last executing test programs:

2.375031082s ago: executing program 0 (id=637):
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="7cd1", 0x2}], 0x1, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)

1.575485244s ago: executing program 3 (id=659):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000040000000800000001", @ANYRES32=0x0, @ANYRESHEX=0x0, @ANYRES16, @ANYRES64], 0x48)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3477, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7535}}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
r5 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x24, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x702}]}, @CTA_TUPLE_ORIG={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040041}, 0x24008854)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_NON_HH_WEIGHT={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80884}, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x5}, 0x18)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0x0)
socket$packet(0x11, 0x3, 0x300)
r9 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r10}, 0x20)
r11 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r11, &(0x7f0000000040)=ANY=[@ANYBLOB="8cff7cf90000696e7578"], 0x10)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r12}, &(0x7f0000000180), &(0x7f00000001c0)=r9}, 0x20)

1.515574855s ago: executing program 0 (id=662):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000010640)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000580)=ANY=[@ANYBLOB="2c0000002d00010000000000000000001400000020010000000000b9"], 0x2c}], 0x1}, 0x0)

1.515329645s ago: executing program 2 (id=663):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000880)={'netdevsim0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x25, 0x10000, 0x0, 0x99d, 0x94, 0xf, 0xe8, 0x3, 0x5, 0x1, 0x7e, 0xffff9d77, 0x7, 0x6d, 0x6, 0x9, [0x3e5, 0xbf]}})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', r3}, 0x18)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r5, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r5}]}}}]}, 0x3c}}, 0x4000010)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f000009f580), r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r7, 0x303, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x1c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_GET_VLAN(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r7, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6f}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r9}]}, 0x34}, 0x1, 0x0, 0x0, 0x40a1}, 0x40040)
recvmsg$unix(r1, &(0x7f0000000340)={&(0x7f00000003c0)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000440)=""/140, 0x8c}, {&(0x7f0000000500)=""/99, 0x63}, {&(0x7f00000005c0)=""/201, 0xc9}], 0x3, &(0x7f00000006c0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}, 0x12042)
socket$inet_udplite(0x2, 0x2, 0x88)

1.489040275s ago: executing program 1 (id=664):
socket$inet_sctp(0x2, 0x1, 0x84)
socket(0x2, 0x80805, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x0, &(0x7f0000000380)})
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r2 = inotify_init()
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000580)=@mangle={'mangle\x00', 0x2, 0x6, 0x4f0, 0x350, 0xd0, 0x0, 0x350, 0x1b0, 0x420, 0x420, 0x420, 0x420, 0x420, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [0x0, 0xffffffff], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @inet=@DSCP={0x28}}, {{@ipv6={@private0, @private1, [0xffffffff, 0xff000000, 0xff000000, 0xff], [0xffffffff, 0xff000000, 0xffffff00, 0xff000000], 'vlan0\x00', 'bridge_slave_0\x00', {}, {0xff}, 0x21, 0x80, 0x1, 0x24}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @remote, [0x0, 0xffffffff, 0x0, 0xffffffff], [], '\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x1, 0xa}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x550)
inotify_add_watch(r2, &(0x7f0000000000)='.\x00', 0x400017e)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYRES16=r1, @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd7, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x19, 0x109880})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

1.468537036s ago: executing program 0 (id=665):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r0, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2}, 0x7}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xb, &(0x7f0000000700)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0)

1.419959037s ago: executing program 1 (id=666):
r0 = syz_open_dev$usbfs(0x0, 0x205, 0x2581)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

1.380012297s ago: executing program 3 (id=667):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f0000000240)={[{@delalloc}, {@jqfmt_vfsv0}]}, 0x3, 0x4d5, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxtaZ/61JdCn0uh5E8ohUD7XkppCW2SPvShrYrkq8ZxZVvGP+RYnw8c33PuvdL3HMk60rnncm8AbetcRIxEREdEXIyI3nR9Jk2xspqq+z15fG+8mpKoVG59nkSSrqs/V5IuT6QP646Iv/0l4p/JD+OWlpZnxgqF/EJazpVn53OlpeVL07NjU/mp/NzI0ODV4WvDV4YHdq2t1//0yUv/eePP19/97Z2PRj+78K9qtXrSbWvb0YyVJvdbbXpX7bWo64yIhe0EO8A60vZ0tboiAAA0pfob/8cR8cuIePpqq2sDAAAA7IXKH3ri6ySiAgAAABxamdo5sEkmm54L0BOZTDa7eg7vT+N4plAslX8zWVycm1g9V7YvujKT04X8QHqucF90JdXyYC3/rHx5XXkoIk5FxP96j9XK2fFiYaLVBz8AAACgTZxYN/7/snd1/A8AAAAcMn2trgAAAACw54z/AQAA4PDbcPyfdO5vRQAAAIC98NcbN6qpUr//9cTtpcWZ4u1LE/nSTHZ2cTw7XlyYz04Vi1O1a/bNbvV8hWJx/ncxt3g3V86XyrnS0vLobHFxrjxau6/3aN59ogEAAGD/nfrFgw+TiFj5/bFaqjqSbmtirD6yt7UD9lJme7sne1UPYP91tLoCQMs4wRfal/l4YIuB/f/Xlbd52AAAADgI+n+2o/l/84HwAjOQh/Zl/h/al/l/aF/m/6HNHd16l+6NNrzXxPM7SggAAAdCTy0lmWw6F9gTmUw2G3GydluArmRyupAfiIgfRcQHvV1Hq+XBVlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSFQAAAOBQi8h8mqS36OrvPd+z/vjAkeSr3toyIu68duvlu2Pl8sJgdf0X368vv5Kuv9yKIxgAAADAevVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76cnje+P1tJ9xH/0xIvoaxe+M7tqy++3eiDj+NInONY9LIqJjF+Kv3I+I043iJ9VqRV9ai/XxMxFxrMXxT+xCfGhnD6r9z0ijz18mztWWjT9/nWnaqUfnNur/MvX+r9bPNer/TjYZ48zDt3Ibxr8fcaazcf9Tj5/ssP/9x9+XlzfaVnk9or/h90/yXKxceXY+V1pavjQ9OzaVn8rPDQ0NXh2+NnxleCA3OV3Ip38bxvjvz9/5drP2H98gft8W7T/fZPu/eXj38U82iX/hV43f/9ObxK++9r9Ovweq2/vr+ZXV/Fpn33z/7LpVR9bGn9ig/Vu9/xeabP/Fm//+uMldAYB9UFpanhkrFPILMjI7yNT/nw5KfWTSzM30jdn2w1vXJwEAAHvj2Y/+VtcEAAAAAAAAAAAAAAAAAAAA2tdzF/3qiIjdvgjZ0eevLNDduqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzquwAAAP//e4jN8A==")

1.379555187s ago: executing program 1 (id=668):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x58, &(0x7f0000000dc0)={[{@inode_readahead_blks}, {@grpquota}, {@nomblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@errors_remount}, {@nodiscard}], [{@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@uid_lt}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@smackfsdef={'smackfsdef', 0x3d, 'sys_enter\x00'}}, {@fowner_gt}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==")
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f0000000c40)='./file0\x00', 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x80, 0x2000000}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001a00a565a5280000000000000a0000000011000000000000080010"], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="398b842a33f8510fd4c00000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$packet(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd604dd30800b4371f819a88a1fb1406000000000000000001fe8000"/50, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5010000290780000"], 0x0)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
fstat(r1, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000f80)={{{@in6=@mcast2, @in=@private=0xa010101, 0x4e24, 0x200, 0x4e22, 0x8, 0x2, 0x0, 0xa0, 0x2f, 0x0, r5}, {0x9, 0x4, 0xe, 0x4, 0xff, 0x4, 0x8, 0x1}, {0xfffffffffffffffc, 0x9, 0xbe, 0xc}, 0x3ff, 0x6e6bb6, 0x1, 0x1, 0x0, 0x3}, {{@in6=@empty, 0x4d2, 0xff}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0x35}, 0x3503, 0x0, 0x0, 0x0, 0x101, 0x9, 0x4}}, 0xe8)
sendto$inet(r3, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
shutdown(r3, 0x1)
recvfrom(r3, &(0x7f0000000480)=""/110, 0x28000, 0x734, 0x0, 0xfffffffffffffecb)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000000f40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000f00)={&(0x7f0000001080)=ANY=[@ANYBLOB="5f139f952572a677897b93f9", @ANYRES16=0x0, @ANYBLOB="000129bd7000fedbdf251300000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099006ddb00007f0000000600360005000000f700ac00f5eeb9c38c021630bda4bfb1aa5c7ab7f18d99efe0f0045d75b151f426dfc189ad9476ddf83a295ae3c304ba6e03470837474a2c89c60d141d52d1ac940d4eb82cf3f0a0722673dbbb3c94e28b9831f9e871075e7621f5d5e8b1652872997cbb8598fe352938d17fce4e518d94559d43c4d058aac29fb58f10fb385d34f4fa928af762d5491ff445317e0e7bb0d947d2d6fed317c9c42625f80f9de41ca7ac91c44d6b4be919438cca26c0aa80402811e7d2ad3c50eaeb79ef824b915201ec04105216db2e78c303238cb2f969cebec45b4d6e291d322f6397469ab77d58d39a97ec7d83d485186abe132dc8d5cdcbc56e7e5e00050029000c000000"], 0x130}, 0x1, 0x0, 0x0, 0x24000054}, 0x800)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x5c, &(0x7f0000000d40)=[@in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e20, @loopback}, @in={0x2, 0x4e28, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e20, 0xe97, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x200000}, @in={0x2, 0x4e22, @multicast1}]}, &(0x7f0000000100)=0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b40)={0xffffffffffffffff, 0x58, &(0x7f0000000ac0)}, 0x10)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
r8 = socket$rxrpc(0x21, 0x2, 0xa)
getsockopt(r8, 0x110, 0x7f3b, 0x0, &(0x7f0000000280))
close_range(r7, 0xffffffffffffffff, 0x0)

1.379299107s ago: executing program 0 (id=669):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000001600008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x13, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, [@sadb_spirange={0x2, 0x10, 0x4d3, 0x4d2}, @sadb_lifetime={0x4, 0x2, 0x66, 0x6, 0x2, 0x101}, @sadb_spirange={0x2, 0x10, 0x4d3, 0x4d2}, @sadb_x_nat_t_type={0x1, 0x14, 0x6}, @sadb_x_nat_t_port={0x1, 0x16, 0x4e23}]}, 0x60}}, 0x0)

1.366112998s ago: executing program 2 (id=670):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000ff0100000000000000000000000000010000000e000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000007000000000000000000000000000000000000000000000000000000000000000200000000000500000000000000000000000000f10000000000000000000000000000000000000000000000002000000000e902000000000000000000000000010000000000000011a54d8d20010000000000000000000000010000000000acf4131a00ddffffff00000000000000000000000400000005000000000000000000000100000000000000e70a2cf379a66b44b56993eb2fa0d10228888721000000000000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000bc0)={0x10c, r3, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0xee, 0x2a, [@fast_bss_trans={0x37, 0xe8, {0x6a, 0x9, "f7fa66e827a9c2e761f8193523812368", "3467f474f64c92fdcbf21f6dc786e8fcd69f4a66ba570e3d94f8c75fa5233548", "f428cca48a0a34b663c9f47861b0607839affed8fcb7bd69cfedae3a6c9f2606", [{0x4, 0x24, "2946b4798d47c1afb5d39b5e0b536fe342bf5348ee7ea87ae18032e9a27b9e9f3fb4d9ae"}, {0x2, 0x17, "923f985037975fe300efa2cff39dfbabf123bf08ae1c0f"}, {0x1, 0x3, "f16ead"}, {0x2, 0x3, 'o,\"'}, {0x3, 0xf, "33e86de37a94e405d810b5d1a7c2b1"}, {0x4, 0x13, "2d95c03b4cc5ea79a3876b7fd4c069b3cf0672"}, {0x3, 0x18, "6033bc34a228632b548d505213490e1abe18953d0f8709a0"}, {0x1, 0x7, "6da97b3e4721c7"}, {0x1, 0x2, "e0a8"}]}}]}]}, 0x10c}}, 0x0)
listen(r1, 0x3)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_extract_tcp_res$synack(&(0x7f0000000380), 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r6, 0x402, 0x5)
fcntl$notify(0xffffffffffffffff, 0x402, 0x14)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r7=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r7, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r10, @ANYRESOCT], 0xb4}}, 0x0)

1.316716758s ago: executing program 0 (id=671):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0x1, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000001ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x307440, 0x0)
sendmsg$rds(r1, &(0x7f0000001a80)={&(0x7f0000000300)={0x2, 0x4e20, @private=0xa010100}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000340)=""/63, 0x3f}, {&(0x7f0000000380)=""/171, 0xab}], 0x2, &(0x7f0000001a00)=[@rdma_args={0x48, 0x114, 0x1, {{0x9, 0xc}, {&(0x7f0000000a00)=""/4096, 0x1000}, &(0x7f0000000940)=[{&(0x7f0000002480)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/199, 0xc7}, {&(0x7f0000001b40)=""/102, 0x66}, {&(0x7f0000000840)=""/174, 0xae}, {&(0x7f0000000580)=""/4, 0x4}, {&(0x7f0000000900)=""/43, 0x2b}], 0x6, 0x53}}, @zcopy_cookie={0x18, 0x114, 0xc, 0x2}, @rdma_dest={0x18, 0x114, 0x2, {0x9, 0x10}}], 0x78, 0x8000}, 0x400c044)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_io_uring_setup(0x2f90, &(0x7f0000000180)={0x0, 0xc383, 0x200, 0x40002, 0x200004}, &(0x7f0000000100), &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0003003d030100000000009500ffb1000000006926000000000000bf67000000000000160602000fff52007607000010000000d60600000ee60000bf050000000000001f63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070400000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999f9d60bb39d0af449deaa27ea949e8f9000d885dfea2783835e29eb532ba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f2686ee970d6482a2e7ddbf51c74ccac1c7b21bde7d1af255d6ebff9bff35e3888a0e356d82e43407a6d7fa94b2100204000000000000009ab62d7b07ba0a71a72145edade9941f04000000000000004ea9e4c70ef8b7407740ab3312edee62a4dc2fc85755d387bfa1bc8eb71fbe11b2216cc8d1f0160c237d929b49da28724b95555b74be2f76fb5f330b015a68587a75c01300"/467], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffe1, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = epoll_create(0xaf2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001bc0)={0x11, 0xb, &(0x7f00000007c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x97}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x4}, @exit], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffff4)
epoll_pwait2(r4, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000080)={0xe000200f})
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e23, @private=0xa010101}], 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a02, 0x18c)
sendfile(r6, r6, 0x0, 0xb)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="050500002300fdbcdf2501"], 0x1c}}, 0x10)
sendmsg$FOU_CMD_ADD(r6, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="00042bb7080006008c1414bb9a3596377a6800"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

1.297192239s ago: executing program 2 (id=672):
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="7cd1", 0x2}], 0x1, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)

1.24393231s ago: executing program 3 (id=673):
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x11)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

1.181345771s ago: executing program 3 (id=674):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000280), 0x9)
r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone(0x40400, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x8}}}}}, 0x0)
pipe(&(0x7f0000000000))
syz_emit_ethernet(0x32, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x7, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0xfd, 0x100, @val=0x80}}}}}}}, 0x0)

1.149370002s ago: executing program 1 (id=675):
mkdir(&(0x7f0000000140)='./file1\x00', 0x14e)
r0 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
rmdir(&(0x7f0000000040)='./control\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0600000004000000070000000800000000000000", @ANYRES32, @ANYBLOB="000000150000000000000000000000200000000002a3", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
unshare(0x20040400)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r0, @ANYRES32, @ANYRESOCT, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_getevents(0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1e03800ed3ff71ef28"], 0xffdd)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00'}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b416"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
write$nci(r3, 0x0, 0xfffffeea)

1.101857532s ago: executing program 1 (id=676):
syz_io_uring_setup(0x762f, &(0x7f0000000380)={0x0, 0x114dd, 0x10, 0xfffffffd, 0x320}, &(0x7f00000004c0)=<r0=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
accept4$phonet_pipe(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x2}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x0)
connect$unix(r4, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r5, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
syz_read_part_table(0x5f4, &(0x7f0000000600)="$eJzs3E+IE1ccB/CXoFlWEOvNm8EcIlKIkFslgoY4SMAsoUUPrejNPeSynjzECAbEg9nLiq0XPSjCuuhBTyKCIGLSQyEn2aV76e6y7KEsLIVAWaaETkoP/cN2m0Lh84GE9978fu87wzDHmcD/Wjr8GMdxKoQQT+y8+4v5ypmz2alT9c9DSIWvQgg/5Ge+GR5JJRWjXY8k8+VkXny9p3FnPrrVmdt/6GX252/Tvy7vHf7dCCGs9e5f/LPUvTs/Ucbk6NVjbw8P+gdfVcPD7snuiX2NC1cW8uXWwndTL04/zj4Z3ffCmPKfl94fuNmeiTrXStMfo+ZKtJ7e2ozO3XtQyMy26vmN40ndpTHlN7bPZ54+eldur04WP1RrtblnS3dzzcqb9vV+L7c4uH05qfv+HzxdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8945ePfb28KB/8FU1POye7J7Y17hwZSFfTqVCeHH6cfbJkaSu8Pumr/+9/Oel9wdutmeizrXS9MeouRKtp7c2o3P3HhQys616fuN4Unfpj5rjOG7tMr+xfT7z9NG7cnt1svihWqulny3dzTUrb9rX+73c4uD25fBTapcRAAAAAAAAAAAAAAAAAAAA8LcqZ85mp07V08PxlyGET6c/mx2O44kQwichjF5+H30HYHm4ng6h+HpP4858dKszt//Qy+zkb/vdSH5rvfsX/yp3YnyXxA78EgAA//+zq4gb")
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ_FIXED={0x4, 0x9, 0x2004, @fd_index=0x5, 0x2, 0x5, 0x4aef, 0x0, 0x0, {0x1}})

633.80264ms ago: executing program 4 (id=683):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001040)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffff7, @void, @value}, 0x94)
r2 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r2, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

520.245452ms ago: executing program 4 (id=684):
socket$inet_sctp(0x2, 0x1, 0x84)
socket(0x2, 0x80805, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x0, &(0x7f0000000380)})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x19, 0x109880})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

499.503572ms ago: executing program 4 (id=685):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = dup2(r0, r0)
faccessat2(r1, &(0x7f0000000880)='\x00', 0x1, 0x1100)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x0, 0x0, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x1e, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r3}, 0x18)
r4 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet(0x2, 0x2, 0x400)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r7}, 0x10)
time(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
socket$igmp(0x2, 0x3, 0x2)

453.344652ms ago: executing program 4 (id=686):
mkdir(&(0x7f0000000140)='./file1\x00', 0x14e)
r0 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
rmdir(&(0x7f0000000040)='./control\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0600000004000000070000000800000000000000", @ANYRES32, @ANYBLOB="000000150000000000000000000000200000000002a3", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
unshare(0x20040400)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r0, @ANYRES32, @ANYRESOCT, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_getevents(0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1e03800ed3ff71ef28"], 0xffdd)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00'}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b416"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
write$nci(r3, 0x0, 0xfffffeea)

427.644173ms ago: executing program 0 (id=687):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x0, 0x7fff0000}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
setuid(0xee00)
r2 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000880)=""/134, 0x86}, {&(0x7f0000005580)=""/4076, 0xfec}, {&(0x7f0000000140)=""/190, 0xbe}, {&(0x7f00000020c0)=""/4110, 0x100e}, {&(0x7f0000000400)=""/101, 0x65}], 0x5}, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x69, 0x2}]})
r3 = shmget$private(0x0, 0x2000, 0x1, &(0x7f0000ffe000/0x2000)=nil)
shmat(r3, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
fspick(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
syz_io_uring_setup(0x1114, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x21e}, &(0x7f00000001c0), &(0x7f0000000040))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r5, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@o_path={&(0x7f0000000000)='./file0\x00', r5, 0x4000, r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0e00000004000000040000000900000000000000", @ANYRES32, @ANYBLOB="0000000000000000ec8793ecb7b49df100000000ac26286efcdc9032dc40a9ef63d5e18826319d2ca4653d4d37f08c22ebe3f686484adf831665dd2497d09f6965617625f6730a766f20376a1243c151e9dee6efdfc4dd91093c3bec2709951a09061df9caf0fea25b04731892e0c405e473d33fa0636977e6898d1414694d387201c4fbcef1c85f237fa0ff44ebd3a79a43ecbc133a4e013cb9890541915ba7a061f2068d0699d089410ba6ae963c53b926150dbce7055a3af00276899990e5fb1a5444f046734c754636f7d6363d6c057605ea1bc157c6746f89e0364ba8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

405.715793ms ago: executing program 2 (id=688):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)

331.658575ms ago: executing program 2 (id=689):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000040)={0xd, 0x0})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x34}}, 0xc800)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r2, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r2, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x11)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0xc058, &(0x7f0000000080)=ANY=[], 0x44, 0x326, &(0x7f00000001c0)="$eJzs3M9r22YYwPHHP2I7Dol9GINtjLxsl+0iEu8+MCOBMcNGFo/9gIESy5uxZhvLZHiMxYPBrv03anIMlBJo0z8gl9566qX0kkuhF0ObqtiSEiuREztN7bj5fiC8j/W+j2XplcMjYenwx1t/lIuWVoyISEJJWKQlRyLpbuTanBeRkISk18SchQmnacnnc88ffaxEJJvLrawptZpd/yKjlFpYvPfn3zuf7Dfmfthd2IvLQfrXw2eZJwfvH3xw+Gr995KlSpaqVBtKVxvVxw19wzRUoWSVNaW+Mw3dMlSpYhl1p78aclcrtVpT6ZXCfLJWNyxL6ZWmKhtN1aiqRr2p9N/0UkVpmqbmk511uSk6i72mFtw7OzAv315b07OXXOnmJfNw5fbteN+rUMjfW697X54Htr8n337rHw0AAFw7Xv0f1xsS9ur/jr/+98qJcH/972pJq1v/f//Tz98MUf/vxQbU/9Uz9b97fiG+/qJZ9ep/kcD6/85J/T/GvTgVEmcX5duRy9f/mBL1WZH2jpx8o//9ZWepF1D/AwAAAAAAAAAAAAAAAAAAAAAwDTq2nbJtO9Vtw+LE3b+4e8OI99qfNfiOckyX/vl35jranfUL5h/vir4b9xIi5v9b+a280zr92aKUxBRDliQlL3vHg8uJV7/OrYRUT1rum9tu/vZWPuLPX5aUpM/md4+sZSdf+fNnJNmfn5GUvBe8/kxgfkw++7QvX5OUPNyUqphS6B3XseP8f5aV+urb3Kn8WSkE3DEHAAAAAMA00tSxwPN3TRvU7+QPc31gKfD8PCofRie77QAAAAAA3BRW86+ybppG/cLgtoj8N0zWU3fQ0O/8psHMCFsxbHC3F4QGvXNipF03XBAeZbD3TOZzB3s/0/J1uZdntsc1O1cYLE5k7VER6V+SHDh4IRK0w88L4u5TmbtLjuxTY77c/ejF5Hb4WP8NAQAAABiDk6J/0p8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICb64LHgIVHeZjZoGDS2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcF68DAAD//2rAE+8=")

158.553477ms ago: executing program 3 (id=690):
r0 = io_uring_setup(0x3eee, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, 0x0, 0x0)

115.182478ms ago: executing program 1 (id=691):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x13)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r2, 0xa, 0x13)
fcntl$setlease(r2, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000000)='./file0\x00', 0x40, 0x0)
fsetxattr$system_posix_acl(r3, &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000380)={{}, {0x10}}, 0x24, 0x0)

50.421049ms ago: executing program 4 (id=692):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
get_robust_list(0x0, &(0x7f00000002c0)=0x0, &(0x7f0000000300))

50.238489ms ago: executing program 3 (id=693):
unshare(0x20000400)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x1}, 0x1320, 0xffffffff, 0x3, 0x5, 0x0, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x2b, 0x0, @fd, 0x0, 0x0})
io_uring_enter(r0, 0x15f1, 0xff98, 0x69, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

49.869149ms ago: executing program 4 (id=694):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bfc87411a5090a090000000000005509"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r1}, 0x18)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16)
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x7fffffff, &(0x7f0000000400)=[{0x400, 0x6, 0xfffffffffffffffc}], 0x1, 0x2, 0x0, 0x2, 0x47})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0xff, 0x0, 0x4}]})
write$ppp(r6, &(0x7f0000000440)='f#', 0x2)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x0)
open(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x41, &(0x7f0000000100)={[{@lazytime}, {@noload}, {@bh}, {@noquota}, {@noblock_validity}, {}, {@mblk_io_submit}, {@acl}, {@discard}], [], 0x3d}, 0x1, 0x522, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRdkVrJ00tI16KEVCcKoElPsSEieK4sRR7LSbqIKsOHBEQgiQOJULFyROnJBQJS4cEVIlOIMAgRBs4YAEdCrb43Q3GSfZjWNn4++TJvPmeeb97zma8byZp5kARtZTEfFyRLybpun1iJjM8gvZFHudqbXeO3feWGxNSaTpq/9IIsnyumWlbY/E1WyzyxHxlS9GfD05HLexs7u2UKtVt7LlSnN9s9LY2b2xur6wUl2pbszNzT4//8L8c/MzfWnnRES89Pm/fP87P/nCS7/89Ot/vPm3a99Isvw40I77VDzqw07TS+3v4u4Nth4w2HlUbLcwM563xtihnNtnXCcAAHr7QER8IiKux2SMHX06CwAAADyE0s9OxP+S7r27Qy71yAcAAAAeIoX2GNikUM7G+05EoVAuR3sM74fiSqFWbzQ/tVzf3ljqjJWdilJhebVWncnGCk9FKWktz7bT7y8/e2B5LiIej4jvTY63l8uL9drSsC9+AAAAwIi4eqD//+/JTv8fAAAAuGCmhl0BAAAA4Mzp/wMAAMDFp/8PAAAAF9qXXnmlNaXd918vvbazvVZ/7cZStbFWXt9eLC/WtzbLK/X6SvuZfevHlVer1zc/ExvbtyrNaqNZaezs3lyvb280b67e8wpsAAAAYIAe/9hbv08iYu/F8fbUculkm55wNeC8Ku6nkmyes1v/4bHO/M8DqhQwEGPDrgAwNMVhVwAYmtKwKwAMXXLM5z0H7/wmm3+8v/UBAAD6b/oj+ff/j78uuFcYQPWAM+T+H4wu+z+MrvZ5/klH8jrjhwul5AwARt6p7/8fK03vq0IAAEDfTbSnpFDOLu9NRKFQLkc82n4tQClZXq1VZyLisYj43WTpkdbybHvL5Ng+AwAAAAAAAAAAAAAAAAAAAAAAAADQkaZJpAAAAMCFFlH4a/KrzrP8pyefmTh4feBS8p/JyF4R+vqPXv3BrYVmc2u2lf/P/fzmD7P8Z4dxBQMAAABGQvF+Vu7207v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADop3fuvLHYnQYZ9++fi4ipvPjFuNyeX45SRFz5VxLFu7ZLImKsD/HHW38+nBc/aVVrP2Re/PE3Tx9/7/aR8WMq+xby4l89fXgYaW+1jj8v5+1/hXiqPc/f/4oR9yw/qN7Hv9g//o312P8fPWGMJ97+WaVn/NsRTxTzjz/d+EmP+E/nFfjzbx/K+tpXd3d7xU/fjJjO/f1J7olVaa5vVho7uzdW1xdWqivVjbm52efnX5h/bn6msrxaq2Z/c2N896O/ePeo9l/pEX/qmPY/k1PepZy8/799684HO8lSXvxrT+fE//WPszUOxy9kv32fzNKtz6e76b1O+m5P/vS3Tx7V/qUe7T/u/3+tV6EHXP/yt/50wlUBgAFo7OyuLdRq1a3zkXgx+l5yq4c/9HY9fIn/pueiGmeb+GZfC0zTNG3tU6coJ4nBfQnJ0VUd9pEJAADot/dP+oddEwAAAAAAAAAAAAAAAAAAABhdg3jS2MGYe/uppB+P0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iv3AgAA//8ZWuAG")
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
munlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280))
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001000000", @ANYRES32, @ANYBLOB="00000000000c000000000000000000000000000020aca541ef7b25a484c625a7b6968e11fa1fb8325ec8e7a27b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)

0s ago: executing program 2 (id=695):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001040)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffff7, @void, @value}, 0x94)
r2 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r2, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

4] udevd[3684]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   36.885739][ T3688] netlink: 'syz.3.64': attribute type 10 has an invalid length.
[   36.896234][ T3475] udevd[3475]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   36.960160][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   36.980702][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   36.991260][ T3514] udevd[3514]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   37.140753][ T3698] loop0: detected capacity change from 0 to 512
[   37.168890][ T3698] EXT4-fs: Ignoring removed bh option
[   37.174445][ T3698] EXT4-fs: Ignoring removed mblk_io_submit option
[   37.362688][ T3670]  loop1: p1 < > p4
[   37.369305][ T3670] loop1: p4 size 8388608 extends beyond EOD, truncated
[   37.395852][ T3698] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   37.485426][ T3698] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   37.493524][ T3698] EXT4-fs (loop0): orphan cleanup on readonly fs
[   37.539483][ T3698] __quota_error: 920 callbacks suppressed
[   37.539499][ T3698] Quota error (device loop0): do_insert_tree: Free block already used in tree: block 4
[   37.555293][ T3698] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[   37.575187][   T29] audit: type=1326 audit(1745138984.600:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   37.598549][   T29] audit: type=1326 audit(1745138984.600:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   37.615100][ T3698] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.66: Failed to acquire dquot type 1
[   37.621833][   T29] audit: type=1326 audit(1745138984.600:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   37.656119][   T29] audit: type=1326 audit(1745138984.600:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   37.663190][ T3698] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.66: Invalid block bitmap block 0 in block_group 0
[   37.679427][   T29] audit: type=1326 audit(1745138984.600:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   37.716058][   T29] audit: type=1326 audit(1745138984.600:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   37.717639][ T3698] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.66: Invalid block bitmap block 0 in block_group 0
[   37.739428][   T29] audit: type=1326 audit(1745138984.600:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   37.775763][   T29] audit: type=1326 audit(1745138984.600:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   37.792161][ T3698] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.66: Invalid block bitmap block 0 in block_group 0
[   37.834710][ T3698] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.66: Failed to acquire dquot type 1
[   37.863141][ T3698] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.66: Failed to acquire dquot type 1
[   37.904219][ T3698] EXT4-fs (loop0): 1 orphan inode deleted
[   37.925684][ T3698] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   37.959619][ T3714] can0: slcan on ttyS3.
[   38.014354][ T3714] can0 (unregistered): slcan off ttyS3.
[   38.020020][ T3714] Falling back ldisc for ttyS3.
[   38.081882][ T3723] loop3: detected capacity change from 0 to 2048
[   38.196172][ T3731] loop4: detected capacity change from 0 to 512
[   38.215581][ T3731] EXT4-fs: Ignoring removed bh option
[   38.221038][ T3731] EXT4-fs: Ignoring removed mblk_io_submit option
[   38.252503][ T3731] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   38.272607][ T3731] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   38.291411][ T3731] EXT4-fs (loop4): orphan cleanup on readonly fs
[   38.326777][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.378067][ T3731] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.71: Failed to acquire dquot type 1
[   38.432718][ T3731] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.71: Invalid block bitmap block 0 in block_group 0
[   38.478157][ T3731] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.71: Invalid block bitmap block 0 in block_group 0
[   38.493658][ T3754] loop1: detected capacity change from 0 to 512
[   38.522700][ T3731] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.71: Invalid block bitmap block 0 in block_group 0
[   38.537576][ T3754] EXT4-fs: Ignoring removed bh option
[   38.543057][ T3754] EXT4-fs: Ignoring removed mblk_io_submit option
[   38.575997][ T3754] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   38.576563][ T3731] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.71: Failed to acquire dquot type 1
[   38.601551][ T3754] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   38.617637][ T3754] EXT4-fs (loop1): orphan cleanup on readonly fs
[   38.624878][ T3731] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.71: Failed to acquire dquot type 1
[   38.636765][ T3754] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.75: Failed to acquire dquot type 1
[   38.648649][ T3731] EXT4-fs (loop4): 1 orphan inode deleted
[   38.661390][ T3754] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.75: Invalid block bitmap block 0 in block_group 0
[   38.675573][ T3731] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   38.684733][ T3754] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.75: Invalid block bitmap block 0 in block_group 0
[   38.713353][ T3754] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.75: Invalid block bitmap block 0 in block_group 0
[   38.727117][ T3754] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.75: Failed to acquire dquot type 1
[   38.739649][ T3754] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.75: Failed to acquire dquot type 1
[   38.751132][ T3754] EXT4-fs (loop1): 1 orphan inode deleted
[   38.757815][ T3754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   38.796030][ T3770] loop2: detected capacity change from 0 to 256
[   38.829093][ T3770] syzkaller0: entered promiscuous mode
[   38.834735][ T3770] syzkaller0: entered allmulticast mode
[   38.847933][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.944083][ T3775] netlink: 'syz.2.82': attribute type 10 has an invalid length.
[   38.951898][ T3775] hsr_slave_0: left promiscuous mode
[   38.957905][ T3775] hsr_slave_1: left promiscuous mode
[   38.958834][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.985584][ T3778] can0: slcan on ttyS3.
[   39.040084][ T3783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.057064][ T3783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.065762][ T3778] can0 (unregistered): slcan off ttyS3.
[   39.107588][ T3790] loop3: detected capacity change from 0 to 512
[   39.115102][ T3789] loop4: detected capacity change from 0 to 512
[   39.123034][ T3790] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   39.128121][ T3783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.142080][ T3797] loop1: detected capacity change from 0 to 256
[   39.148726][ T3790] EXT4-fs (loop3): orphan cleanup on readonly fs
[   39.150384][ T3789] EXT4-fs: Ignoring removed bh option
[   39.160598][ T3789] EXT4-fs: Ignoring removed mblk_io_submit option
[   39.168191][ T3783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.180544][ T3790] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.86: invalid indirect mapped block 256 (level 2)
[   39.197615][ T3789] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   39.233070][ T3790] EXT4-fs (loop3): 2 truncates cleaned up
[   39.243082][ T3789] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   39.257331][ T3797] syzkaller0: entered promiscuous mode
[   39.262862][ T3797] syzkaller0: entered allmulticast mode
[   39.265544][ T3790] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   39.269051][ T3789] EXT4-fs (loop4): orphan cleanup on readonly fs
[   39.297494][ T3790] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #2: block 13: comm syz.3.86: lblock 0 mapped to illegal pblock 13 (length 1)
[   39.312818][ T3789] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.84: Failed to acquire dquot type 1
[   39.324884][ T3789] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.84: Invalid block bitmap block 0 in block_group 0
[   39.343634][ T3789] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.84: Invalid block bitmap block 0 in block_group 0
[   39.358217][ T3789] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.84: Invalid block bitmap block 0 in block_group 0
[   39.372332][ T3789] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.84: Failed to acquire dquot type 1
[   39.385395][ T3789] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.84: Failed to acquire dquot type 1
[   39.397850][ T3789] EXT4-fs (loop4): 1 orphan inode deleted
[   39.404087][ T3789] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   39.437945][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.470951][ T3813] loop1: detected capacity change from 0 to 512
[   39.485680][ T3813] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   39.504466][ T3813] EXT4-fs (loop1): orphan cleanup on readonly fs
[   39.523363][ T3813] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.88: invalid indirect mapped block 256 (level 2)
[   39.537858][ T3817] loop3: detected capacity change from 0 to 2048
[   39.547980][ T3813] EXT4-fs (loop1): 2 truncates cleaned up
[   39.564787][ T3813] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   39.590960][ T3684]  loop3: p1 < > p4
[   39.598047][ T3684] loop3: p4 size 8388608 extends beyond EOD, truncated
[   39.627739][ T3813] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #2: block 13: comm syz.1.88: lblock 0 mapped to illegal pblock 13 (length 1)
[   39.655876][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.704517][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.748591][ T3837] can0: slcan on ttyS3.
[   39.753983][ T3817]  loop3: p1 < > p4
[   39.758569][ T3817] loop3: p4 size 8388608 extends beyond EOD, truncated
[   39.795488][ T3840] loop4: detected capacity change from 0 to 512
[   39.802154][ T3840] EXT4-fs: Ignoring removed bh option
[   39.807611][ T3837] can0 (unregistered): slcan off ttyS3.
[   39.807717][ T3840] EXT4-fs: Ignoring removed mblk_io_submit option
[   39.813357][ T3837] Falling back ldisc for ttyS3.
[   39.865300][ T3840] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   39.896957][ T3840] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   39.933989][ T3840] EXT4-fs (loop4): orphan cleanup on readonly fs
[   39.962476][ T3845] loop3: detected capacity change from 0 to 256
[   39.990760][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   40.002034][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   40.023292][ T3840] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.93: Failed to acquire dquot type 1
[   40.084479][ T3840] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.93: Invalid block bitmap block 0 in block_group 0
[   40.085241][ T3845] syzkaller0: entered promiscuous mode
[   40.103232][ T3845] syzkaller0: entered allmulticast mode
[   40.171453][ T3840] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.93: Invalid block bitmap block 0 in block_group 0
[   40.187571][ T3840] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.93: Invalid block bitmap block 0 in block_group 0
[   40.201351][ T3840] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.93: Failed to acquire dquot type 1
[   40.214331][ T3840] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.93: Failed to acquire dquot type 1
[   40.226745][ T3840] EXT4-fs (loop4): 1 orphan inode deleted
[   40.249000][ T3840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   40.445541][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.495573][ T3883] loop3: detected capacity change from 0 to 512
[   40.509110][ T3883] EXT4-fs: Ignoring removed bh option
[   40.514603][ T3883] EXT4-fs: Ignoring removed mblk_io_submit option
[   40.552211][ T3885] __nla_validate_parse: 2 callbacks suppressed
[   40.552227][ T3885] netlink: 68 bytes leftover after parsing attributes in process `syz.4.107'.
[   40.574071][ T3883] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   40.618742][ T3883] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   40.646329][ T3887] loop0: detected capacity change from 0 to 2048
[   40.648629][ T3883] EXT4-fs (loop3): orphan cleanup on readonly fs
[   40.664490][ T3883] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.105: Failed to acquire dquot type 1
[   40.681845][ T3883] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.105: Invalid block bitmap block 0 in block_group 0
[   40.695925][ T3883] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.105: Invalid block bitmap block 0 in block_group 0
[   40.709999][ T3887]  loop0: p1 < > p4
[   40.711137][ T3883] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.105: Invalid block bitmap block 0 in block_group 0
[   40.714554][ T3887] loop0: p4 size 8388608 extends beyond EOD, truncated
[   40.730888][ T3883] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.105: Failed to acquire dquot type 1
[   40.747021][ T3883] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.105: Failed to acquire dquot type 1
[   40.758650][ T3883] EXT4-fs (loop3): 1 orphan inode deleted
[   40.768595][ T3891] loop4: detected capacity change from 0 to 2048
[   40.790502][ T3883] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   40.892845][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   40.893003][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   41.000968][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.112524][ T3905] loop3: detected capacity change from 0 to 512
[   41.141153][ T3905] EXT4-fs: Ignoring removed bh option
[   41.146605][ T3905] EXT4-fs: Ignoring removed mblk_io_submit option
[   41.181860][ T3905] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   41.195798][ T3905] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   41.203997][ T3905] EXT4-fs (loop3): orphan cleanup on readonly fs
[   41.211038][ T3905] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.113: Failed to acquire dquot type 1
[   41.241312][ T3905] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.113: Invalid block bitmap block 0 in block_group 0
[   41.260351][ T3905] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.113: Invalid block bitmap block 0 in block_group 0
[   41.275348][ T3905] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.113: Invalid block bitmap block 0 in block_group 0
[   41.277200][ T3911] loop1: detected capacity change from 0 to 256
[   41.290232][ T3905] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.113: Failed to acquire dquot type 1
[   41.307547][ T3905] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.113: Failed to acquire dquot type 1
[   41.319102][ T3905] EXT4-fs (loop3): 1 orphan inode deleted
[   41.327454][ T3905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.332276][ T3911] syzkaller0: entered promiscuous mode
[   41.345399][ T3911] syzkaller0: entered allmulticast mode
[   41.473613][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.569491][ T3918] syzkaller0: entered promiscuous mode
[   41.575067][ T3918] syzkaller0: entered allmulticast mode
[   41.602799][ T3928] netlink: 68 bytes leftover after parsing attributes in process `syz.1.122'.
[   41.631182][ T3928] netlink: 16 bytes leftover after parsing attributes in process `syz.1.122'.
[   41.640117][ T3928] netlink: 52 bytes leftover after parsing attributes in process `syz.1.122'.
[   41.649000][ T3928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.122'.
[   41.716965][ T3935] siw: device registration error -23
[   41.741923][ T3937] loop7: detected capacity change from 0 to 16384
[   41.744320][ T3939] netlink: 68 bytes leftover after parsing attributes in process `syz.3.127'.
[   41.795257][ T3940] loop1: detected capacity change from 0 to 2048
[   41.969577][ T3943] I/O error, dev loop7, sector 11248 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[   41.979708][ T3943] Buffer I/O error on dev loop7, logical block 1406, lost async page write
[   41.986533][ T3937] I/O error, dev loop7, sector 14640 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0
[   41.988355][ T3943] Buffer I/O error on dev loop7, logical block 1407, lost async page write
[   42.006845][ T3943] Buffer I/O error on dev loop7, logical block 1408, lost async page write
[   42.009816][ T3937] I/O error, dev loop7, sector 14896 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0
[   42.015459][ T3943] Buffer I/O error on dev loop7, logical block 1409, lost async page write
[   42.025372][ T3937] I/O error, dev loop7, sector 14640 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   42.033892][ T3943] Buffer I/O error on dev loop7, logical block 1410, lost async page write
[   42.043392][ T3937] Buffer I/O error on dev loop7, logical block 1830, async page read
[   42.051978][ T3943] Buffer I/O error on dev loop7, logical block 1411, lost async page write
[   42.068787][ T3943] Buffer I/O error on dev loop7, logical block 1412, lost async page write
[   42.070144][ T3937] I/O error, dev loop7, sector 14640 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   42.077417][ T3943] Buffer I/O error on dev loop7, logical block 1413, lost async page write
[   42.077452][ T3943] Buffer I/O error on dev loop7, logical block 1414, lost async page write
[   42.110994][ T3956] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   42.123091][ T3956] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   42.125850][ T3937] I/O error, dev loop7, sector 14640 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   42.149853][ T3961] can0: slcan on ttyS3.
[   42.152369][ T3956] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   42.159832][ T3943] I/O error, dev loop7, sector 12272 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[   42.163701][ T3956] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   42.178380][ T3943] I/O error, dev loop7, sector 13296 op 0x1:(WRITE) flags 0x800 phys_seg 66 prio class 0
[   42.202626][ T3943] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   42.211969][ T3943] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   42.221145][ T3943]  loop7: unable to read partition table
[   42.227053][ T3961] can0 (unregistered): slcan off ttyS3.
[   42.230262][ T3943] loop_reread_partitions: partition scan of loop7 ((õÉêä¾A«ÒÚi½åŒ×¯@ýpªÁ.½[ºvcÄ5¯ùG“Ýתà~ó_Á

“;Ûo×ÿ) failed (rc=-5)
[   42.232687][ T3961] Falling back ldisc for ttyS3.
[   42.341897][ T3965] loop2: detected capacity change from 0 to 512
[   42.362036][ T3965] EXT4-fs: Ignoring removed bh option
[   42.367668][ T3965] EXT4-fs: Ignoring removed mblk_io_submit option
[   42.376189][ T3965] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   42.389440][ T3965] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   42.408457][ T3965] EXT4-fs (loop2): orphan cleanup on readonly fs
[   42.416773][ T3965] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.135: Failed to acquire dquot type 1
[   42.429096][ T3965] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.135: Invalid block bitmap block 0 in block_group 0
[   42.443322][ T3965] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.135: Invalid block bitmap block 0 in block_group 0
[   42.457199][ T3965] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.135: Invalid block bitmap block 0 in block_group 0
[   42.461744][ T3968] loop4: detected capacity change from 0 to 2048
[   42.471916][ T3965] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.135: Failed to acquire dquot type 1
[   42.488537][ T3965] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.135: Failed to acquire dquot type 1
[   42.500027][ T3965] EXT4-fs (loop2): 1 orphan inode deleted
[   42.506275][ T3965] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   42.601177][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.633000][ T3972] netlink: 68 bytes leftover after parsing attributes in process `syz.2.138'.
[   42.742849][ T3976] can0: slcan on ttyS3.
[   42.888367][ T3979] syzkaller0: entered promiscuous mode
[   42.893869][ T3979] syzkaller0: entered allmulticast mode
[   43.012860][   T29] kauditd_printk_skb: 381 callbacks suppressed
[   43.012877][   T29] audit: type=1326 audit(1745138990.151:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f29fc61e169 code=0x0
[   43.054249][ T3976] can0 (unregistered): slcan off ttyS3.
[   43.059858][ T3976] Falling back ldisc for ttyS3.
[   43.109611][ T4014] can0: slcan on ttyS3.
[   43.119404][   T29] audit: type=1326 audit(1745138990.261:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   43.142734][   T29] audit: type=1326 audit(1745138990.261:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   43.166424][   T29] audit: type=1326 audit(1745138990.261:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   43.189893][   T29] audit: type=1326 audit(1745138990.261:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   43.213235][   T29] audit: type=1326 audit(1745138990.261:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   43.236661][   T29] audit: type=1326 audit(1745138990.261:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   43.260152][   T29] audit: type=1326 audit(1745138990.261:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   43.283583][   T29] audit: type=1326 audit(1745138990.261:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.0.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   43.342984][ T4018] loop4: detected capacity change from 0 to 2048
[   43.374343][ T4014] can0 (unregistered): slcan off ttyS3.
[   43.375866][ T3684]  loop4: p1 < > p4
[   43.380018][ T4014] Falling back ldisc for ttyS3.
[   43.389367][ T3684] loop4: p4 size 8388608 extends beyond EOD, truncated
[   43.472715][   T29] audit: type=1326 audit(1745138990.611:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4019 comm="syz.1.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   43.503240][ T4018]  loop4: p1 < > p4
[   43.507956][ T4018] loop4: p4 size 8388608 extends beyond EOD, truncated
[   43.597154][ T4039] loop3: detected capacity change from 0 to 512
[   43.616329][ T4039] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   43.623823][ T4043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.151'.
[   43.624538][ T4039] EXT4-fs (loop3): orphan cleanup on readonly fs
[   43.664943][ T4039] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.150: invalid indirect mapped block 256 (level 2)
[   43.679664][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   43.691075][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   43.704904][ T4043] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   43.748498][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   43.759227][ T4039] EXT4-fs (loop3): 2 truncates cleaned up
[   43.760476][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   43.775060][ T4039] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   43.816251][ T4039] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #2: block 13: comm syz.3.150: lblock 0 mapped to illegal pblock 13 (length 1)
[   43.835902][ T4050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.154'.
[   43.862422][ T4052] loop2: detected capacity change from 0 to 2048
[   43.867046][ T4056] loop0: detected capacity change from 0 to 2048
[   43.871753][ T4055] can0: slcan on ttyS3.
[   43.887252][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.896551][ T4050] loop4: detected capacity change from 0 to 512
[   43.917214][ T4050] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   43.946770][ T4056]  loop0: p1 < > p4
[   43.958560][ T4056] loop0: p4 size 8388608 extends beyond EOD, truncated
[   43.986189][ T4050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.999054][ T4055] can0 (unregistered): slcan off ttyS3.
[   44.004779][ T4050] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.015233][ T4055] Falling back ldisc for ttyS3.
[   44.024688][ T4050] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.073554][ T3005]  loop0: p1 < > p4
[   44.082125][ T3005] loop0: p4 size 8388608 extends beyond EOD, truncated
[   44.120329][ T4081] loop1: detected capacity change from 0 to 512
[   44.151272][ T4081] EXT4-fs: Ignoring removed bh option
[   44.156830][ T4081] EXT4-fs: Ignoring removed mblk_io_submit option
[   44.174786][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   44.174788][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   44.287067][ T4081] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   44.310840][ T4081] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   44.319254][ T4081] EXT4-fs (loop1): orphan cleanup on readonly fs
[   44.327273][ T4081] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.160: Failed to acquire dquot type 1
[   44.330223][ T4107] netlink: 68 bytes leftover after parsing attributes in process `syz.4.164'.
[   44.357745][ T4081] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.160: Invalid block bitmap block 0 in block_group 0
[   44.377141][ T4081] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.160: Invalid block bitmap block 0 in block_group 0
[   44.407304][ T4081] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.160: Invalid block bitmap block 0 in block_group 0
[   44.431046][ T4081] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.160: Failed to acquire dquot type 1
[   44.445141][ T4081] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.160: Failed to acquire dquot type 1
[   44.456813][ T4081] EXT4-fs (loop1): 1 orphan inode deleted
[   44.463177][ T4081] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   44.563743][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.620057][ T4123] siw: device registration error -23
[   44.689201][ T4129] loop2: detected capacity change from 0 to 2048
[   44.754576][ T3684]  loop2: p1 < > p4
[   44.759244][ T3684] loop2: p4 size 8388608 extends beyond EOD, truncated
[   44.873604][ T4129]  loop2: p1 < > p4
[   44.878070][ T4129] loop2: p4 size 8388608 extends beyond EOD, truncated
[   45.198850][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   45.209385][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   45.303680][ T4152] loop7: detected capacity change from 0 to 16384
[   45.315064][ T4148] loop2: detected capacity change from 0 to 2048
[   45.365052][ T4148]  loop2: p1 < > p4
[   45.366039][ T4156] loop0: detected capacity change from 0 to 2048
[   45.371644][ T4148] loop2: p4 size 8388608 extends beyond EOD, truncated
[   45.612821][ T4162] loop1: detected capacity change from 0 to 2048
[   45.786501][ T4169] loop3: detected capacity change from 0 to 512
[   45.798240][ T4169] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   45.813186][ T4169] EXT4-fs (loop3): orphan cleanup on readonly fs
[   45.821914][ T4169] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.182: invalid indirect mapped block 256 (level 2)
[   45.837139][ T4169] EXT4-fs (loop3): 2 truncates cleaned up
[   45.843868][ T4169] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.884916][ T4169] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #2: block 13: comm syz.3.182: lblock 0 mapped to illegal pblock 13 (length 1)
[   45.927291][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.002236][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   46.013909][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   46.059116][ T4182] loop3: detected capacity change from 0 to 512
[   46.066186][ T4182] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   46.086567][ T4182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.099162][ T4182] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.110031][ T4182] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.370798][ T4195] loop0: detected capacity change from 0 to 512
[   46.386406][ T4195] EXT4-fs: Ignoring removed bh option
[   46.391854][ T4195] EXT4-fs: Ignoring removed mblk_io_submit option
[   46.414668][ T4195] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   46.451188][ T4195] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   46.537598][ T4195] EXT4-fs (loop0): orphan cleanup on readonly fs
[   46.553287][ T4195] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.187: Failed to acquire dquot type 1
[   46.582065][ T4195] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.187: Invalid block bitmap block 0 in block_group 0
[   46.637430][ T4195] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.187: Invalid block bitmap block 0 in block_group 0
[   46.668790][ T4195] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.187: Invalid block bitmap block 0 in block_group 0
[   46.695289][ T4195] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.187: Failed to acquire dquot type 1
[   46.716763][ T4195] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.187: Failed to acquire dquot type 1
[   46.745839][ T4195] EXT4-fs (loop0): 1 orphan inode deleted
[   46.758777][ T4195] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   46.890060][ T4187] syz.3.185 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   46.904336][ T4187] CPU: 1 UID: 0 PID: 4187 Comm: syz.3.185 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   46.904364][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   46.904443][ T4187] Call Trace:
[   46.904452][ T4187]  <TASK>
[   46.904462][ T4187]  dump_stack_lvl+0xf6/0x150
[   46.904505][ T4187]  dump_stack+0x15/0x1a
[   46.904566][ T4187]  dump_header+0x83/0x2d0
[   46.904593][ T4187]  oom_kill_process+0x341/0x4c0
[   46.904621][ T4187]  out_of_memory+0x9d1/0xc20
[   46.904650][ T4187]  mem_cgroup_out_of_memory+0x13f/0x190
[   46.904692][ T4187]  try_charge_memcg+0x5f1/0x890
[   46.904730][ T4187]  obj_cgroup_charge_pages+0xc0/0x1a0
[   46.904768][ T4187]  __memcg_kmem_charge_page+0x9d/0x170
[   46.904804][ T4187]  __alloc_frozen_pages_noprof+0x1a6/0x360
[   46.904833][ T4187]  alloc_pages_mpol+0xb6/0x260
[   46.904877][ T4187]  alloc_pages_noprof+0xe8/0x130
[   46.904905][ T4187]  __vmalloc_node_range_noprof+0x6ea/0xe80
[   46.904984][ T4187]  __kvmalloc_node_noprof+0x311/0x520
[   46.905034][ T4187]  ? ip_set_alloc+0x1f/0x30
[   46.905061][ T4187]  ? ip_set_alloc+0x1f/0x30
[   46.905129][ T4187]  ip_set_alloc+0x1f/0x30
[   46.905164][ T4187]  hash_netiface_create+0x273/0x730
[   46.905204][ T4187]  ? __nla_parse+0x40/0x60
[   46.905297][ T4187]  ? __pfx_hash_netiface_create+0x10/0x10
[   46.905334][ T4187]  ip_set_create+0x3b6/0x970
[   46.905403][ T4187]  ? get_page_from_freelist+0x1c71/0x1d90
[   46.905434][ T4187]  ? __nla_parse+0x40/0x60
[   46.905467][ T4187]  nfnetlink_rcv_msg+0x4ba/0x580
[   46.905514][ T4187]  netlink_rcv_skb+0x12f/0x230
[   46.905534][ T4187]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   46.905605][ T4187]  nfnetlink_rcv+0x187/0x1610
[   46.905628][ T4187]  ? __kfree_skb+0x102/0x150
[   46.905649][ T4187]  ? nlmon_xmit+0x51/0x60
[   46.905680][ T4187]  ? __kfree_skb+0x102/0x150
[   46.905732][ T4187]  ? consume_skb+0x49/0x160
[   46.905827][ T4187]  ? nlmon_xmit+0x51/0x60
[   46.905862][ T4187]  ? dev_hard_start_xmit+0x3d1/0x400
[   46.905895][ T4187]  ? __dev_queue_xmit+0xb76/0x20b0
[   46.905922][ T4187]  ? should_fail_ex+0x31/0x270
[   46.905954][ T4187]  ? ref_tracker_free+0x3b8/0x420
[   46.906056][ T4187]  ? __netlink_deliver_tap+0x4c6/0x4f0
[   46.906141][ T4187]  netlink_unicast+0x605/0x6c0
[   46.906179][ T4187]  netlink_sendmsg+0x609/0x720
[   46.906214][ T4187]  ? __pfx_netlink_sendmsg+0x10/0x10
[   46.906287][ T4187]  __sock_sendmsg+0x140/0x180
[   46.906321][ T4187]  ____sys_sendmsg+0x350/0x4e0
[   46.906374][ T4187]  __sys_sendmsg+0x1a0/0x240
[   46.906422][ T4187]  __x64_sys_sendmsg+0x46/0x50
[   46.906464][ T4187]  x64_sys_call+0x26f3/0x2e10
[   46.906485][ T4187]  do_syscall_64+0xc9/0x1a0
[   46.906542][ T4187]  ? clear_bhb_loop+0x25/0x80
[   46.906653][ T4187]  ? clear_bhb_loop+0x25/0x80
[   46.906681][ T4187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.906707][ T4187] RIP: 0033:0x7f0adcdde169
[   46.906725][ T4187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.906746][ T4187] RSP: 002b:00007f0adb447038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   46.906765][ T4187] RAX: ffffffffffffffda RBX: 00007f0add005fa0 RCX: 00007f0adcdde169
[   46.906776][ T4187] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[   46.906865][ T4187] RBP: 00007f0adce60a68 R08: 0000000000000000 R09: 0000000000000000
[   46.906880][ T4187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   46.906936][ T4187] R13: 0000000000000000 R14: 00007f0add005fa0 R15: 00007ffe0f024748
[   46.906960][ T4187]  </TASK>
[   46.906968][ T4187] memory: usage 307200kB, limit 307200kB, failcnt 197
[   47.260266][ T4187] memory+swap: usage 307580kB, limit 9007199254740988kB, failcnt 0
[   47.268185][ T4187] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[   47.275590][ T4187] Memory cgroup stats for /syz3:
[   47.279537][ T4187] cache 0
[   47.287601][ T4187] rss 0
[   47.290379][ T4187] shmem 0
[   47.293407][ T4187] mapped_file 0
[   47.296875][ T4187] dirty 0
[   47.299821][ T4187] writeback 0
[   47.303115][ T4187] workingset_refault_anon 74
[   47.307753][ T4187] workingset_refault_file 96
[   47.312381][ T4187] swap 389120
[   47.315709][ T4187] swapcached 0
[   47.319181][ T4187] pgpgin 6499
[   47.322472][ T4187] pgpgout 6499
[   47.325931][ T4187] pgfault 8387
[   47.329302][ T4187] pgmajfault 44
[   47.332760][ T4187] inactive_anon 0
[   47.336440][ T4187] active_anon 0
[   47.339942][ T4187] inactive_file 0
[   47.343580][ T4187] active_file 0
[   47.347056][ T4187] unevictable 0
[   47.350600][ T4187] hierarchical_memory_limit 314572800
[   47.356006][ T4187] hierarchical_memsw_limit 9223372036854771712
[   47.362157][ T4187] total_cache 0
[   47.365693][ T4187] total_rss 0
[   47.368975][ T4187] total_shmem 0
[   47.372433][ T4187] total_mapped_file 0
[   47.376443][ T4187] total_dirty 0
[   47.379913][ T4187] total_writeback 0
[   47.383724][ T4187] total_workingset_refault_anon 74
[   47.388868][ T4187] total_workingset_refault_file 96
[   47.394044][ T4187] total_swap 389120
[   47.397903][ T4187] total_swapcached 0
[   47.401844][ T4187] total_pgpgin 6499
[   47.402031][ T4208] loop2: detected capacity change from 0 to 512
[   47.405661][ T4187] total_pgpgout 6499
[   47.405671][ T4187] total_pgfault 8387
[   47.405679][ T4187] total_pgmajfault 44
[   47.405687][ T4187] total_inactive_anon 0
[   47.427912][ T4187] total_active_anon 0
[   47.431911][ T4187] total_inactive_file 0
[   47.436110][ T4187] total_active_file 0
[   47.439260][ T4208] EXT4-fs: Ignoring removed bh option
[   47.440140][ T4187] total_unevictable 0
[   47.440152][ T4187] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[   47.445692][ T4208] EXT4-fs: Ignoring removed mblk_io_submit option
[   47.449481][ T4187] ,cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.185,pid=4186,uid=0
[   47.472878][ T4187] Memory cgroup out of memory: Killed process 4186 (syz.3.185) total-vm:93748kB, anon-rss:1064kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   47.550864][ T4208] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   47.591717][ T4208] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   47.614218][ T4208] EXT4-fs (loop2): orphan cleanup on readonly fs
[   47.637153][ T4217] loop4: detected capacity change from 0 to 2048
[   47.643946][ T4208] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.190: Failed to acquire dquot type 1
[   47.687073][ T4208] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.190: Invalid block bitmap block 0 in block_group 0
[   47.724908][ T3684]  loop4: p1 < > p4
[   47.729382][ T3684] loop4: p4 size 8388608 extends beyond EOD, truncated
[   47.815047][ T4208] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.190: Invalid block bitmap block 0 in block_group 0
[   47.841793][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.847332][ T4217]  loop4: p1 < > p4
[   47.856460][ T4208] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.190: Invalid block bitmap block 0 in block_group 0
[   47.857040][ T4217] loop4: p4 size 8388608 extends beyond EOD, truncated
[   47.886301][ T4208] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.190: Failed to acquire dquot type 1
[   47.921064][ T4224] loop0: detected capacity change from 0 to 2048
[   47.946253][ T4208] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.190: Failed to acquire dquot type 1
[   47.959711][ T4208] EXT4-fs (loop2): 1 orphan inode deleted
[   47.991664][ T4208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   48.062590][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   48.073790][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   48.104125][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   48.125424][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   48.291723][   T29] kauditd_printk_skb: 395 callbacks suppressed
[   48.291736][   T29] audit: type=1400 audit(1745138995.490:1764): avc:  denied  { create } for  pid=4233 comm="syz.0.197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   48.411843][   T29] audit: type=1400 audit(1745138995.610:1765): avc:  denied  { connect } for  pid=4233 comm="syz.0.197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   48.431442][   T29] audit: type=1400 audit(1745138995.610:1766): avc:  denied  { name_connect } for  pid=4233 comm="syz.0.197" dest=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[   48.473365][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.540728][ T4243] __nla_validate_parse: 1 callbacks suppressed
[   48.540743][ T4243] netlink: 8 bytes leftover after parsing attributes in process `syz.2.200'.
[   48.558779][   T29] audit: type=1326 audit(1745138995.720:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4241 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa361e169 code=0x7ffc0000
[   48.582256][   T29] audit: type=1326 audit(1745138995.720:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4241 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa361e169 code=0x7ffc0000
[   48.605715][   T29] audit: type=1326 audit(1745138995.730:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4241 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5aa361e169 code=0x7ffc0000
[   48.629098][   T29] audit: type=1326 audit(1745138995.730:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4241 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa361e169 code=0x7ffc0000
[   48.652724][   T29] audit: type=1326 audit(1745138995.730:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4241 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa361e169 code=0x7ffc0000
[   48.676174][   T29] audit: type=1326 audit(1745138995.730:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4241 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5aa361e169 code=0x7ffc0000
[   48.699615][   T29] audit: type=1326 audit(1745138995.730:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4241 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa361e169 code=0x7ffc0000
[   48.741376][ T4250] loop2: detected capacity change from 0 to 512
[   48.766938][ T4250] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   48.777437][ T4252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.204'.
[   48.810920][ T4250] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.839526][ T4259] netlink: 8 bytes leftover after parsing attributes in process `syz.4.206'.
[   48.854343][ T4250] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.868905][ T4259] loop4: detected capacity change from 0 to 512
[   48.895279][ T4259] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   48.927380][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.997058][ T4259] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.011169][ T4259] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.031281][ T4259] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.080236][ T4274] netlink: 68 bytes leftover after parsing attributes in process `syz.0.211'.
[   49.119708][ T4274] vlan2: entered allmulticast mode
[   49.174550][ T4279] netlink: 8 bytes leftover after parsing attributes in process `syz.1.213'.
[   49.229530][ T4279] loop1: detected capacity change from 0 to 512
[   49.239258][ T4279] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   49.268197][ T4285] loop2: detected capacity change from 0 to 512
[   49.284830][ T4279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.297635][ T4279] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.309173][ T4279] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.319701][ T4285] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   49.369950][ T4285] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.403690][ T4298] can0: slcan on ttyS3.
[   49.408026][ T4285] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.427824][ T4285] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.474452][ T4298] can0 (unregistered): slcan off ttyS3.
[   49.480553][ T4298] Falling back ldisc for ttyS3.
[   49.493827][ T4305] netlink: 68 bytes leftover after parsing attributes in process `syz.0.221'.
[   49.605223][ T4317] loop0: detected capacity change from 0 to 512
[   49.617603][ T4317] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   49.687950][ T4317] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.710120][ T4331] siw: device registration error -23
[   49.729091][ T4334] siw: device registration error -23
[   49.789118][ T4317] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.836199][ T4317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.475610][ T4376] loop0: detected capacity change from 0 to 512
[   50.493048][ T4376] EXT4-fs: Ignoring removed bh option
[   50.498642][ T4376] EXT4-fs: Ignoring removed mblk_io_submit option
[   50.535725][ T4376] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   50.557818][ T4376] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   50.588523][ T4383] netlink: 68 bytes leftover after parsing attributes in process `syz.4.240'.
[   50.648809][ T4376] EXT4-fs (loop0): orphan cleanup on readonly fs
[   50.717872][ T4384] vlan2: entered allmulticast mode
[   50.743772][ T4376] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.237: Failed to acquire dquot type 1
[   50.755769][ T4376] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.237: Invalid block bitmap block 0 in block_group 0
[   50.769865][ T4376] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.237: Invalid block bitmap block 0 in block_group 0
[   50.785685][ T4376] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.237: Invalid block bitmap block 0 in block_group 0
[   50.811971][ T4376] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.237: Failed to acquire dquot type 1
[   50.846029][ T4386] loop1: detected capacity change from 0 to 512
[   50.854483][ T4386] EXT4-fs: Ignoring removed bh option
[   50.854546][ T4376] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.237: Failed to acquire dquot type 1
[   50.859908][ T4386] EXT4-fs: Ignoring removed mblk_io_submit option
[   50.878189][ T4376] EXT4-fs (loop0): 1 orphan inode deleted
[   50.886050][ T4376] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   50.899302][ T4386] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   50.916609][ T4386] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   50.926242][ T4386] EXT4-fs (loop1): orphan cleanup on readonly fs
[   50.932926][ T4386] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.241: Failed to acquire dquot type 1
[   50.944581][ T4386] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.241: Invalid block bitmap block 0 in block_group 0
[   50.977521][ T4386] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.241: Invalid block bitmap block 0 in block_group 0
[   50.994600][ T4386] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.241: Invalid block bitmap block 0 in block_group 0
[   51.015807][ T4386] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.241: Failed to acquire dquot type 1
[   51.041683][ T4386] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.241: Failed to acquire dquot type 1
[   51.055043][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.082796][ T4386] EXT4-fs (loop1): 1 orphan inode deleted
[   51.092731][ T4386] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.218581][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.433442][ T4410] loop1: detected capacity change from 0 to 512
[   51.440810][ T4410] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.456393][ T4410] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.469028][ T4410] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.481059][ T4410] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.848731][ T4420] loop4: detected capacity change from 0 to 512
[   51.855905][ T4420] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.876323][ T4420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.888992][ T4420] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.900085][ T4420] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.135107][ T4429] netlink: 8 bytes leftover after parsing attributes in process `syz.0.254'.
[   52.189423][ T4433] loop2: detected capacity change from 0 to 2048
[   52.276286][ T4437] loop2: detected capacity change from 0 to 512
[   52.288272][ T4437] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   52.327650][ T4437] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.340557][ T4437] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.355531][ T4437] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.407038][ T4442] loop1: detected capacity change from 0 to 512
[   52.431973][ T4442] EXT4-fs: Ignoring removed bh option
[   52.437444][ T4442] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.448770][ T4442] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   52.464903][ T4442] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   52.475749][ T4442] EXT4-fs (loop1): orphan cleanup on readonly fs
[   52.489551][ T4442] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.259: Failed to acquire dquot type 1
[   52.512106][ T4442] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.259: Invalid block bitmap block 0 in block_group 0
[   52.541731][ T4442] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.259: Invalid block bitmap block 0 in block_group 0
[   52.556964][ T4442] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.259: Invalid block bitmap block 0 in block_group 0
[   52.570961][ T4442] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.259: Failed to acquire dquot type 1
[   52.583583][ T4442] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.259: Failed to acquire dquot type 1
[   52.596823][ T4442] EXT4-fs (loop1): 1 orphan inode deleted
[   52.603278][ T4442] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   52.643421][ T4424] syz.4.253 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   52.657525][ T4424] CPU: 0 UID: 0 PID: 4424 Comm: syz.4.253 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   52.657560][ T4424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   52.657575][ T4424] Call Trace:
[   52.657583][ T4424]  <TASK>
[   52.657592][ T4424]  dump_stack_lvl+0xf6/0x150
[   52.657631][ T4424]  dump_stack+0x15/0x1a
[   52.657647][ T4424]  dump_header+0x83/0x2d0
[   52.657673][ T4424]  oom_kill_process+0x341/0x4c0
[   52.657708][ T4424]  out_of_memory+0x9d1/0xc20
[   52.657739][ T4424]  mem_cgroup_out_of_memory+0x13f/0x190
[   52.657833][ T4424]  try_charge_memcg+0x5f1/0x890
[   52.657866][ T4424]  obj_cgroup_charge_pages+0xc0/0x1a0
[   52.657906][ T4424]  __memcg_kmem_charge_page+0x9d/0x170
[   52.657936][ T4424]  __alloc_frozen_pages_noprof+0x1a6/0x360
[   52.658020][ T4424]  alloc_pages_mpol+0xb6/0x260
[   52.658057][ T4424]  alloc_pages_noprof+0xe8/0x130
[   52.658091][ T4424]  __vmalloc_node_range_noprof+0x6ea/0xe80
[   52.658221][ T4424]  __kvmalloc_node_noprof+0x311/0x520
[   52.658332][ T4424]  ? ip_set_alloc+0x1f/0x30
[   52.658368][ T4424]  ? ip_set_alloc+0x1f/0x30
[   52.658408][ T4424]  ip_set_alloc+0x1f/0x30
[   52.658594][ T4424]  hash_netiface_create+0x273/0x730
[   52.658671][ T4424]  ? __nla_parse+0x40/0x60
[   52.658705][ T4424]  ? __pfx_hash_netiface_create+0x10/0x10
[   52.658768][ T4424]  ip_set_create+0x3b6/0x970
[   52.658806][ T4424]  ? get_page_from_freelist+0x1c71/0x1d90
[   52.658837][ T4424]  ? __nla_parse+0x40/0x60
[   52.658872][ T4424]  nfnetlink_rcv_msg+0x4ba/0x580
[   52.658949][ T4424]  netlink_rcv_skb+0x12f/0x230
[   52.658967][ T4424]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   52.659006][ T4424]  nfnetlink_rcv+0x187/0x1610
[   52.659036][ T4424]  ? __kfree_skb+0x102/0x150
[   52.659076][ T4424]  ? nlmon_xmit+0x51/0x60
[   52.659162][ T4424]  ? __kfree_skb+0x102/0x150
[   52.659187][ T4424]  ? consume_skb+0x49/0x160
[   52.659229][ T4424]  ? nlmon_xmit+0x51/0x60
[   52.659264][ T4424]  ? dev_hard_start_xmit+0x3d1/0x400
[   52.659295][ T4424]  ? __dev_queue_xmit+0xb76/0x20b0
[   52.659354][ T4424]  ? should_fail_ex+0x31/0x270
[   52.659376][ T4424]  ? ref_tracker_free+0x3b8/0x420
[   52.659405][ T4424]  ? __netlink_deliver_tap+0x4c6/0x4f0
[   52.659441][ T4424]  netlink_unicast+0x605/0x6c0
[   52.659529][ T4424]  netlink_sendmsg+0x609/0x720
[   52.659610][ T4424]  ? __pfx_netlink_sendmsg+0x10/0x10
[   52.659707][ T4424]  __sock_sendmsg+0x140/0x180
[   52.659736][ T4424]  ____sys_sendmsg+0x350/0x4e0
[   52.659767][ T4424]  __sys_sendmsg+0x1a0/0x240
[   52.659819][ T4424]  __x64_sys_sendmsg+0x46/0x50
[   52.659876][ T4424]  x64_sys_call+0x26f3/0x2e10
[   52.659896][ T4424]  do_syscall_64+0xc9/0x1a0
[   52.659949][ T4424]  ? clear_bhb_loop+0x25/0x80
[   52.659974][ T4424]  ? clear_bhb_loop+0x25/0x80
[   52.659999][ T4424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.660024][ T4424] RIP: 0033:0x7f165ee8e169
[   52.660117][ T4424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.660135][ T4424] RSP: 002b:00007f165d4f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.660154][ T4424] RAX: ffffffffffffffda RBX: 00007f165f0b5fa0 RCX: 00007f165ee8e169
[   52.660167][ T4424] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[   52.660180][ T4424] RBP: 00007f165ef10a68 R08: 0000000000000000 R09: 0000000000000000
[   52.660192][ T4424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   52.660223][ T4424] R13: 0000000000000000 R14: 00007f165f0b5fa0 R15: 00007ffc7d7550d8
[   52.660244][ T4424]  </TASK>
[   52.660250][ T4424] memory: usage 307200kB, limit 307200kB, failcnt 257
[   53.011445][ T4424] memory+swap: usage 307576kB, limit 9007199254740988kB, failcnt 0
[   53.019433][ T4424] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[   53.026758][ T4424] Memory cgroup stats for /syz4:
[   53.027217][ T4424] cache 0
[   53.035139][ T4424] rss 0
[   53.037926][ T4424] shmem 0
[   53.040868][ T4424] mapped_file 0
[   53.044376][ T4424] dirty 0
[   53.047336][ T4424] writeback 0
[   53.050630][ T4424] workingset_refault_anon 64
[   53.055274][ T4424] workingset_refault_file 113
[   53.059992][ T4424] swap 385024
[   53.063288][ T4424] swapcached 0
[   53.066777][ T4424] pgpgin 13219
[   53.070157][ T4424] pgpgout 13219
[   53.073625][ T4424] pgfault 14109
[   53.077178][ T4424] pgmajfault 39
[   53.080645][ T4424] inactive_anon 0
[   53.084353][ T4424] active_anon 0
[   53.087879][ T4424] inactive_file 0
[   53.091575][ T4424] active_file 0
[   53.095125][ T4424] unevictable 0
[   53.098591][ T4424] hierarchical_memory_limit 314572800
[   53.103961][ T4424] hierarchical_memsw_limit 9223372036854771712
[   53.110147][ T4424] total_cache 0
[   53.113631][ T4424] total_rss 0
[   53.116951][ T4424] total_shmem 0
[   53.120488][ T4424] total_mapped_file 0
[   53.124497][ T4424] total_dirty 0
[   53.127958][ T4424] total_writeback 0
[   53.131745][ T4424] total_workingset_refault_anon 64
[   53.136915][ T4424] total_workingset_refault_file 113
[   53.142167][ T4424] total_swap 385024
[   53.146002][ T4424] total_swapcached 0
[   53.149952][ T4424] total_pgpgin 13219
[   53.153834][ T4424] total_pgpgout 13219
[   53.157833][ T4424] total_pgfault 14109
[   53.161879][ T4424] total_pgmajfault 39
[   53.165888][ T4424] total_inactive_anon 0
[   53.170042][ T4424] total_active_anon 0
[   53.174014][ T4424] total_inactive_file 0
[   53.178185][ T4424] total_active_file 0
[   53.182194][ T4424] total_unevictable 0
[   53.186189][ T4424] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.253,pid=4423,uid=0
[   53.200701][ T4424] Memory cgroup out of memory: Killed process 4423 (syz.4.253) total-vm:95796kB, anon-rss:916kB, file-rss:22660kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   53.261268][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.325037][ T4459] netlink: 68 bytes leftover after parsing attributes in process `syz.1.265'.
[   53.571492][ T4469] loop2: detected capacity change from 0 to 512
[   53.594634][ T4469] EXT4-fs: Ignoring removed bh option
[   53.600078][ T4469] EXT4-fs: Ignoring removed mblk_io_submit option
[   53.627924][ T4469] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   53.638968][ T4469] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   53.654285][ T4469] EXT4-fs (loop2): orphan cleanup on readonly fs
[   53.661016][ T4469] __quota_error: 543 callbacks suppressed
[   53.661029][ T4469] Quota error (device loop2): do_insert_tree: Free block already used in tree: block 4
[   53.676545][ T4469] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[   53.687837][ T4469] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.268: Failed to acquire dquot type 1
[   53.704335][ T4469] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.268: Invalid block bitmap block 0 in block_group 0
[   53.753950][ T4469] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.268: Invalid block bitmap block 0 in block_group 0
[   53.767642][ T4469] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.268: Invalid block bitmap block 0 in block_group 0
[   53.781723][ T4469] Quota error (device loop2): write_blk: dquota write failed
[   53.789151][ T4469] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[   53.799112][ T4469] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.268: Failed to acquire dquot type 1
[   53.811085][ T4469] Quota error (device loop2): write_blk: dquota write failed
[   53.818515][ T4469] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[   53.828368][ T4469] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.268: Failed to acquire dquot type 1
[   53.844225][ T4469] EXT4-fs (loop2): 1 orphan inode deleted
[   53.854769][ T4469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   53.996960][ T4485] loop0: detected capacity change from 0 to 512
[   54.013525][ T4485] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   54.038907][ T4485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.067644][ T4485] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.078889][ T4485] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.086876][   T29] audit: type=1326 audit(1745139001.405:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4486 comm="syz.3.277" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0adcdde169 code=0x0
[   54.123255][   T29] audit: type=1326 audit(1745139001.445:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4490 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   54.146687][   T29] audit: type=1326 audit(1745139001.445:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4490 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   54.170078][   T29] audit: type=1326 audit(1745139001.445:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4490 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   54.220753][ T4499] loop4: detected capacity change from 0 to 512
[   54.253413][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.274911][ T4499] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   54.301815][ T4499] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.343417][ T4499] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.439813][ T4499] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.564397][ T4521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.287'.
[   54.573275][ T4521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.287'.
[   54.641752][ T4529] can0: slcan on ttyS3.
[   54.714387][ T4529] can0 (unregistered): slcan off ttyS3.
[   54.955868][ T4567] netlink: 8 bytes leftover after parsing attributes in process `syz.3.299'.
[   54.964825][ T4567] netlink: 8 bytes leftover after parsing attributes in process `syz.3.299'.
[   54.971510][ T4570] loop1: detected capacity change from 0 to 512
[   55.004470][ T4570] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   55.045695][ T4570] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.068879][ T4570] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.112636][ T4570] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.218848][ T4581] netlink: 68 bytes leftover after parsing attributes in process `syz.3.304'.
[   55.269435][ T4585] FAULT_INJECTION: forcing a failure.
[   55.269435][ T4585] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   55.281208][ T4587] netlink: 68 bytes leftover after parsing attributes in process `syz.3.305'.
[   55.282560][ T4585] CPU: 0 UID: 0 PID: 4585 Comm: syz.2.306 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   55.282650][ T4585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   55.282666][ T4585] Call Trace:
[   55.282672][ T4585]  <TASK>
[   55.282681][ T4585]  dump_stack_lvl+0xf6/0x150
[   55.282732][ T4585]  dump_stack+0x15/0x1a
[   55.282845][ T4585]  should_fail_ex+0x261/0x270
[   55.282873][ T4585]  should_fail+0xb/0x10
[   55.282977][ T4585]  should_fail_usercopy+0x1a/0x20
[   55.283006][ T4585]  _copy_to_user+0x20/0xa0
[   55.283039][ T4585]  simple_read_from_buffer+0xb2/0x130
[   55.283077][ T4585]  proc_fail_nth_read+0x103/0x140
[   55.283180][ T4585]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   55.283217][ T4585]  vfs_read+0x1b2/0x710
[   55.283236][ T4585]  ? __rcu_read_unlock+0x4e/0x70
[   55.283260][ T4585]  ? __fget_files+0x186/0x1c0
[   55.283315][ T4585]  ksys_read+0xeb/0x1b0
[   55.283337][ T4585]  __x64_sys_read+0x42/0x50
[   55.283358][ T4585]  x64_sys_call+0x2a3b/0x2e10
[   55.283400][ T4585]  do_syscall_64+0xc9/0x1a0
[   55.283442][ T4585]  ? clear_bhb_loop+0x25/0x80
[   55.283472][ T4585]  ? clear_bhb_loop+0x25/0x80
[   55.283499][ T4585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.283581][ T4585] RIP: 0033:0x7f5aa361cb7c
[   55.283598][ T4585] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   55.283620][ T4585] RSP: 002b:00007f5aa1c87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   55.283643][ T4585] RAX: ffffffffffffffda RBX: 00007f5aa3845fa0 RCX: 00007f5aa361cb7c
[   55.283658][ T4585] RDX: 000000000000000f RSI: 00007f5aa1c870a0 RDI: 0000000000000006
[   55.283673][ T4585] RBP: 00007f5aa1c87090 R08: 0000000000000000 R09: 0000000000000000
[   55.283687][ T4585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.283756][ T4585] R13: 0000000000000000 R14: 00007f5aa3845fa0 R15: 00007fff65113828
[   55.283779][ T4585]  </TASK>
[   55.418990][ T4594] can0: slcan on ttyS3.
[   55.557030][ T4593] blk_print_req_error: 1 callbacks suppressed
[   55.557047][ T4593] I/O error, dev loop7, sector 2048 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[   55.611196][ T4593] I/O error, dev loop7, sector 2304 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[   55.627062][ T4593] I/O error, dev loop7, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   55.636606][ T4593] buffer_io_error: 419 callbacks suppressed
[   55.636619][ T4593] Buffer I/O error on dev loop7, logical block 256, async page read
[   55.724312][ T4594] can0 (unregistered): slcan off ttyS3.
[   55.748046][ T4592] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[   55.757919][ T4592] Buffer I/O error on dev loop7, logical block 0, lost async page write
[   55.766375][ T4592] Buffer I/O error on dev loop7, logical block 1, lost async page write
[   55.774850][ T4592] Buffer I/O error on dev loop7, logical block 2, lost async page write
[   55.783323][ T4592] Buffer I/O error on dev loop7, logical block 3, lost async page write
[   55.791734][ T4592] Buffer I/O error on dev loop7, logical block 4, lost async page write
[   55.800125][ T4592] Buffer I/O error on dev loop7, logical block 5, lost async page write
[   55.808562][ T4592] Buffer I/O error on dev loop7, logical block 6, lost async page write
[   55.816964][ T4592] Buffer I/O error on dev loop7, logical block 7, lost async page write
[   55.825335][ T4592] Buffer I/O error on dev loop7, logical block 8, lost async page write
[   55.846935][ T4592] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x800 phys_seg 128 prio class 0
[   55.915256][ T4616] loop0: detected capacity change from 0 to 512
[   55.923406][ T4616] EXT4-fs: Ignoring removed bh option
[   55.928922][ T4616] EXT4-fs: Ignoring removed mblk_io_submit option
[   55.982540][ T4616] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   56.024604][ T4616] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   56.032803][ T4616] EXT4-fs (loop0): orphan cleanup on readonly fs
[   56.061528][ T4633] netlink: 68 bytes leftover after parsing attributes in process `syz.2.315'.
[   56.102348][ T4633] vlan2: entered allmulticast mode
[   56.112901][ T4616] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.311: Failed to acquire dquot type 1
[   56.163896][ T4616] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.311: Invalid block bitmap block 0 in block_group 0
[   56.187051][ T4616] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.311: Invalid block bitmap block 0 in block_group 0
[   56.225988][ T4616] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.311: Invalid block bitmap block 0 in block_group 0
[   56.239801][ T4616] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.311: Failed to acquire dquot type 1
[   56.251441][ T4616] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.311: Failed to acquire dquot type 1
[   56.262963][ T4616] EXT4-fs (loop0): 1 orphan inode deleted
[   56.292048][ T4646] FAULT_INJECTION: forcing a failure.
[   56.292048][ T4646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.305205][ T4646] CPU: 0 UID: 0 PID: 4646 Comm: syz.2.316 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   56.305234][ T4646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   56.305247][ T4646] Call Trace:
[   56.305275][ T4646]  <TASK>
[   56.305283][ T4646]  dump_stack_lvl+0xf6/0x150
[   56.305309][ T4646]  dump_stack+0x15/0x1a
[   56.305328][ T4646]  should_fail_ex+0x261/0x270
[   56.305355][ T4646]  should_fail+0xb/0x10
[   56.305378][ T4646]  should_fail_usercopy+0x1a/0x20
[   56.305456][ T4646]  copy_fpstate_to_sigframe+0x65d/0x7f0
[   56.305492][ T4646]  ? copy_fpstate_to_sigframe+0xed/0x7f0
[   56.305528][ T4646]  ? fpu__alloc_mathframe+0x95/0xd0
[   56.305626][ T4646]  get_sigframe+0x308/0x440
[   56.305728][ T4646]  x64_setup_rt_frame+0xb4/0x5a0
[   56.305762][ T4646]  arch_do_signal_or_restart+0x279/0x480
[   56.305824][ T4646]  syscall_exit_to_user_mode+0x62/0x120
[   56.305857][ T4646]  do_syscall_64+0xd6/0x1a0
[   56.305885][ T4646]  ? clear_bhb_loop+0x25/0x80
[   56.305908][ T4646]  ? clear_bhb_loop+0x25/0x80
[   56.305959][ T4646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.306008][ T4646] RIP: 0033:0x7f5aa361e167
[   56.306024][ T4646] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[   56.306041][ T4646] RSP: 002b:00007f5aa1c87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   56.306066][ T4646] RAX: 0000000000000000 RBX: 00007f5aa3845fa0 RCX: 00007f5aa361e169
[   56.306079][ T4646] RDX: 000000000000effd RSI: 0000000000000000 RDI: 0000000000000005
[   56.306091][ T4646] RBP: 00007f5aa1c87090 R08: 0000000000000000 R09: 0000000000000000
[   56.306103][ T4646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.306116][ T4646] R13: 0000000000000000 R14: 00007f5aa3845fa0 R15: 00007fff65113828
[   56.306136][ T4646]  </TASK>
[   56.427054][ T4657] loop4: detected capacity change from 0 to 2048
[   56.593649][ T4657] Alternate GPT is invalid, using primary GPT.
[   56.600282][ T4657]  loop4: p2 p3 p7
[   56.614963][ T4664] PM: Enabling pm_trace changes system date and time during resume.
[   56.614963][ T4664] PM: Correct system time has to be restored manually after resume.
[   56.769492][ T4659] loop2: detected capacity change from 0 to 8192
[   56.827087][ T4677] netlink: 68 bytes leftover after parsing attributes in process `syz.3.327'.
[   56.876694][ T4681] loop1: detected capacity change from 0 to 256
[   56.883298][ T4681] msdos: Unknown parameter 'ÿ'
[   56.900566][ T4683] can0: slcan on ttyS3.
[   56.911358][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   56.925759][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   56.927967][ T3685] udevd[3685]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[   56.948758][ T4681] loop1: detected capacity change from 0 to 512
[   56.978192][ T4688] loop0: detected capacity change from 0 to 512
[   56.991382][ T4688] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   57.002345][ T4691] loop3: detected capacity change from 0 to 128
[   57.008856][ T4683] can0 (unregistered): slcan off ttyS3.
[   57.015815][ T4683] Falling back ldisc for ttyS3.
[   57.024641][ T4681] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.037956][ T4691] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[   57.050027][ T4688] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.060535][ T4691] System zones: 1-3, 19-19, 35-36
[   57.067501][ T4691] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   57.103651][ T4681] tipc: Started in network mode
[   57.108699][ T4681] tipc: Node identity fe80000000000000000000000000001e, cluster identity 4711
[   57.118020][ T4681] tipc: Enabled bearer <udp:syz0>, priority 10
[   57.140361][    C1] hrtimer: interrupt took 16723 ns
[   57.319517][ T4729] netlink: 68 bytes leftover after parsing attributes in process `syz.4.340'.
[   57.329179][ T4727] can0: slcan on ttyS3.
[   57.417601][ T4735] raw_sendmsg: syz.1.343 forgot to set AF_INET. Fix it!
[   57.425059][ T4727] can0 (unregistered): slcan off ttyS3.
[   57.442130][ T4727] Falling back ldisc for ttyS3.
[   57.538410][ T4754] loop1: detected capacity change from 0 to 512
[   57.564756][ T4754] ext4: Unknown parameter 'fsuuid'
[   58.124236][ T3380] tipc: Node number set to 4269801502
[   58.141624][ T4792] FAULT_INJECTION: forcing a failure.
[   58.141624][ T4792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.154727][ T4792] CPU: 1 UID: 0 PID: 4792 Comm: syz.3.353 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   58.154757][ T4792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   58.154771][ T4792] Call Trace:
[   58.154777][ T4792]  <TASK>
[   58.154785][ T4792]  dump_stack_lvl+0xf6/0x150
[   58.154809][ T4792]  dump_stack+0x15/0x1a
[   58.154837][ T4792]  should_fail_ex+0x261/0x270
[   58.154899][ T4792]  should_fail+0xb/0x10
[   58.154916][ T4792]  should_fail_usercopy+0x1a/0x20
[   58.154938][ T4792]  _copy_from_user+0x1c/0xa0
[   58.154970][ T4792]  copy_msghdr_from_user+0x54/0x2b0
[   58.155165][ T4792]  ? __fget_files+0x186/0x1c0
[   58.155187][ T4792]  do_recvmmsg+0x24d/0x6e0
[   58.155233][ T4792]  __x64_sys_recvmmsg+0xe4/0x170
[   58.155340][ T4792]  x64_sys_call+0x1b90/0x2e10
[   58.155365][ T4792]  do_syscall_64+0xc9/0x1a0
[   58.155392][ T4792]  ? clear_bhb_loop+0x25/0x80
[   58.155412][ T4792]  ? clear_bhb_loop+0x25/0x80
[   58.155435][ T4792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.155485][ T4792] RIP: 0033:0x7f0adcdde169
[   58.155501][ T4792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.155519][ T4792] RSP: 002b:00007f0adb426038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   58.155536][ T4792] RAX: ffffffffffffffda RBX: 00007f0add006080 RCX: 00007f0adcdde169
[   58.155546][ T4792] RDX: 0000000000000001 RSI: 000020000000a4c0 RDI: 0000000000000003
[   58.155556][ T4792] RBP: 00007f0adb426090 R08: 0000000000000000 R09: 0000000000000000
[   58.155565][ T4792] R10: 45833af92e4b39ff R11: 0000000000000246 R12: 0000000000000001
[   58.155635][ T4792] R13: 0000000000000001 R14: 00007f0add006080 R15: 00007ffe0f024748
[   58.155655][ T4792]  </TASK>
[   58.354379][ T4784] loop4: detected capacity change from 0 to 512
[   58.407924][ T4784] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.496191][ T4794] pim6reg: entered allmulticast mode
[   58.508600][ T4796] pim6reg: left allmulticast mode
[   58.570261][ T4794] netlink: 'wÞ£ÿ': attribute type 27 has an invalid length.
[   58.600952][ T4805] loop3: detected capacity change from 0 to 512
[   58.611527][ T4805] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   58.636243][ T4805] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.670180][ T4794] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.677411][ T4794] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.691463][ T4801] netlink: 192 bytes leftover after parsing attributes in process `syz.0.354'.
[   58.703633][ T4814] loop2: detected capacity change from 0 to 512
[   58.743021][ T4817] loop3: detected capacity change from 0 to 512
[   58.745451][ T4794] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   58.758056][ T4814] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[   58.759499][ T4794] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   58.773273][ T4817] EXT4-fs: inline encryption not supported
[   58.780581][ T4817] ext4: Unknown parameter 'fsuuid'
[   58.799725][ T4794] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.808762][ T4794] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.817663][ T4794] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.826589][ T4794] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.943329][ T4796] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.951383][ T4796] 8021q: adding VLAN 0 to HW filter on device team0
[   58.962292][ T4796] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   59.033996][ T4827] loop1: detected capacity change from 0 to 512
[   59.045748][   T29] kauditd_printk_skb: 168 callbacks suppressed
[   59.045777][   T29] audit: type=1400 audit(1745139006.489:2465): avc:  denied  { create } for  pid=4826 comm="syz.4.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   59.076074][ T4827] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.104861][   T29] audit: type=1400 audit(1745139006.519:2466): avc:  denied  { connect } for  pid=4826 comm="syz.4.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   59.124319][   T29] audit: type=1400 audit(1745139006.519:2467): avc:  denied  { bind } for  pid=4826 comm="syz.4.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   59.143904][   T29] audit: type=1400 audit(1745139006.519:2468): avc:  denied  { write } for  pid=4826 comm="syz.4.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   59.182412][ T4827] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.242521][   T29] audit: type=1326 audit(1745139006.679:2469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4842 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   59.266044][   T29] audit: type=1326 audit(1745139006.679:2470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4842 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   59.289454][   T29] audit: type=1326 audit(1745139006.679:2471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4842 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   59.312841][   T29] audit: type=1326 audit(1745139006.679:2472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4842 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   59.353784][ T4848] loop2: detected capacity change from 0 to 2048
[   59.425934][ T4850] loop2: detected capacity change from 0 to 2048
[   59.450962][   T29] audit: type=1326 audit(1745139006.950:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.0.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   59.459119][ T4854] netlink: 'syz.0.375': attribute type 10 has an invalid length.
[   59.474409][   T29] audit: type=1326 audit(1745139006.950:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.0.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f29fc61e169 code=0x7ffc0000
[   59.482475][ T4854] team0: Device hsr_slave_0 failed to register rx_handler
[   59.763833][ T4877] loop2: detected capacity change from 0 to 2048
[   59.807420][ T4879] loop1: detected capacity change from 0 to 512
[   59.818705][ T4879] ext4: Unknown parameter 'fsuuid'
[   59.825866][ T3684]  loop2: p1 < > p4
[   59.832013][ T3684] loop2: p4 size 8388608 extends beyond EOD, truncated
[   59.941707][ T4877]  loop2: p1 < > p4
[   59.946519][ T4877] loop2: p4 size 8388608 extends beyond EOD, truncated
[   60.393766][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   60.394081][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   60.419271][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   60.430678][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   60.458162][ T4910] __nla_validate_parse: 1 callbacks suppressed
[   60.458179][ T4910] netlink: 56 bytes leftover after parsing attributes in process `syz.0.394'.
[   60.530724][ T4915] netlink: 28 bytes leftover after parsing attributes in process `syz.0.394'.
[   60.539705][ T4915] netlink: 28 bytes leftover after parsing attributes in process `syz.0.394'.
[   60.551374][ T4915] dummy0: entered promiscuous mode
[   60.557192][ T4915] batadv_slave_1: entered promiscuous mode
[   60.563600][ T4915] hsr1: Slave B (batadv_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.682465][ T4919] netlink: 68 bytes leftover after parsing attributes in process `syz.1.398'.
[   60.926799][ T4929] siw: device registration error -23
[   61.328800][ T4938] Zero length message leads to an empty skb
[   61.331563][ T4917] syz.2.397 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   61.348886][ T4917] CPU: 0 UID: 0 PID: 4917 Comm: syz.2.397 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   61.348947][ T4917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.348962][ T4917] Call Trace:
[   61.348968][ T4917]  <TASK>
[   61.348976][ T4917]  dump_stack_lvl+0xf6/0x150
[   61.348998][ T4917]  dump_stack+0x15/0x1a
[   61.349016][ T4917]  dump_header+0x83/0x2d0
[   61.349043][ T4917]  oom_kill_process+0x341/0x4c0
[   61.349075][ T4917]  out_of_memory+0x9d1/0xc20
[   61.349097][ T4917]  mem_cgroup_out_of_memory+0x13f/0x190
[   61.349131][ T4917]  try_charge_memcg+0x5f1/0x890
[   61.349169][ T4917]  obj_cgroup_charge_pages+0xc0/0x1a0
[   61.349207][ T4917]  __memcg_kmem_charge_page+0x9d/0x170
[   61.349318][ T4917]  __alloc_frozen_pages_noprof+0x1a6/0x360
[   61.349347][ T4917]  alloc_pages_mpol+0xb6/0x260
[   61.349384][ T4917]  alloc_pages_noprof+0xe8/0x130
[   61.349440][ T4917]  __vmalloc_node_range_noprof+0x6ea/0xe80
[   61.349563][ T4917]  __kvmalloc_node_noprof+0x311/0x520
[   61.349615][ T4917]  ? ip_set_alloc+0x1f/0x30
[   61.349672][ T4917]  ? ip_set_alloc+0x1f/0x30
[   61.349703][ T4917]  ip_set_alloc+0x1f/0x30
[   61.349737][ T4917]  hash_netiface_create+0x273/0x730
[   61.349814][ T4917]  ? __nla_parse+0x40/0x60
[   61.349908][ T4917]  ? __pfx_hash_netiface_create+0x10/0x10
[   61.350010][ T4917]  ip_set_create+0x3b6/0x970
[   61.350049][ T4917]  ? get_page_from_freelist+0x1c71/0x1d90
[   61.350144][ T4917]  ? __nla_parse+0x40/0x60
[   61.350167][ T4917]  nfnetlink_rcv_msg+0x4ba/0x580
[   61.350213][ T4917]  netlink_rcv_skb+0x12f/0x230
[   61.350270][ T4917]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   61.350304][ T4917]  nfnetlink_rcv+0x187/0x1610
[   61.350324][ T4917]  ? __kfree_skb+0x102/0x150
[   61.350343][ T4917]  ? nlmon_xmit+0x51/0x60
[   61.350432][ T4917]  ? __kfree_skb+0x102/0x150
[   61.350455][ T4917]  ? consume_skb+0x49/0x160
[   61.350472][ T4917]  ? nlmon_xmit+0x51/0x60
[   61.350554][ T4917]  ? dev_hard_start_xmit+0x3d1/0x400
[   61.350585][ T4917]  ? __dev_queue_xmit+0xb76/0x20b0
[   61.350614][ T4917]  ? should_fail_ex+0x31/0x270
[   61.350636][ T4917]  ? ref_tracker_free+0x3b8/0x420
[   61.350670][ T4917]  ? __netlink_deliver_tap+0x4c6/0x4f0
[   61.350692][ T4917]  netlink_unicast+0x605/0x6c0
[   61.350784][ T4917]  netlink_sendmsg+0x609/0x720
[   61.350811][ T4917]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.350829][ T4917]  __sock_sendmsg+0x140/0x180
[   61.350924][ T4917]  ____sys_sendmsg+0x350/0x4e0
[   61.350956][ T4917]  __sys_sendmsg+0x1a0/0x240
[   61.351001][ T4917]  __x64_sys_sendmsg+0x46/0x50
[   61.351023][ T4917]  x64_sys_call+0x26f3/0x2e10
[   61.351042][ T4917]  do_syscall_64+0xc9/0x1a0
[   61.351065][ T4917]  ? clear_bhb_loop+0x25/0x80
[   61.351086][ T4917]  ? clear_bhb_loop+0x25/0x80
[   61.351136][ T4917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.351154][ T4917] RIP: 0033:0x7f5aa361e169
[   61.351166][ T4917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.351304][ T4917] RSP: 002b:00007f5aa1c87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.351325][ T4917] RAX: ffffffffffffffda RBX: 00007f5aa3845fa0 RCX: 00007f5aa361e169
[   61.351336][ T4917] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[   61.351359][ T4917] RBP: 00007f5aa36a0a68 R08: 0000000000000000 R09: 0000000000000000
[   61.351368][ T4917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   61.351386][ T4917] R13: 0000000000000000 R14: 00007f5aa3845fa0 R15: 00007fff65113828
[   61.351412][ T4917]  </TASK>
[   61.351418][ T4917] memory: usage 307200kB, limit 307200kB, failcnt 175
[   61.702548][ T4917] memory+swap: usage 307752kB, limit 9007199254740988kB, failcnt 0
[   61.710474][ T4917] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[   61.718278][ T4917] Memory cgroup stats for /syz2:
[   61.718662][ T4917] cache 0
[   61.727040][ T4917] rss 0
[   61.729828][ T4917] shmem 0
[   61.732754][ T4917] mapped_file 0
[   61.736484][ T4917] dirty 0
[   61.739421][ T4917] writeback 0
[   61.742695][ T4917] workingset_refault_anon 6
[   61.747218][ T4917] workingset_refault_file 140
[   61.751961][ T4917] swap 565248
[   61.755276][ T4917] swapcached 4096
[   61.758906][ T4917] pgpgin 12220
[   61.762264][ T4917] pgpgout 12219
[   61.765762][ T4917] pgfault 17446
[   61.769221][ T4917] pgmajfault 13
[   61.772664][ T4917] inactive_anon 0
[   61.776299][ T4917] active_anon 4096
[   61.780037][ T4917] inactive_file 0
[   61.783655][ T4917] active_file 0
[   61.787128][ T4917] unevictable 0
[   61.790582][ T4917] hierarchical_memory_limit 314572800
[   61.796021][ T4917] hierarchical_memsw_limit 9223372036854771712
[   61.802176][ T4917] total_cache 0
[   61.805644][ T4917] total_rss 0
[   61.808924][ T4917] total_shmem 0
[   61.812432][ T4917] total_mapped_file 0
[   61.816418][ T4917] total_dirty 0
[   61.819875][ T4917] total_writeback 0
[   61.823727][ T4917] total_workingset_refault_anon 6
[   61.828838][ T4917] total_workingset_refault_file 140
[   61.834032][ T4917] total_swap 565248
[   61.837857][ T4917] total_swapcached 4096
[   61.842034][ T4917] total_pgpgin 12220
[   61.845945][ T4917] total_pgpgout 12219
[   61.849933][ T4917] total_pgfault 17446
[   61.853923][ T4917] total_pgmajfault 13
[   61.857941][ T4917] total_inactive_anon 0
[   61.862185][ T4917] total_active_anon 4096
[   61.866452][ T4917] total_inactive_file 0
[   61.870609][ T4917] total_active_file 0
[   61.874634][ T4917] total_unevictable 0
[   61.878635][ T4917] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.397,pid=4916,uid=0
[   61.893462][ T4917] Memory cgroup out of memory: Killed process 4916 (syz.2.397) total-vm:95796kB, anon-rss:1016kB, file-rss:22468kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   61.975183][ T4949] netlink: 68 bytes leftover after parsing attributes in process `syz.3.410'.
[   61.987238][ T4947] netlink: 68 bytes leftover after parsing attributes in process `syz.1.409'.
[   62.066300][ T4953] loop3: detected capacity change from 0 to 1764
[   62.076755][ T4957] loop1: detected capacity change from 0 to 512
[   62.083450][ T4953] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿ0000000000000000000000000000000000000000000'
[   62.097252][ T4957] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   62.142744][ T4957] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.276657][ T4974] FAULT_INJECTION: forcing a failure.
[   62.276657][ T4974] name failslab, interval 1, probability 0, space 0, times 1
[   62.289376][ T4974] CPU: 1 UID: 0 PID: 4974 Comm: syz.4.417 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   62.289476][ T4974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.289488][ T4974] Call Trace:
[   62.289561][ T4974]  <TASK>
[   62.289570][ T4974]  dump_stack_lvl+0xf6/0x150
[   62.289592][ T4974]  dump_stack+0x15/0x1a
[   62.289607][ T4974]  should_fail_ex+0x261/0x270
[   62.289630][ T4974]  should_failslab+0x8f/0xb0
[   62.289653][ T4974]  __kmalloc_cache_noprof+0x55/0x320
[   62.289687][ T4974]  ? alloc_pipe_info+0xb0/0x360
[   62.289787][ T4974]  alloc_pipe_info+0xb0/0x360
[   62.289806][ T4974]  splice_direct_to_actor+0x621/0x680
[   62.289844][ T4974]  ? __pfx_direct_splice_actor+0x10/0x10
[   62.289881][ T4974]  ? __rcu_read_unlock+0x4e/0x70
[   62.289914][ T4974]  ? avc_policy_seqno+0x15/0x20
[   62.289934][ T4974]  ? selinux_file_permission+0x22d/0x360
[   62.289954][ T4974]  do_splice_direct+0xd9/0x150
[   62.290058][ T4974]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   62.290093][ T4974]  do_sendfile+0x40a/0x690
[   62.290138][ T4974]  __x64_sys_sendfile64+0x113/0x160
[   62.290219][ T4974]  x64_sys_call+0xfc3/0x2e10
[   62.290238][ T4974]  do_syscall_64+0xc9/0x1a0
[   62.290265][ T4974]  ? clear_bhb_loop+0x25/0x80
[   62.290289][ T4974]  ? clear_bhb_loop+0x25/0x80
[   62.290381][ T4974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.290402][ T4974] RIP: 0033:0x7f165ee8e169
[   62.290415][ T4974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.290430][ T4974] RSP: 002b:00007f165d4d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   62.290451][ T4974] RAX: ffffffffffffffda RBX: 00007f165f0b6080 RCX: 00007f165ee8e169
[   62.290464][ T4974] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000009
[   62.290512][ T4974] RBP: 00007f165d4d6090 R08: 0000000000000000 R09: 0000000000000000
[   62.290523][ T4974] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000001
[   62.290536][ T4974] R13: 0000000000000000 R14: 00007f165f0b6080 R15: 00007ffc7d7550d8
[   62.290558][ T4974]  </TASK>
[   62.509921][ T4980] netlink: 68 bytes leftover after parsing attributes in process `syz.0.423'.
[   62.562788][ T4982] netlink: 8 bytes leftover after parsing attributes in process `syz.4.424'.
[   62.748540][ T4998] siw: device registration error -23
[   62.795571][ T5000] loop3: detected capacity change from 0 to 8192
[   62.838627][ T5000]  loop3: p3 < > p4
[   62.843352][ T5000] loop3: p4 start 131072 is beyond EOD, truncated
[   63.120872][ T5034] Cannot find map_set index 0 as target
[   63.190180][ T5038] loop1: detected capacity change from 0 to 164
[   63.202018][ T5038] isofs_fill_super: bread failed, dev=loop1, iso_blknum=41, block=164
[   63.212074][ T5040] FAULT_INJECTION: forcing a failure.
[   63.212074][ T5040] name failslab, interval 1, probability 0, space 0, times 0
[   63.224895][ T5040] CPU: 0 UID: 0 PID: 5040 Comm: syz.4.446 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   63.224922][ T5040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   63.224934][ T5040] Call Trace:
[   63.224941][ T5040]  <TASK>
[   63.224948][ T5040]  dump_stack_lvl+0xf6/0x150
[   63.224971][ T5040]  dump_stack+0x15/0x1a
[   63.224984][ T5040]  should_fail_ex+0x261/0x270
[   63.225031][ T5040]  should_failslab+0x8f/0xb0
[   63.225052][ T5040]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   63.225075][ T5040]  ? __alloc_skb+0x10d/0x320
[   63.225092][ T5040]  __alloc_skb+0x10d/0x320
[   63.225107][ T5040]  rtmsg_ifinfo_build_skb+0x63/0x1b0
[   63.225130][ T5040]  ? __pfx_rtnetlink_event+0x10/0x10
[   63.225153][ T5040]  rtnetlink_event+0x180/0x200
[   63.225175][ T5040]  raw_notifier_call_chain+0x6f/0x1d0
[   63.225216][ T5040]  call_netdevice_notifiers_info+0xae/0x100
[   63.225249][ T5040]  netif_change_tx_queue_len+0xbe/0x170
[   63.225272][ T5040]  dev_change_tx_queue_len+0xca/0x180
[   63.225302][ T5040]  dev_ifsioc+0x1b4/0xb20
[   63.225385][ T5040]  ? __rcu_read_unlock+0x4e/0x70
[   63.225406][ T5040]  dev_ioctl+0x7d6/0xa20
[   63.225429][ T5040]  sock_do_ioctl+0x121/0x220
[   63.225461][ T5040]  sock_ioctl+0x436/0x630
[   63.225535][ T5040]  ? __pfx_sock_ioctl+0x10/0x10
[   63.225564][ T5040]  __se_sys_ioctl+0xc9/0x140
[   63.225613][ T5040]  __x64_sys_ioctl+0x43/0x50
[   63.225698][ T5040]  x64_sys_call+0x168d/0x2e10
[   63.225784][ T5040]  do_syscall_64+0xc9/0x1a0
[   63.225809][ T5040]  ? clear_bhb_loop+0x25/0x80
[   63.225826][ T5040]  ? clear_bhb_loop+0x25/0x80
[   63.225844][ T5040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.225917][ T5040] RIP: 0033:0x7f165ee8e169
[   63.225933][ T5040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.225948][ T5040] RSP: 002b:00007f165d4f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   63.225991][ T5040] RAX: ffffffffffffffda RBX: 00007f165f0b5fa0 RCX: 00007f165ee8e169
[   63.226004][ T5040] RDX: 0000200000002280 RSI: 0000000000008943 RDI: 0000000000000004
[   63.226017][ T5040] RBP: 00007f165d4f7090 R08: 0000000000000000 R09: 0000000000000000
[   63.226030][ T5040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.226042][ T5040] R13: 0000000000000000 R14: 00007f165f0b5fa0 R15: 00007ffc7d7550d8
[   63.226059][ T5040]  </TASK>
[   63.542444][ T5046] loop1: detected capacity change from 0 to 1024
[   63.559023][ T5048] can0: slcan on ttyS3.
[   63.578667][ T5046] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.445: missing EA_INODE flag
[   63.596985][ T5046] EXT4-fs (loop1): Remounting filesystem read-only
[   63.603551][ T5046] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   63.628643][ T5046] capability: warning: `syz.1.445' uses deprecated v2 capabilities in a way that may be insecure
[   63.645398][ T5048] can0 (unregistered): slcan off ttyS3.
[   63.680533][ T5059] loop2: detected capacity change from 0 to 512
[   63.701116][ T5059] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   63.714251][ T5059] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   63.737897][ T5059] EXT4-fs (loop2): 1 truncate cleaned up
[   63.749285][ T5059] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   63.765913][ T5059] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.452: invalid indirect mapped block 3489660928 (level 0)
[   63.783808][ T5059] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.452: invalid indirect mapped block 6 (level 1)
[   63.827216][ T5066] loop3: detected capacity change from 0 to 2048
[   64.059818][ T5083] SELinux: failed to load policy
[   64.064845][   T29] kauditd_printk_skb: 339 callbacks suppressed
[   64.064896][   T29] audit: type=1400 audit(1745139011.746:2814): avc:  denied  { load_policy } for  pid=5081 comm="syz.4.462" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   64.136005][   T29] audit: type=1326 audit(1745139011.816:2815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   64.159461][   T29] audit: type=1326 audit(1745139011.816:2816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   64.182953][   T29] audit: type=1326 audit(1745139011.816:2817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   64.206570][   T29] audit: type=1326 audit(1745139011.816:2818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   64.229957][   T29] audit: type=1326 audit(1745139011.816:2819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   64.253370][   T29] audit: type=1326 audit(1745139011.816:2821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5086 comm="syz.2.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa361e169 code=0x7ffc0000
[   64.277010][   T29] audit: type=1326 audit(1745139011.816:2820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   64.300362][   T29] audit: type=1326 audit(1745139011.816:2822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   64.323720][   T29] audit: type=1326 audit(1745139011.816:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72bede169 code=0x7ffc0000
[   64.408838][ T5108] netlink: 'syz.4.471': attribute type 10 has an invalid length.
[   64.426795][ T5108] hsr_slave_0: left promiscuous mode
[   64.442889][ T5108] hsr_slave_1: left promiscuous mode
[   65.247561][ T5141] netlink: 68 bytes leftover after parsing attributes in process `syz.4.481'.
[   65.630731][ T5150] netlink: 'syz.4.485': attribute type 4 has an invalid length.
[   65.802184][ T5159] netlink: 188 bytes leftover after parsing attributes in process `syz.0.490'.
[   65.838371][ T5170] netlink: 40 bytes leftover after parsing attributes in process `syz.0.495'.
[   65.861226][ T5174] capability: warning: `syz.2.496' uses 32-bit capabilities (legacy support in use)
[   65.921194][ T5181] netlink: 68 bytes leftover after parsing attributes in process `syz.0.500'.
[   66.065160][ T5191] netlink: 8 bytes leftover after parsing attributes in process `syz.2.505'.
[   66.102461][ T5198] can0: slcan on ttyS3.
[   66.150472][ T5205] netlink: 68 bytes leftover after parsing attributes in process `syz.0.512'.
[   66.159982][ T5198] can0 (unregistered): slcan off ttyS3.
[   66.168044][ T5198] Falling back ldisc for ttyS3.
[   66.184853][ T5208] netlink: 4 bytes leftover after parsing attributes in process `wg1'.
[   66.383067][ T5227] FAULT_INJECTION: forcing a failure.
[   66.383067][ T5227] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.396283][ T5227] CPU: 1 UID: 0 PID: 5227 Comm: syz.2.522 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   66.396445][ T5227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   66.396456][ T5227] Call Trace:
[   66.396463][ T5227]  <TASK>
[   66.396469][ T5227]  dump_stack_lvl+0xf6/0x150
[   66.396491][ T5227]  dump_stack+0x15/0x1a
[   66.396510][ T5227]  should_fail_ex+0x261/0x270
[   66.396559][ T5227]  should_fail+0xb/0x10
[   66.396577][ T5227]  should_fail_usercopy+0x1a/0x20
[   66.396695][ T5227]  _copy_from_user+0x1c/0xa0
[   66.396722][ T5227]  copy_msghdr_from_user+0x54/0x2b0
[   66.396759][ T5227]  ? __fget_files+0x186/0x1c0
[   66.396843][ T5227]  __sys_sendmsg+0x141/0x240
[   66.396884][ T5227]  __x64_sys_sendmsg+0x46/0x50
[   66.396912][ T5227]  x64_sys_call+0x26f3/0x2e10
[   66.396938][ T5227]  do_syscall_64+0xc9/0x1a0
[   66.396962][ T5227]  ? clear_bhb_loop+0x25/0x80
[   66.396988][ T5227]  ? clear_bhb_loop+0x25/0x80
[   66.397013][ T5227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.397061][ T5227] RIP: 0033:0x7f5aa361e169
[   66.397141][ T5227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.397162][ T5227] RSP: 002b:00007f5aa1c87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   66.397179][ T5227] RAX: ffffffffffffffda RBX: 00007f5aa3845fa0 RCX: 00007f5aa361e169
[   66.397190][ T5227] RDX: 0000000004004090 RSI: 0000200000000ec0 RDI: 0000000000000004
[   66.397200][ T5227] RBP: 00007f5aa1c87090 R08: 0000000000000000 R09: 0000000000000000
[   66.397211][ T5227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.397299][ T5227] R13: 0000000000000000 R14: 00007f5aa3845fa0 R15: 00007fff65113828
[   66.397317][ T5227]  </TASK>
[   66.647311][ T5236] can0: slcan on ttyS3.
[   66.736266][ T5236] can0 (unregistered): slcan off ttyS3.
[   66.755886][ T5236] Falling back ldisc for ttyS3.
[   66.819199][ T5260] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   67.082046][ T5291] loop0: detected capacity change from 0 to 2048
[   67.774830][ T5305] can0: slcan on ttyS3.
[   67.824369][ T5305] can0 (unregistered): slcan off ttyS3.
[   67.835787][ T5305] Falling back ldisc for ttyS3.
[   67.929654][ T5329] loop0: detected capacity change from 0 to 512
[   67.957487][ T5329] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.979119][ T5329] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   68.014063][ T5329] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   68.029877][ T5329] EXT4-fs (loop0): 1 truncate cleaned up
[   68.100804][ T5329] EXT4-fs mount: 20 callbacks suppressed
[   68.100820][ T5329] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.141650][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.271433][ T5373] loop1: detected capacity change from 0 to 512
[   68.296020][ T5373] EXT4-fs: Ignoring removed bh option
[   68.301729][ T5373] EXT4-fs: Ignoring removed mblk_io_submit option
[   68.370883][ T5373] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   68.382191][ T5373] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   68.392218][ T5373] EXT4-fs (loop1): orphan cleanup on readonly fs
[   68.398943][ T5373] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.555: Failed to acquire dquot type 1
[   68.410399][ T5373] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.555: Invalid block bitmap block 0 in block_group 0
[   68.425343][ T5373] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.555: Invalid block bitmap block 0 in block_group 0
[   68.438993][ T5373] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.555: Invalid block bitmap block 0 in block_group 0
[   68.453615][ T5373] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.555: Failed to acquire dquot type 1
[   68.465497][ T5373] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.555: Failed to acquire dquot type 1
[   68.478142][ T5373] EXT4-fs (loop1): 1 orphan inode deleted
[   68.484663][ T5373] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.528089][ T5381] loop2: detected capacity change from 0 to 4096
[   68.541501][ T5381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.554712][ T5381] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.646223][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.022195][ T5398] loop3: detected capacity change from 0 to 2048
[   69.086542][   T29] kauditd_printk_skb: 555 callbacks suppressed
[   69.086555][   T29] audit: type=1326 audit(1745139016.991:3373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5400 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   69.116190][   T29] audit: type=1326 audit(1745139016.991:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5400 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   69.139532][   T29] audit: type=1326 audit(1745139016.991:3375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5400 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   69.162884][   T29] audit: type=1326 audit(1745139016.991:3376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5400 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   69.235593][   T29] audit: type=1400 audit(1745139017.131:3377): avc:  denied  { create } for  pid=5397 comm="syz.3.564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   69.255198][   T29] audit: type=1400 audit(1745139017.141:3378): avc:  denied  { connect } for  pid=5397 comm="syz.3.564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   69.274803][   T29] audit: type=1400 audit(1745139017.151:3379): avc:  denied  { write } for  pid=5397 comm="syz.3.564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   69.314026][ T5407] loop3: detected capacity change from 0 to 128
[   69.326384][ T5407] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   69.341898][ T5407] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.355488][ T5407] process 'syz.3.567' launched './file0' with NULL argv: empty string added
[   69.376556][   T29] audit: type=1400 audit(1745139017.281:3380): avc:  denied  { write } for  pid=5405 comm="syz.3.567" path="/100/file0/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   69.399356][   T29] audit: type=1400 audit(1745139017.281:3381): avc:  denied  { execute } for  pid=5405 comm="syz.3.567" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   69.421312][   T29] audit: type=1400 audit(1745139017.301:3382): avc:  denied  { execute_no_trans } for  pid=5405 comm="syz.3.567" path="/100/file0/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   69.450207][ T5411] netlink: 68 bytes leftover after parsing attributes in process `syz.0.569'.
[   69.474638][ T3304] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   69.637143][ T5428] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   69.646009][ T5428] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   69.654864][ T5428] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   69.663589][ T5428] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   69.731058][ T5436] loop3: detected capacity change from 0 to 2048
[   69.738669][ T5436] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   69.840459][ T5443] loop1: detected capacity change from 0 to 2048
[   69.912450][ T5436] loop3: detected capacity change from 0 to 512
[   69.929630][ T5436] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.936145][ T5457] netlink: 68 bytes leftover after parsing attributes in process `syz.1.587'.
[   69.948228][ T5436] ext4 filesystem being mounted at /103/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   70.030638][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.058887][ T5461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.588'.
[   70.067733][ T5461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.588'.
[   70.522361][ T5479] loop1: detected capacity change from 0 to 2048
[   70.731010][ T5505] netlink: 'syz.0.607': attribute type 10 has an invalid length.
[   70.759398][ T5505] hsr_slave_0: left promiscuous mode
[   70.773116][ T5505] hsr_slave_1: left promiscuous mode
[   70.835704][ T5514] __nla_validate_parse: 1 callbacks suppressed
[   70.835721][ T5514] netlink: 68 bytes leftover after parsing attributes in process `syz.1.611'.
[   70.851176][ T5512] loop3: detected capacity change from 0 to 2048
[   70.916974][ T5526] syz.0.612 uses obsolete (PF_INET,SOCK_PACKET)
[   70.931536][ T5526] loop0: detected capacity change from 0 to 128
[   70.936165][ T5528] loop2: detected capacity change from 0 to 2048
[   70.985897][ T5528]  loop2: p1 < > p4
[   70.990502][ T5528] loop2: p4 size 8388608 extends beyond EOD, truncated
[   71.021737][ T5535] loop1: detected capacity change from 0 to 164
[   71.055376][ T5535] ISOFS: unable to read i-node block
[   71.060713][ T5535] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   71.134750][ T5542] Cannot find map_set index 0 as target
[   71.185962][ T5551] netlink: 68 bytes leftover after parsing attributes in process `syz.0.624'.
[   71.308872][ T5556] loop2: detected capacity change from 0 to 2048
[   71.415556][ T5559] loop0: detected capacity change from 0 to 2048
[   71.422952][ T5560] netlink: 44 bytes leftover after parsing attributes in process `syz.1.626'.
[   71.431881][ T5560] netlink: 43 bytes leftover after parsing attributes in process `syz.1.626'.
[   71.440766][ T5560] netlink: 'syz.1.626': attribute type 6 has an invalid length.
[   71.448445][ T5560] netlink: 'syz.1.626': attribute type 5 has an invalid length.
[   71.456101][ T5560] netlink: 43 bytes leftover after parsing attributes in process `syz.1.626'.
[   71.630212][ T5569] netlink: 92 bytes leftover after parsing attributes in process `syz.4.629'.
[   71.653636][ T5571] FAULT_INJECTION: forcing a failure.
[   71.653636][ T5571] name failslab, interval 1, probability 0, space 0, times 0
[   71.666420][ T5571] CPU: 0 UID: 0 PID: 5571 Comm: syz.4.630 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   71.666449][ T5571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   71.666480][ T5571] Call Trace:
[   71.666485][ T5571]  <TASK>
[   71.666491][ T5571]  dump_stack_lvl+0xf6/0x150
[   71.666511][ T5571]  dump_stack+0x15/0x1a
[   71.666602][ T5571]  should_fail_ex+0x261/0x270
[   71.666629][ T5571]  should_failslab+0x8f/0xb0
[   71.666650][ T5571]  __kmalloc_cache_noprof+0x55/0x320
[   71.666736][ T5571]  ? dev_ethtool+0x9a/0x1570
[   71.666782][ T5571]  dev_ethtool+0x9a/0x1570
[   71.666810][ T5571]  ? full_name_hash+0x93/0xe0
[   71.666838][ T5571]  ? strcmp+0x21/0x50
[   71.666920][ T5571]  ? __rcu_read_unlock+0x4e/0x70
[   71.666945][ T5571]  dev_ioctl+0x3b3/0xa20
[   71.666968][ T5571]  sock_do_ioctl+0x121/0x220
[   71.666997][ T5571]  sock_ioctl+0x436/0x630
[   71.667033][ T5571]  ? __pfx_sock_ioctl+0x10/0x10
[   71.667061][ T5571]  __se_sys_ioctl+0xc9/0x140
[   71.667133][ T5571]  __x64_sys_ioctl+0x43/0x50
[   71.667167][ T5571]  x64_sys_call+0x168d/0x2e10
[   71.667187][ T5571]  do_syscall_64+0xc9/0x1a0
[   71.667293][ T5571]  ? clear_bhb_loop+0x25/0x80
[   71.667317][ T5571]  ? clear_bhb_loop+0x25/0x80
[   71.667342][ T5571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.667365][ T5571] RIP: 0033:0x7f165ee8e169
[   71.667381][ T5571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.667396][ T5571] RSP: 002b:00007f165d4f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   71.667428][ T5571] RAX: ffffffffffffffda RBX: 00007f165f0b5fa0 RCX: 00007f165ee8e169
[   71.667440][ T5571] RDX: 0000200000000880 RSI: 0000000000008946 RDI: 0000000000000004
[   71.667454][ T5571] RBP: 00007f165d4f7090 R08: 0000000000000000 R09: 0000000000000000
[   71.667468][ T5571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.667565][ T5571] R13: 0000000000000000 R14: 00007f165f0b5fa0 R15: 00007ffc7d7550d8
[   71.667589][ T5571]  </TASK>
[   71.905137][ T5573] loop4: detected capacity change from 0 to 2048
[   71.935002][ T5573]  loop4: p1 < > p4
[   71.939512][ T5573] loop4: p4 size 8388608 extends beyond EOD, truncated
[   72.053376][ T5589] loop2: detected capacity change from 0 to 164
[   72.094845][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   72.113406][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   72.148304][ T5600] netlink: 28 bytes leftover after parsing attributes in process `syz.4.635'.
[   72.157388][ T5600] netlink: 28 bytes leftover after parsing attributes in process `syz.4.635'.
[   72.665699][ T5647] loop3: detected capacity change from 0 to 1024
[   72.687649][ T5647] EXT4-fs: Ignoring removed orlov option
[   72.693495][ T5647] EXT4-fs: Ignoring removed bh option
[   72.705348][ T5651] Cannot find map_set index 0 as target
[   72.706421][ T5653] netlink: 8 bytes leftover after parsing attributes in process `syz.4.650'.
[   72.722395][ T5647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.761769][ T5647] netlink: 156 bytes leftover after parsing attributes in process `syz.3.647'.
[   72.777703][ T5647] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.647: Allocating blocks 497-513 which overlap fs metadata
[   72.782192][ T5662] loop1: detected capacity change from 0 to 512
[   72.803708][ T5662] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   72.819483][ T5662] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.832553][ T5662] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.846300][ T5662] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.855804][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.900001][ T5670] loop1: detected capacity change from 0 to 256
[   72.909648][ T5670] FAT-fs (loop1): bogus number of FAT sectors
[   72.915849][ T5670] FAT-fs (loop1): Can't find a valid FAT filesystem
[   73.025705][ T5684] SELinux:  policydb string length 1852375040 does not match expected length 8
[   73.055585][ T5684] SELinux: failed to load policy
[   73.081177][ T5688] ip6gre1: entered allmulticast mode
[   73.099789][ T5690] Cannot find map_set index 0 as target
[   73.186692][ T5698] loop3: detected capacity change from 0 to 512
[   73.202722][ T5698] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   73.214503][ T5700] loop1: detected capacity change from 0 to 2048
[   73.224719][ T5704] vlan2: entered allmulticast mode
[   73.234740][ T5700] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   73.269637][ T5698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.282665][ T5698] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.293815][ T5698] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.347057][ T5700] loop1: detected capacity change from 0 to 512
[   73.365929][ T5700] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.378598][ T5700] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.410013][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.527866][ T5729] loop1: detected capacity change from 0 to 2048
[   73.708991][ T5731] siw: device registration error -23
[   73.753490][ T5735] loop4: detected capacity change from 0 to 512
[   73.760169][ T5735] EXT4-fs: Ignoring removed nomblk_io_submit option
[   73.767457][ T5735] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   73.778433][ T5735] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   73.793313][ T5735] EXT4-fs (loop4): 1 truncate cleaned up
[   73.799673][ T5735] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.823113][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.841533][ T5738] usb usb1: usbfs: process 5738 (syz.4.680) did not claim interface 0 before use
[   73.856219][ T5738] loop4: detected capacity change from 0 to 512
[   73.862945][ T5738] ext4: Unknown parameter 'fsname'
[   73.908849][ T5742] vlan2: entered allmulticast mode
[   73.939282][ T5744] loop4: detected capacity change from 0 to 2048
[   73.974538][ T3684]  loop4: p1 < > p4
[   73.979019][ T3684] loop4: p4 size 8388608 extends beyond EOD, truncated
[   74.012226][ T5744]  loop4: p1 < > p4
[   74.016817][ T5744] loop4: p4 size 8388608 extends beyond EOD, truncated
[   74.086654][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   74.096749][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   74.115937][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   74.131318][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   74.159374][   T29] kauditd_printk_skb: 511 callbacks suppressed
[   74.159386][   T29] audit: type=1326 audit(1745139022.081:3894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.169483][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   74.188907][   T29] audit: type=1326 audit(1745139022.081:3895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.222536][   T29] audit: type=1326 audit(1745139022.081:3896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.242551][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   74.246024][   T29] audit: type=1326 audit(1745139022.081:3897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.279066][   T29] audit: type=1326 audit(1745139022.081:3898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.279090][   T29] audit: type=1326 audit(1745139022.081:3899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.279120][   T29] audit: type=1326 audit(1745139022.081:3900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.279165][   T29] audit: type=1326 audit(1745139022.081:3901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.282054][   T29] audit: type=1326 audit(1745139022.081:3902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.306587][ T5769] smc: net device bond0 applied user defined pnetid SYZ2
[   74.325962][   T29] audit: type=1326 audit(1745139022.081:3903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5757 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f165ee8e169 code=0x7ffc0000
[   74.466506][ T5767] smc: net device bond0 erased user defined pnetid SYZ2
[   74.475233][ T5767] loop2: detected capacity change from 0 to 128
[   74.493075][ T5767] vfat: Unknown parameter ''
[   74.590512][ T5785] loop2: detected capacity change from 0 to 2048
[   74.598224][ T5786] loop4: detected capacity change from 0 to 512
[   74.609046][ T5786] EXT4-fs: Ignoring removed bh option
[   74.614642][ T5786] EXT4-fs: Ignoring removed mblk_io_submit option
[   74.623622][ T3684] ==================================================================
[   74.631718][ T3684] BUG: KCSAN: data-race in do_mpage_readpage / set_blocksize
[   74.639100][ T3684] 
[   74.641417][ T3684] write to 0xffff888100631d2e of 1 bytes by task 5786 on cpu 0:
[   74.649042][ T3684]  set_blocksize+0x218/0x270
[   74.653645][ T3684]  sb_min_blocksize+0xb7/0x140
[   74.658421][ T3684]  ext4_fill_super+0x396/0x3580
[   74.663272][ T3684]  get_tree_bdev_flags+0x2b4/0x330
[   74.668381][ T3684]  get_tree_bdev+0x1f/0x30
[   74.672792][ T3684]  ext4_get_tree+0x1c/0x30
[   74.677203][ T3684]  vfs_get_tree+0x56/0x1e0
[   74.681625][ T3684]  do_new_mount+0x246/0x6b0
[   74.686123][ T3684]  path_mount+0x49b/0xb30
[   74.690459][ T3684]  __se_sys_mount+0x28f/0x2e0
[   74.695138][ T3684]  __x64_sys_mount+0x67/0x80
[   74.699735][ T3684]  x64_sys_call+0xd11/0x2e10
[   74.704329][ T3684]  do_syscall_64+0xc9/0x1a0
[   74.708839][ T3684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.714731][ T3684] 
[   74.717047][ T3684] read to 0xffff888100631d2e of 1 bytes by task 3684 on cpu 1:
[   74.724581][ T3684]  do_mpage_readpage+0x53/0xd60
[   74.729431][ T3684]  mpage_readahead+0x1af/0x2d0
[   74.734196][ T3684]  blkdev_readahead+0x1c/0x30
[   74.738871][ T3684]  read_pages+0xa1/0x470
[   74.743108][ T3684]  page_cache_ra_unbounded+0x30d/0x350
[   74.748563][ T3684]  page_cache_sync_ra+0x252/0x680
[   74.753579][ T3684]  filemap_get_pages+0x2ba/0x11b0
[   74.758607][ T3684]  filemap_read+0x231/0x8d0
[   74.763103][ T3684]  blkdev_read_iter+0x227/0x2d0
[   74.767946][ T3684]  vfs_read+0x5e6/0x710
[   74.772094][ T3684]  ksys_read+0xeb/0x1b0
[   74.776241][ T3684]  __x64_sys_read+0x42/0x50
[   74.780738][ T3684]  x64_sys_call+0x2a3b/0x2e10
[   74.785411][ T3684]  do_syscall_64+0xc9/0x1a0
[   74.789915][ T3684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.795801][ T3684] 
[   74.798118][ T3684] value changed: 0x0c -> 0x0a
[   74.802783][ T3684] 
[   74.805101][ T3684] Reported by Kernel Concurrency Sanitizer on:
[   74.811242][ T3684] CPU: 1 UID: 0 PID: 3684 Comm: udevd Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(voluntary) 
[   74.823314][ T3684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   74.833365][ T3684] ==================================================================
[   74.844952][ T5786] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   74.863676][ T5786] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   74.881098][ T5787]  loop2: p1 < > p4
[   74.886129][ T5787] loop2: p4 size 8388608 extends beyond EOD, truncated
[   74.907585][ T5786] EXT4-fs (loop4): orphan cleanup on readonly fs
[   74.915144][ T5786] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.694: Failed to acquire dquot type 1
[   74.927023][ T5786] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.694: Invalid block bitmap block 0 in block_group 0
[   74.941415][ T5786] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.694: Invalid block bitmap block 0 in block_group 0
[   74.955221][ T5786] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.694: Invalid block bitmap block 0 in block_group 0
[   74.963071][ T5785]  loop2: p1 < > p4
[   74.969869][ T5786] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.694: Failed to acquire dquot type 1
[   74.974759][ T5785] loop2: p4 size 8388608 extends beyond EOD, truncated
[   74.984019][ T5786] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.694: Failed to acquire dquot type 1
[   75.007511][ T5786] EXT4-fs (loop4): 1 orphan inode deleted
[   75.016215][ T5786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   75.080106][ T3690] udevd[3690]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   75.080392][ T3684] udevd[3684]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   75.168009][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.