T27359] EXT4-fs (loop7): 1 truncate cleaned up
[  462.737053][T27359] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  462.751091][T27359] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  462.821586][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  462.839444][  T383] EXT4-fs error (device loop7): ext4_release_dquot:6961: comm kworker/u8:6: Failed to release dquot type 1
[  463.036769][T27379] loop4: detected capacity change from 0 to 512
[  463.091105][T27379] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  463.114230][T27379] ext4 filesystem being mounted at /285/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  463.263875][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.348624][T27398] ref_ctr increment failed for inode: 0x8df offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888131064fc0
[  463.365255][T27398] loop5: detected capacity change from 0 to 512
[  463.373266][T27398] EXT4-fs: Ignoring removed i_version option
[  463.379321][T27398] EXT4-fs: Ignoring removed mblk_io_submit option
[  463.391860][T27398] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  463.413227][T27398] EXT4-fs (loop5): 1 truncate cleaned up
[  463.419242][T27398] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  463.435505][T27397] uprobe: syz.5.8007:27397 failed to unregister, leaking uprobe
[  463.687147][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.735372][T27429] loop5: detected capacity change from 0 to 512
[  463.757842][T27429] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  463.770614][T27429] ext4 filesystem being mounted at /417/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  463.781795][T27433] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  463.789651][T27433] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  463.829752][T27439] rdma_rxe: rxe_newlink: failed to add lo
[  463.836280][T27439] siw: device registration error -23
[  463.860579][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.926512][   T29] kauditd_printk_skb: 199 callbacks suppressed
[  463.926527][   T29] audit: type=1326 audit(1737244073.123:56020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  463.956396][   T29] audit: type=1326 audit(1737244073.123:56021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  463.979999][   T29] audit: type=1326 audit(1737244073.123:56022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  464.003588][   T29] audit: type=1326 audit(1737244073.123:56023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  464.027365][   T29] audit: type=1326 audit(1737244073.123:56024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  464.051046][   T29] audit: type=1326 audit(1737244073.123:56025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  464.074610][   T29] audit: type=1326 audit(1737244073.123:56026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  464.098235][   T29] audit: type=1326 audit(1737244073.123:56027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  464.122051][   T29] audit: type=1326 audit(1737244073.123:56028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  464.145635][   T29] audit: type=1326 audit(1737244073.123:56029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27446 comm="syz.7.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  464.172984][T27453] Cannot find del_set index 1 as target
[  464.242155][T27458] loop5: detected capacity change from 0 to 512
[  464.287329][T27458] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  464.339102][T27458] ext4 filesystem being mounted at /420/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  464.358721][T27458] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.8029: Failed to acquire dquot type 0
[  464.482080][T27472] loop7: detected capacity change from 0 to 256
[  464.533910][ T3390] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.594014][T27442] lo speed is unknown, defaulting to 1000
[  464.594286][T21510] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  464.612288][ T3390] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.644157][T27477] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  464.662416][T27442] lo speed is unknown, defaulting to 1000
[  464.668277][T27477] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  464.690695][ T3390] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.743378][ T3390] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.829988][T27442] chnl_net:caif_netlink_parms(): no params data found
[  464.867984][ T3390] bridge_slave_1: left allmulticast mode
[  464.873728][ T3390] bridge_slave_1: left promiscuous mode
[  464.879496][ T3390] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.042680][ T3390] bridge_slave_0: left allmulticast mode
[  465.048482][ T3390] bridge_slave_0: left promiscuous mode
[  465.054222][ T3390] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.735444][T27502] rdma_rxe: rxe_newlink: failed to add lo
[  465.743705][T27502] siw: device registration error -23
[  465.751794][T27499] s
z1: rxe_newlink: already configured on lo
[  466.143075][ T3390] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  466.169863][T27505] delete_channel: no stack
[  466.178715][ T3390] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  466.222640][ T3390] bond0 (unregistering): Released all slaves
[  466.234973][T27508] loop6: detected capacity change from 0 to 256
[  466.235694][T27483] loop5: detected capacity change from 0 to 128
[  466.253024][T27510] loop4: detected capacity change from 0 to 512
[  466.283523][T27510] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  466.313430][T27510] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.8047: Failed to acquire dquot type 0
[  466.457465][T27529] 9pnet: Could not find request transport: fd0x0000000000000004
[  466.477988][T27442] bridge0: port 1(bridge_slave_0) entered blocking state
[  466.485169][T27442] bridge0: port 1(bridge_slave_0) entered disabled state
[  466.558117][T27442] bridge_slave_0: entered allmulticast mode
[  466.566698][T27483] bio_check_eod: 14653 callbacks suppressed
[  466.566716][T27483] syz.5.8038: attempt to access beyond end of device
[  466.566716][T27483] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  466.599920][T27442] bridge_slave_0: entered promiscuous mode
[  466.614321][T27442] bridge0: port 2(bridge_slave_1) entered blocking state
[  466.621501][T27442] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.671356][T27442] bridge_slave_1: entered allmulticast mode
[  466.699429][T27483] syz.5.8038: attempt to access beyond end of device
[  466.699429][T27483] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[  466.713845][T27551] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8055'.
[  466.719624][T27442] bridge_slave_1: entered promiscuous mode
[  466.769070][T27483] syz.5.8038: attempt to access beyond end of device
[  466.769070][T27483] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  466.786094][T27483] syz.5.8038: attempt to access beyond end of device
[  466.786094][T27483] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  466.807279][ T3390] hsr_slave_0: left promiscuous mode
[  466.812979][ T3390] hsr_slave_1: left promiscuous mode
[  466.820707][ T3390] veth1_macvtap: left promiscuous mode
[  466.826292][ T3390] veth0_macvtap: left promiscuous mode
[  466.831841][ T3390] veth1_vlan: left promiscuous mode
[  466.837136][ T3390] veth0_vlan: left promiscuous mode
[  466.990840][T27559] loop5: detected capacity change from 0 to 512
[  467.016231][ T3390] team0 (unregistering): Port device team_slave_1 removed
[  467.034489][ T3390] team0 (unregistering): Port device team_slave_0 removed
[  467.043891][T27559] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  467.058608][T27559] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  467.075477][T27559] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  467.087916][T27559] EXT4-fs (loop5): This should not happen!! Data will be lost
[  467.087916][T27559] 
[  467.097711][T27559] EXT4-fs (loop5): Total free blocks count 0
[  467.103743][T27559] EXT4-fs (loop5): Free/Dirty block details
[  467.109743][T27559] EXT4-fs (loop5): free_blocks=65280
[  467.115138][T27559] EXT4-fs (loop5): dirty_blocks=1
[  467.120275][T27559] EXT4-fs (loop5): Block reservation details
[  467.126326][T27559] EXT4-fs (loop5): i_reserved_data_blocks=1
[  467.145556][T27442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  467.160339][T27442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  467.195319][T27442] team0: Port device team_slave_0 added
[  467.207128][T27442] team0: Port device team_slave_1 added
[  467.286480][T27442] batman_adv: batadv0: Adding interface: batadv_slave_0
[  467.293640][T27442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  467.319666][T27442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  467.418062][T27442] batman_adv: batadv0: Adding interface: batadv_slave_1
[  467.425089][T27442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  467.451054][T27442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  467.575289][T27442] hsr_slave_0: entered promiscuous mode
[  467.582517][T27442] hsr_slave_1: entered promiscuous mode
[  467.591421][T27442] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  467.614161][T27442] Cannot create hsr debugfs directory
[  467.744534][T27594] 9pnet_fd: Insufficient options for proto=fd
[  468.034747][T27442] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  468.045207][T27442] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  468.055548][T27442] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  468.066570][T27442] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  468.149863][T27620] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  468.152501][T27622] loop6: detected capacity change from 0 to 512
[  468.172447][T27442] 8021q: adding VLAN 0 to HW filter on device bond0
[  468.212475][T27442] 8021q: adding VLAN 0 to HW filter on device team0
[  468.221979][T27622] ext4 filesystem being mounted at /342/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  468.235267][  T175] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.242377][  T175] bridge0: port 1(bridge_slave_0) entered forwarding state
[  468.255672][T27622] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.8066: Failed to acquire dquot type 0
[  468.292642][ T7451] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.299750][ T7451] bridge0: port 2(bridge_slave_1) entered forwarding state
[  468.385836][T27442] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  468.422499][T27642] ref_ctr increment failed for inode: 0x75a offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888104408a80
[  468.471170][T27642] loop6: detected capacity change from 0 to 512
[  468.476430][T27645] loop4: detected capacity change from 0 to 256
[  468.498345][T27642] EXT4-fs: Ignoring removed i_version option
[  468.504460][T27642] EXT4-fs: Ignoring removed mblk_io_submit option
[  468.519853][T27442] 8021q: adding VLAN 0 to HW filter on device batadv0
[  468.527061][T27642] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  468.556730][T27642] EXT4-fs (loop6): 1 truncate cleaned up
[  468.591875][T27641] uprobe: syz.6.8069:27641 failed to unregister, leaking uprobe
[  468.610962][T27664] 9pnet_fd: Insufficient options for proto=fd
[  468.647145][T27442] veth0_vlan: entered promiscuous mode
[  468.681362][T27442] veth1_vlan: entered promiscuous mode
[  468.729929][T27442] veth0_macvtap: entered promiscuous mode
[  468.745022][T27442] veth1_macvtap: entered promiscuous mode
[  468.759647][T27682] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  468.768320][T27442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.778828][T27442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.788790][T27442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.799317][T27442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.809177][T27442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.819781][T27442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.890334][T27442] batman_adv: batadv0: Interface activated: batadv_slave_0
[  468.922554][T27442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  468.933166][T27442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.943140][T27442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  468.953691][T27442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.963578][T27442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  468.974416][T27442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.996497][T27442] batman_adv: batadv0: Interface activated: batadv_slave_1
[  469.015159][T27442] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  469.023963][T27442] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  469.032745][T27442] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  469.041632][T27442] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  469.084766][T27699] loop5: detected capacity change from 0 to 2048
[  469.138506][T27699] Alternate GPT is invalid, using primary GPT.
[  469.145044][T27699]  loop5: p2 p3 p7
[  469.287559][T27724] 9pnet_fd: Insufficient options for proto=fd
[  469.358341][T27729] loop7: detected capacity change from 0 to 512
[  469.394115][T27729] EXT4-fs mount: 8 callbacks suppressed
[  469.394130][T27729] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  469.431482][T27729] ext4 filesystem being mounted at /167/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  469.442858][T27729] __quota_error: 158 callbacks suppressed
[  469.442886][T27729] Quota error (device loop7): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  469.459024][T27729] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[  469.468412][T27729] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.8085: Failed to acquire dquot type 0
[  469.481035][T27736] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  469.535316][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.659697][   T29] audit: type=1326 audit(1737244078.853:56182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27743 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  469.665155][T27744] loop7: detected capacity change from 0 to 256
[  469.683108][   T29] audit: type=1326 audit(1737244078.863:56183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27743 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  469.712330][   T29] audit: type=1326 audit(1737244078.863:56184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27743 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  469.735408][   T29] audit: type=1326 audit(1737244078.863:56185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27743 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f8104575d29 code=0x7ffc0000
[  469.758570][   T29] audit: type=1326 audit(1737244078.863:56186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27743 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f8104575d63 code=0x7ffc0000
[  469.781574][   T29] audit: type=1326 audit(1737244078.863:56187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27743 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f81045747df code=0x7ffc0000
[  469.805172][   T29] audit: type=1326 audit(1737244078.863:56188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27743 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f8104575db7 code=0x7ffc0000
[  469.828196][   T29] audit: type=1326 audit(1737244078.863:56189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27743 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8104574690 code=0x7ffc0000
[  470.043376][T27765] loop4: detected capacity change from 0 to 512
[  470.064294][T27765] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  470.083693][T27765] ext4 filesystem being mounted at /305/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  470.094815][T27767] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  470.104531][T27767] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  470.117193][T27765] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.8098: Failed to acquire dquot type 0
[  470.144678][T27778] FAULT_INJECTION: forcing a failure.
[  470.144678][T27778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  470.157936][T27778] CPU: 0 UID: 0 PID: 27778 Comm: syz.5.8104 Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0
[  470.168794][T27778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  470.178942][T27778] Call Trace:
[  470.182230][T27778]  <TASK>
[  470.185165][T27778]  dump_stack_lvl+0xf2/0x150
[  470.189855][T27778]  dump_stack+0x15/0x1a
[  470.194097][T27778]  should_fail_ex+0x223/0x230
[  470.198778][T27778]  should_fail+0xb/0x10
[  470.202948][T27778]  should_fail_usercopy+0x1a/0x20
[  470.208052][T27778]  _copy_from_user+0x1e/0xb0
[  470.212669][T27778]  move_addr_to_kernel+0x82/0x120
[  470.217738][T27778]  __sys_bind+0x9e/0x190
[  470.222000][T27778]  __x64_sys_bind+0x41/0x50
[  470.226532][T27778]  x64_sys_call+0x20ab/0x2dc0
[  470.231212][T27778]  do_syscall_64+0xc9/0x1c0
[  470.235863][T27778]  ? clear_bhb_loop+0x55/0xb0
[  470.240577][T27778]  ? clear_bhb_loop+0x55/0xb0
[  470.245254][T27778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.251204][T27778] RIP: 0033:0x7fd7d5915d29
[  470.255679][T27778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.275319][T27778] RSP: 002b:00007fd7d3f87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  470.283791][T27778] RAX: ffffffffffffffda RBX: 00007fd7d5b05fa0 RCX: 00007fd7d5915d29
[  470.291761][T27778] RDX: 0000000000000010 RSI: 0000000020000840 RDI: 0000000000000004
[  470.299738][T27778] RBP: 00007fd7d3f87090 R08: 0000000000000000 R09: 0000000000000000
[  470.307753][T27778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  470.315733][T27778] R13: 0000000000000000 R14: 00007fd7d5b05fa0 R15: 00007fffbb222328
[  470.323839][T27778]  </TASK>
[  470.358662][T22674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  470.436377][T27789] ref_ctr increment failed for inode: 0x3d0 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888131064540
[  470.453916][T27789] loop7: detected capacity change from 0 to 512
[  470.460721][T27789] EXT4-fs: Ignoring removed i_version option
[  470.466862][T27789] EXT4-fs: Ignoring removed mblk_io_submit option
[  470.474568][T27789] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  470.487903][T27789] EXT4-fs (loop7): 1 truncate cleaned up
[  470.494420][T27789] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  470.532057][T27788] uprobe: syz.7.8109:27788 failed to unregister, leaking uprobe
[  470.677537][T27794] s
z1: rxe_newlink: already configured on lo
[  470.800907][T25305] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  471.119055][T27810] 9pnet_fd: Insufficient options for proto=fd
[  471.129719][T27807] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  471.143948][T27807] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[  471.197268][T27817] FAULT_INJECTION: forcing a failure.
[  471.197268][T27817] name failslab, interval 1, probability 0, space 0, times 0
[  471.210026][T27817] CPU: 0 UID: 0 PID: 27817 Comm: syz.6.8118 Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0
[  471.220922][T27817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  471.230995][T27817] Call Trace:
[  471.234305][T27817]  <TASK>
[  471.237257][T27817]  dump_stack_lvl+0xf2/0x150
[  471.241944][T27817]  dump_stack+0x15/0x1a
[  471.246250][T27817]  should_fail_ex+0x223/0x230
[  471.246447][T27820] lo speed is unknown, defaulting to 1000
[  471.250943][T27817]  should_failslab+0x8f/0xb0
[  471.250982][T27817]  kmem_cache_alloc_noprof+0x52/0x320
[  471.251004][T27817]  ? audit_log_start+0x34c/0x6b0
[  471.260875][T27821] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8119'.
[  471.261305][T27817]  audit_log_start+0x34c/0x6b0
[  471.266694][T27821] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8119'.
[  471.271584][T27817]  audit_seccomp+0x4b/0x130
[  471.271614][T27817]  __seccomp_filter+0x6fa/0x1180
[  471.271706][T27817]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  471.271735][T27817]  ? vfs_write+0x596/0x920
[  471.271760][T27817]  ? putname+0xcf/0xf0
[  471.309225][T27821] geneve2: entered allmulticast mode
[  471.309494][T27817]  __secure_computing+0x9f/0x1c0
[  471.309534][T27817]  syscall_trace_enter+0xd1/0x1f0
[  471.324842][T27820] lo speed is unknown, defaulting to 1000
[  471.328255][T27817]  ? fpregs_assert_state_consistent+0x83/0xa0
[  471.345327][T27817]  do_syscall_64+0xaa/0x1c0
[  471.349874][T27817]  ? clear_bhb_loop+0x55/0xb0
[  471.354584][T27817]  ? clear_bhb_loop+0x55/0xb0
[  471.359423][T27817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  471.365349][T27817] RIP: 0033:0x7f63a7f05d29
[  471.369778][T27817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  471.389527][T27817] RSP: 002b:00007f63a6571038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  471.397955][T27817] RAX: ffffffffffffffda RBX: 00007f63a80f5fa0 RCX: 00007f63a7f05d29
[  471.405942][T27817] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff
[  471.413923][T27817] RBP: 00007f63a6571090 R08: 0000000000000000 R09: 0000000000000000
[  471.421903][T27817] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001
[  471.429887][T27817] R13: 0000000000000000 R14: 00007f63a80f5fa0 R15: 00007fffd5b7d6e8
[  471.438088][T27817]  </TASK>
[  471.480768][T27823] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=27823 comm=syz.0.8120
[  471.639422][T27838] vhci_hcd: default hub control req: d300 v0000 i0004 l1
[  471.688367][T27839] loop4: detected capacity change from 0 to 2048
[  471.775178][T27839] Alternate GPT is invalid, using primary GPT.
[  471.781883][T27839]  loop4: p2 p3 p7
[  471.807482][ T5183] ==================================================================
[  471.815619][ T5183] BUG: KCSAN: data-race in generic_fillattr / touch_atime
[  471.822759][ T5183] 
[  471.825098][ T5183] read to 0xffff888111acb540 of 4 bytes by task 4168 on cpu 1:
[  471.832692][ T5183]  generic_fillattr+0x16f/0x330
[  471.837573][ T5183]  shmem_getattr+0x17b/0x200
[  471.842186][ T5183]  vfs_fstat+0x19d/0x200
[  471.846450][ T5183]  __se_sys_newfstatat+0xb5/0x300
[  471.851519][ T5183]  __x64_sys_newfstatat+0x55/0x70
[  471.856554][ T5183]  x64_sys_call+0x236d/0x2dc0
[  471.861231][ T5183]  do_syscall_64+0xc9/0x1c0
[  471.865757][ T5183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  471.871667][ T5183] 
[  471.873988][ T5183] write to 0xffff888111acb540 of 4 bytes by task 5183 on cpu 0:
[  471.881625][ T5183]  touch_atime+0x1f3/0x350
[  471.886040][ T5183]  shmem_file_read_iter+0x46a/0x540
[  471.891241][ T5183]  vfs_read+0x5dc/0x700
[  471.895406][ T5183]  ksys_read+0xe8/0x1b0
[  471.899584][ T5183]  __x64_sys_read+0x42/0x50
[  471.904107][ T5183]  x64_sys_call+0x2874/0x2dc0
[  471.908812][ T5183]  do_syscall_64+0xc9/0x1c0
[  471.913317][ T5183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  471.919208][ T5183] 
[  471.921527][ T5183] value changed: 0x00e54dcf -> 0x0108ca2c
[  471.927235][ T5183] 
[  471.929554][ T5183] Reported by Kernel Concurrency Sanitizer on:
[  471.936474][ T5183] CPU: 0 UID: 0 PID: 5183 Comm: udevd Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0
[  471.946710][ T5183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  471.956762][ T5183] ==================================================================
[  471.966061][T27843] rdma_rxe: rxe_newlink: failed to add lo
[  471.972435][T27843] siw: device registration error -23
[  471.992617][ T4168] udevd[4168]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  472.000555][ T3663] udevd[3663]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  472.006085][ T5183] udevd[5183]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory