last executing test programs:

2m26.587886169s ago: executing program 4 (id=622):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x76, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="04c20200907800091e0c7f000800000000000000fe14f989d4710afe6f44273a884d85ee8d706600fe07f98962dd2e22020000"], 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$igmp(0x2, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000005000100060000000500040000000c000900020073797a3100000000050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x8}, 0x18)
io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x83be, 0x4, 0x0, 0x264})
socket(0x2, 0x3, 0xff)
pselect6(0x40, &(0x7f0000000180)={0x1f}, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x6, 0x80, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x1fd, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffa3, 0xb}, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2m26.583007529s ago: executing program 4 (id=623):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x4000054)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2m26.146457776s ago: executing program 4 (id=630):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x2b}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r3}, 0x10)
lsm_set_self_attr(0x69, 0x0, 0x42, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/14], 0x22)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

2m26.125530186s ago: executing program 4 (id=631):
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081e, &(0x7f00000003c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@dioread_nolock}, {@nomblk_io_submit}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = open(&(0x7f00000002c0)='./file2\x00', 0x189242, 0x0)
fallocate(r2, 0x9, 0x2, 0x7000003)
r3 = syz_pidfd_open(r1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TIOCSLCKTRMIOS(r4, 0x80047437, &(0x7f00000010c0))
process_madvise(r3, 0x0, 0x0, 0xf, 0x0)
pwrite64(r0, &(0x7f0000000480)='2', 0x1, 0x8080c64)
r5 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x22, &(0x7f0000000e40)=0x7, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r7, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
accept(r7, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r10}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

2m25.822355491s ago: executing program 4 (id=633):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x76, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="04c20200907800091e0c7f000800000000000000fe14f989d4710afe6f44273a884d85ee8d706600fe07f98962dd2e22020000"], 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$igmp(0x2, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000005000100060000000500040000000c000900020073797a3100000000050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x8}, 0x18)
io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x83be, 0x4, 0x0, 0x264})
socket(0x2, 0x3, 0xff)
pselect6(0x40, &(0x7f0000000180)={0x1f}, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x6, 0x80, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x1fd, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffa3, 0xb}, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2m25.585099644s ago: executing program 4 (id=635):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="17e2000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
lseek(r2, 0xa, 0x0)

2m25.577991345s ago: executing program 32 (id=635):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="17e2000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
lseek(r2, 0xa, 0x0)

1m11.720609708s ago: executing program 3 (id=1511):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073797a310000000005000100070000002c000780060004404e21000005000700ff0000000c000180080001400a0101010c00"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

1m11.706446378s ago: executing program 3 (id=1512):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x416d, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
lseek(r2, 0x9, 0x5)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000080)='./mnt\x00', 0x172)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

1m11.211536475s ago: executing program 3 (id=1521):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073797a310000000005000100070000002c000780060004404e21000005000700ff000000"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

1m11.112359146s ago: executing program 3 (id=1525):
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081e, &(0x7f00000003c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@dioread_nolock}, {@nomblk_io_submit}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f00000002c0)='./file2\x00', 0x189242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x80047437, &(0x7f00000010c0))
pwrite64(r0, &(0x7f0000000480)='2', 0x1, 0x8080c64)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000000e40)=0x7, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r3, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
r4 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

1m10.785263962s ago: executing program 3 (id=1526):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0)
ioctl$SG_GET_PACK_ID(r0, 0x2287, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10, &(0x7f0000000140)={[{@block_validity}, {@prjquota}, {@noblock_validity}, {@nobarrier}, {@auto_da_alloc}, {@mblk_io_submit}, {@nodelalloc}]}, 0xfe, 0x4bb, &(0x7f0000001180)="$eJzs3M1vVFUbAPDnTj/4pry8vLzvy4dU0dj40dKCysLEaHSniYkucGNS20KQgRpaEiFEqjG4NCTujStj9C9wpRuirkzc6t6QECUY0IWMuXPvHaal09JhPoD+fsnAOb1n5pxnzv0495yZCWDVGkz/SSI2RsTPETGQZecXGMz+u37l7MSfV85OJFGpvPZbUi137crZiaJo8bwNeWaoFFH6MMkrmW/m9Jlj4+Xy1Mk8PzJ7/J2RmdNnnjx6fPzI1JGpE2MHDx7YP/rM02NPtSTONK5rO96b3pX0vnHhlYlDF976/qveiNi+O9teH8cdKW2oJQfTwH+vVC0s9khLKrt7bKpLJ71dbAgr0hMRaXf1VY//geiJm503EC990Oh5fZ1qINA26bVpTePNczcqwP0riW63AOiO4kKf3v8Wjw4NPe4Kl5/PboDSuK/nj2xLb5TyMu281/lfRBya++vT9BF5P/y9sY0VAgCr3jfp+OeJxcZ/pdheV25zvoayJSL+FRFbI+LfEbEtIv4TUS3733w8sxLZ0lBPLX/r+LN0qengbkM6/ns2X9uaP/7LRn+VSuVGT57bVI2/Lzl8tDy1L39PhqJvTZofXaKOb1/86eNG2wbrxn/pI62/GAvm7bjUu2CCbnJ8drxVg9LL70fs6F0s/qS2EpBExP8jYsfKXnpzkTj62Be7GhVaPv4ltGCdqfJZxKNZ/8/FgvgLydLrkyNrozy1b6TYK271w4/nX21U/x3F3wJp/6+fv/8vKDFwNalfr51ZeR3nf/mo4T1ls/t/f/J6dc26P//bu+OzsydHI/qTl6v5/nN1fx+7+dwiX5RP4x/aW4t/Tf3xvzVLXEzj3xkR6U68OyIeiIg9edsfjIiHImJvowDXRXz3wsNvNxP/Hx24D0zjn1z0/Ffb/7fM7/+VJ3qOXfy6mfgzaf8fqKaG8vNw9fy3jMbNifJUelpvem8GAACAe096P70xktJwLV0qDQ9nn+HfFutL5emZ2ccPT586MZl9R2BL9JWKma6BfD40vdseTebyV8zmR8fyueJivnR/Pm/8Sc+6an54Yro82eXYYbXb0OD4T/3a0+3WAW3n+1qwei08/ktdagfQea7/sHo1c/w/14Z2AJ3n+g+rV93x/+Wp8zuriezz03tqGxZdC1jil0OAe0P99f9MF9sBdN7y4//77ecqgUJx/C+/7ne17W0BOqvZ+b/TLW4H0FF38r3+5hP90f66+lv3grG2k2/U533d6ZQVJqK0VJk3o+MNi7vibbmNRP7Tm+duq3Cy5I9ZtDHR7TMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAa/wTAAD//9QP9q0=")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000040)={0xffffffff, 0x875, 0x2, 0x8, 0x3})

1m10.567049985s ago: executing program 3 (id=1529):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

1m10.555527115s ago: executing program 33 (id=1529):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

1m2.540752446s ago: executing program 5 (id=1610):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0xb6, 0x4a, 0x9}]})
syz_extract_tcp_res(0x0, 0x7, 0x401)
syz_emit_ethernet(0xa9, &(0x7f0000000800)=ANY=[], 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0xb4514, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000380)=ANY=[@ANYRES16=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
syz_open_dev$usbfs(0x0, 0xc, 0x101301)
r4 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000280), 0x8)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bond0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
bind$packet(r6, &(0x7f0000000080)={0x11, 0x1, r7, 0x1, 0x6, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x14)
sendmsg$nl_route_sched(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000540)=@getchain={0x24, 0x11, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0xfff1}, {0xc, 0xa}, {0x0, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008010}, 0x40000)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000140)={0x0, 0x32, 0x7fff})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYRES64=r1, @ANYRES32=r9, @ANYBLOB, @ANYRESOCT=r4], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYRESOCT=r3, @ANYRES8=r1, @ANYRES64, @ANYRES32=r0, @ANYBLOB="ee46808629fea306c60bebf7924ef32e474160e9653ca60002d2a9f22bafa6c32f413476807f827360cb52af45dd308928f464eda44be83745cd", @ANYBLOB="688a138c58ee72badfadc9939b9186c6684d62cd680c1b0bed078f84a487ad86280a", @ANYRESOCT=r7, @ANYRESDEC=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r12 = socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_procs(r9, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r11)

1m1.63698903s ago: executing program 5 (id=1620):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073797a310000000005000100070000002c000780060004404e21000005000700ff0000000c000180080001400a0101010c0002800800"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

1m1.62240022s ago: executing program 5 (id=1621):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x13)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000c3fb"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
io_uring_setup(0x3458, &(0x7f0000000080)={0x0, 0xffffeffa, 0x18, 0x2, 0x1})
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x30, 0x1410, 0x100, 0x70bd28, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000004c0))
setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000040)=0xfffffffc, 0x4)
recvmmsg(r0, &(0x7f00000004c0), 0x0, 0x40000000, 0x0)

1m0.766625493s ago: executing program 5 (id=1628):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4e9, &(0x7f00000000c0)="$eJzs3d9rW9cdAPDvla3MTpzZ2faQBZaYsZGELZIdL4nZQ5LB2J4C27J3z7NlYyxbxpKT2IThsOcxGGMb28v61JdC/4BCyZ9QCoH2PZTSEtokfehDWxVJV4nrSnZCJCuxPx84vuf+0P1+j4SOdO691g3gwBqNiKsR0RcRZyNiOF2eSUtsNkptu0cPb8/UShLV6vVPkkjSZc19Jen0SPqwgYj4w28j/pwkjQVblNc3FqeLxcJqOp+vLK3ky+sb5xaWpucL84XliYnxi5OXJi9MjnWsrZd//eG//v76by6//fOb96c+PvOXWr5D6bqt7eikxnOSrT8XTf0RsdqNYD3Ql7Yn+ywbJ93PBwCAndW+438vIn4cEY//2+tsAAAAgG6oXhmKL5KIKgAAALBvZerXwCaZXHotwFBkMrlc4xreH8SVKJbKlZ/NldaWZxvXyo5ENjO3UCyMpdcKj0Q2qc2P1+tP589vm5+IiGMR8c/hwfp8bqZUnO31wQ8AAAA4IGrj/KFMo16bfDbcGP8DAAAA+8xIrxMAAAAAus74HwAAAPa/b4//RxuTpH/vkwEAAAA67XfXrtVKtXn/69kb62uLpRvnZgvlxdzS2kxuprS6kpsvlebrv9m3tNv+iqXSyi9iee1WvlIoV/Ll9Y2ppdLacmWqfl/vqcIz3ScaAAAA6Khjp+6+n0TE5i8H66XmULrOWB32t8zzbZ50Kw9g7/X1OgGgZ1zgCweXMT6w28B+YI/yAAAAuuf0D5+c/x+MLef/j953bAD2u+c8/w/sI87/w8G17fz//3uVB7D3jPGB3Y4DtD3//07ncwEAALpjqF6STC4dAwxFJpPLRRyt3xYgm8wtFAtjEfHdiHhvOPud2vx4r5MGAAAAAAAAAAAAAAAAAAAAAAAAgFdMtZpEFQAAANjXIjIfJRGRxEDE8E+Gth8fOJR8PlyfRsTN/13/963pSmV1vLb80yfLK/9Jl5/vxREMAAAAYLvmOL05jgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACATnr08PZMs+xl3Ae/ioiRVvH7Y6A+HYhsRBx+nET/lsclEdHXgfibdyLieKv4SS2tGEmz2B4/ExGDPY5/pAPx4SC7W+t/rrZ6/2VitD5t/f7rT8uLejDarv/LPOn/+tr0f0d32fehdHri3pv5tvHvRJzob93/NOMnL9j//umPGxvt1lVfizjd8vMn+UasfGVpJV9e3zi3sDQ9X5gvLE9MjF+cvDR5YXIsP7dQLKR/W8b4x4/e+mqn9h9uE3+kXfuTRk7Vaut9nto2/+W9Ww+/32rDJOLB39J6i9f/eLv46XP/0/RzoLb+dLO+2ahvdfKNd0/u1P7ZNu3f7fU/026n25z9/V8/aNSyz/gIAKCbyusbi9PFYmH1Va/UGvMSpNHByujLkYbKwaz0umcCAAA67emX/l5nAgAAAAAAAAAAAAAAAAAAAAdX8///m7/l3I2fE9sab6BZSZI9bysAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE6+DgAA///TSdFe")
r0 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x6a, 0x10, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r3, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc)
r4 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xdff9, 0x800, 0x1000}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
write$vga_arbiter(r3, &(0x7f0000000200)=@unlock_all, 0xb)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r8=>0x0})
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r8, 0x2, {0x3}}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r9=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2a24a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9877399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a8449f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d2943e6f5f828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0xfff1, 0x1}, {0xd}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000}, 0x98)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000400)={[{@jqfmt_vfsv0}, {@errors_remount}, {@nobh}, {}, {@jqfmt_vfsv0}, {@sysvgroups}, {@minixdf}, {@acl}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000600)=ANY=[@ANYBLOB="0200f06684c058a079a3b0cebb6f521600000000008c52000000000400008e08000000a71f8b0dc0000000000010000000"], 0x24, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r10, 0x0, 0xee01)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r12 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r11, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000100)=[0x7], 0x0, 0x54c000, 0x1, 0x0, r12}}, 0x40)
r13 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r13, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)

1m0.592431176s ago: executing program 5 (id=1630):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES32, @ANYRES32], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
epoll_create1(0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0xffff8000, 0x4)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

1m0.358099859s ago: executing program 5 (id=1633):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$lock(r2, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r2, 0x26, &(0x7f00000031c0)={0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x5, 0x40, 0x7, 0x0, 0x0, 0xd299, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_config_ext={0x8, 0x8}, 0x100882, 0x7ff, 0x6, 0x6, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r6}, 0x0, &(0x7f00000005c0)=r5}, 0x20)
fcntl$notify(r3, 0x402, 0x5)
fcntl$notify(r3, 0x402, 0x848234f1c7d17d24)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0xfffffffc, {0x6, 0x0, 0x8100, 0x0, {0x7, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x92b2, 0x3, 0x0, 0xfffffffd, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x40000)

1m0.344566349s ago: executing program 34 (id=1633):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$lock(r2, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r2, 0x26, &(0x7f00000031c0)={0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x5, 0x40, 0x7, 0x0, 0x0, 0xd299, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_config_ext={0x8, 0x8}, 0x100882, 0x7ff, 0x6, 0x6, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r6}, 0x0, &(0x7f00000005c0)=r5}, 0x20)
fcntl$notify(r3, 0x402, 0x5)
fcntl$notify(r3, 0x402, 0x848234f1c7d17d24)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0xfffffffc, {0x6, 0x0, 0x8100, 0x0, {0x7, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x92b2, 0x3, 0x0, 0xfffffffd, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x40000)

40.378012461s ago: executing program 6 (id=1861):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x10}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x8, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x9, 0x3ff}]}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000180)=ANY=[], 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)

38.970881292s ago: executing program 6 (id=1872):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x103042, 0x0)
pwritev2(r0, &(0x7f0000000040)=[{&(0x7f0000000140)}], 0x1, 0x9, 0x1, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
sendto$inet(r1, 0x0, 0x0, 0x24000080, 0x0, 0x0)
epoll_create(0x1ff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r0, 0xc02054a5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @cgroup_sock_addr=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000090000008b00000044"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
faccessat2(r3, &(0x7f0000000040)='\x00', 0x1, 0x1300)

38.112828175s ago: executing program 6 (id=1879):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0xfffe}, {0xfff1, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_RATE={0x6, 0x5, {0xe, 0xe5}}]}, 0x38}}, 0x20008154)

38.088303085s ago: executing program 6 (id=1880):
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081e, &(0x7f00000003c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@dioread_nolock}, {@nomblk_io_submit}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f00000002c0)='./file2\x00', 0x189242, 0x0)
fallocate(r0, 0x9, 0x2, 0x7000003)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x80047437, &(0x7f00000010c0))
pwrite64(0xffffffffffffffff, &(0x7f0000000480)='2', 0x1, 0x8080c64)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000000e40)=0x7, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r3, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
r4 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

37.80474367s ago: executing program 6 (id=1883):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wg0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@bridge_newneigh={0x64, 0x1c, 0x400, 0x70bd2c, 0x25dfdbfc, {0xa, 0x0, 0x0, r1, 0x8, 0xc4}, [@NDA_CACHEINFO={0x14, 0x3, {0x7a9e, 0x7, 0xfa}}, @NDA_FLAGS_EXT={0x8, 0xf, 0x1}, @NDA_DST_IPV4={0x8, 0x1, @broadcast}, @NDA_VNI={0x8, 0x7, 0x15ec}, @NDA_VNI={0x8, 0x7, 0xe}, @NDA_DST_IPV6={0x14, 0x1, @local}]}, 0x64}, 0x1, 0x0, 0x0, 0x8010}, 0x4040080)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_getevents(0x0, 0x5, 0x2, &(0x7f0000000440)=[{}, {}], &(0x7f0000000480))
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000240)=[{&(0x7f0000000280)="580000001400add427323b472545b45602117fffffff81004e204e227f000001925aa80020007b0009008003000000000000000000ff0000f03ac71002000000fffffffffeffffffffe7ee00000000000000000200000000", 0x58}], 0x1) (fail_nth: 2)

37.526586194s ago: executing program 6 (id=1885):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000740)='xen_mc_extend_args\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0)

37.526255164s ago: executing program 35 (id=1885):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000740)='xen_mc_extend_args\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0)

2.853659997s ago: executing program 1 (id=2293):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x5da30000)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x3000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r0, &(0x7f0000000d00)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, 0x2, 0x200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000030601020000000000000000000000000500010007"], 0x1c}}, 0x0)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00', 0x2, 0xffffffffffffffff)

2.768591729s ago: executing program 1 (id=2295):
syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10, &(0x7f0000000140)={[{@block_validity}, {@prjquota}, {@noblock_validity}, {@nobarrier}, {@auto_da_alloc}, {@mblk_io_submit}, {@nodelalloc}]}, 0xfe, 0x4bb, &(0x7f0000001180)="$eJzs3M1vVFUbAPDnTj/4pry8vLzvy4dU0dj40dKCysLEaHSniYkucGNS20KQgRpaEiFEqjG4NCTujStj9C9wpRuirkzc6t6QECUY0IWMuXPvHaal09JhPoD+fsnAOb1n5pxnzv0495yZCWDVGkz/SSI2RsTPETGQZecXGMz+u37l7MSfV85OJFGpvPZbUi137crZiaJo8bwNeWaoFFH6MMkrmW/m9Jlj4+Xy1Mk8PzJ7/J2RmdNnnjx6fPzI1JGpE2MHDx7YP/rM02NPtSTONK5rO96b3pX0vnHhlYlDF976/qveiNi+O9teH8cdKW2oJQfTwH+vVC0s9khLKrt7bKpLJ71dbAgr0hMRaXf1VY//geiJm503EC990Oh5fZ1qINA26bVpTePNczcqwP0riW63AOiO4kKf3v8Wjw4NPe4Kl5/PboDSuK/nj2xLb5TyMu281/lfRBya++vT9BF5P/y9sY0VAgCr3jfp+OeJxcZ/pdheV25zvoayJSL+FRFbI+LfEbEtIv4TUS3733w8sxLZ0lBPLX/r+LN0qengbkM6/ns2X9uaP/7LRn+VSuVGT57bVI2/Lzl8tDy1L39PhqJvTZofXaKOb1/86eNG2wbrxn/pI62/GAvm7bjUu2CCbnJ8drxVg9LL70fs6F0s/qS2EpBExP8jYsfKXnpzkTj62Be7GhVaPv4ltGCdqfJZxKNZ/8/FgvgLydLrkyNrozy1b6TYK271w4/nX21U/x3F3wJp/6+fv/8vKDFwNalfr51ZeR3nf/mo4T1ls/t/f/J6dc26P//bu+OzsydHI/qTl6v5/nN1fx+7+dwiX5RP4x/aW4t/Tf3xvzVLXEzj3xkR6U68OyIeiIg9edsfjIiHImJvowDXRXz3wsNvNxP/Hx24D0zjn1z0/Ffb/7fM7/+VJ3qOXfy6mfgzaf8fqKaG8vNw9fy3jMbNifJUelpvem8GAACAe096P70xktJwLV0qDQ9nn+HfFutL5emZ2ccPT586MZl9R2BL9JWKma6BfD40vdseTebyV8zmR8fyueJivnR/Pm/8Sc+6an54Yro82eXYYbXb0OD4T/3a0+3WAW3n+1qwei08/ktdagfQea7/sHo1c/w/14Z2AJ3n+g+rV93x/+Wp8zuriezz03tqGxZdC1jil0OAe0P99f9MF9sBdN7y4//77ecqgUJx/C+/7ne17W0BOqvZ+b/TLW4H0FF38r3+5hP90f66+lv3grG2k2/U533d6ZQVJqK0VJk3o+MNi7vibbmNRP7Tm+duq3Cy5I9ZtDHR7TMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAa/wTAAD//9QP9q0=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000040)={0xffffffff, 0x875, 0x2, 0x8, 0x3})

2.530122362s ago: executing program 7 (id=2297):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x541b, 0xf0ff1f00000000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r4 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r5, 0x2007ffb)
sendfile(r4, r5, 0x0, 0x1000000201005)
write$rfkill(r5, &(0x7f0000000040)={0x6, 0x4, 0x3, 0x1}, 0x8)

2.176743957s ago: executing program 8 (id=2302):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x5da30000)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x3000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r0, &(0x7f0000000d00)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, 0x2, 0x200)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000030601020000000000000000000000000500010007"], 0x1c}}, 0x0)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00', 0x2, 0xffffffffffffffff)

2.112333219s ago: executing program 8 (id=2303):
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081e, &(0x7f00000003c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@dioread_nolock}, {@nomblk_io_submit}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f00000002c0)='./file2\x00', 0x189242, 0x0)
fallocate(r0, 0x9, 0x2, 0x7000003)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x80047437, &(0x7f00000010c0))
pwrite64(0xffffffffffffffff, &(0x7f0000000480)='2', 0x1, 0x8080c64)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r3, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
r4 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

1.781828623s ago: executing program 2 (id=2306):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYRES8], 0x48)
syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYRES32=r0, @ANYRES8=r0, @ANYRES64], 0x8, 0x2f6, &(0x7f0000001cc0)="$eJzs3EtPE10YwPGnV9oSaBdv3jevieFEN7qZQHWtNAYSYxMJUuMlMRlgqk3HlnQaTI3xsnJr/BAuCEt2JMoXYONON27csTFxIQtjTedCoQwgbWkR/r+EzMOc88ycc1qa5zS0G3fePC7mLS2vVyUYUxIQEdkUSUlQPAH3GLTjqGz3Ui4Ofv909tbdezcy2ezEtFKTmZlLaaXU8Mj7J8/ibrfVAVlPPdj4lv66/u/6/xu/Zh4VLFWwVKlcVbqaLX+p6rOmoeYLVlFTaso0dMtQhZJlVJz2stOeN8sLCzWll+aHEgsVw7KUXqqpolFT1bKqVmoq9FAvlJSmaWooIThIbml6Ws+0mTzX5cHgiFQqGT0kIvFdLbmlvgwIAAD0VWv9HxTVzfp/+dxadfD2yrBb/69G/er/y5+da+2o/2Mi4lv/e/f3rf/1w9X/uyui06Wj+h/Hw0h016lAM2w0VjJ6wv37tb26vzxqB9T/AAAAAAAAAAAAAAAAAAAAAAD8DTbr9WS9Xk96R+9nQERiIuL97pMaEpGrfRgyuqiDxx8nQPODe+FhEfP1Ym4x5xzdDmsiYooho5KUn/bzwdWIvU8eqYaUfDBfOPkD7suDSCYvBTt/TJIRaeaH3HjyenZiTDma+Y1jRBLb89OSlH9a7+/kp33zo3Lh/LZ8TZLycU7KYsq8fe9m/vMxpa7dzLbkx+1+AAAAAACcBJraktq5/3X275q2V7uTv7W/bn1/INTcX4/67s/Dcibc37kDAAAAAHBaWLWnRd00jco+QVwO7tN+ED6iK3sz/NMs738Zjm6m+wTezXc0xdyTnVw54rcsgUMsyx5BUNrJGmnMRnW6Yt7bRnv1kanx3j+CdvDf23c/ureYV1ZiB8y0/SC0/xMg0rMXIAAAAAA90yz6vTPj/R0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACnUC++Ha3fcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOi98BAAD//xPfAEw=")
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = dup(r3)
fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f000016c000/0x1000)=nil, 0x1000, 0x1000000, 0x100010, r5, 0x8000000)
syz_io_uring_setup(0x199, &(0x7f00000000c0)={0x0, 0x7e1f, 0x10000, 0x1, 0x1d3, 0x0, r5}, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x5, 0x0, r5, 0x0, r5})
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r8, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
syz_usbip_server_init(0x2)

1.701519805s ago: executing program 1 (id=2308):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setsig(r1, 0xa, 0x13)
fcntl$setlease(r1, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000c3fb"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
io_uring_setup(0x3458, &(0x7f0000000080)={0x0, 0xffffeffa, 0x18, 0x2, 0x1})
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r1, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x30, 0x1410, 0x100, 0x70bd28, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000004c0))
recvmmsg(r0, &(0x7f00000004c0), 0x0, 0x40000000, 0x0)

1.620448436s ago: executing program 7 (id=2310):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x1010048, &(0x7f0000000440), 0x1, 0x4d8, &(0x7f0000000b00)="$eJzs3M9vFGUfAPDvbLu0wMtrRURBlAIaGxNbKCgcvGBi4sXEiAc5Nm0lSAFDexBCpCQGzyTejUfjTROvejSe/APw4MHEkBBDYgBPa2Z3pvujs9suLVvKfj7Jts8z88w8zzMzz+yzz7M7AfSt0fRPEvG/iLgVEU/Vos0JRmv/7t+9Ov3g7tXpWKxUTv2dVNPdS+OZfLvtWWSsFFH6ImnZYc385SvnpubmZi9l8YmF859OzF++8vrZ81NnZs/MXpg8ceLY0SPH35x8o/tKFeSX1uve3s8v7tvz7umb700P5suHs/+N9WhrsLtijHYo0ivd7eqxt6MhnCw/Ttd6WhhWbTi7rMtp+786d/D0RhcI6JlKpVIZar96sdLq+rIlwKaVxEaXANgY+Rt9+vk3f/Wo6/FYuHOy9gEorff97FVbMxilLE255fPtehqNiI8W//06fUWncYg/HlEBAIC+8/PJvCfY2v8rxe6GdP/P5lBGIuLpiNgZEc9ExK6IeDaimva5iHi+NYMkotIh/10t8Xr+P2SzCKXba65kB2n/761sbqu5/5f3/mJkIIvtiMg7zLOHs2MyFuWhj8/OzR5ps/8tK+Tf2P9LX2n+eV8wK8ftwZYBupmphamHq+1yd65H7B1srX8ymJ64fBoniYg9EbG3i/2ONITPvvbtvqVIuTndyvWvqhRM6XU9H1ek8k3Eq7XzvxhN57+eY9J5fnJiOOZmD0+kV8Hhwjx+/e3G++3yX7H+P/7Zusk7x386tdZqL0nP/7aG6z/y+dt6/UeSiGRpvnY+ojLQXR43fv+yut/RQ8vXPez1vyX5sBrO29dnUwsLl45EbEn+qX6qbVo+Wd82j+fp0/qPHSpu/zuzbdIj8UJEpBfxixHxUkTsz8p+ICIORkRB1Zb88vbLn9T31G39H620/jOF97+m81+fr19lIN84XTJw7sCtB21uHqs7/8eqobFsSfH9L2k6uKst6dqOHgAAAGwOpah+9780vhQulcbHa2NAu2Jbae7i/ML+iLgwU/uNwEiUS/lIV208uJzk458jDfHJlvjRbNz4q4Gt1fj49MW5mY2uPPS57dU2nyxr/6m/uhznBTahdZhHAzapldr/7ps9KgjQc97/oX81tP/FNkkWfVMGnkze/6F/FbX/a/Fdx98uuGfA5lfRlqGvtWv/pR6XA+i9wfhgKVxt84W/tgWeRPr/0Je6/V1/d4HKUPGq4Sh4YsDwoynG1oK8NiSQ9qzWcYfliFhd4q0Pk0XeBWz/hIdSdzsciuWrBqLTVkkXz3HIA+lRWTHxmd1ruviHClblz0RZ78vm+3o7La/ydK9TYENuRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvuvwAAAP//3vLZrw==")
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x1ff, &(0x7f0000001540)=<r2=>0x0)
io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x30, 0x2, 0x1, 0x0, r1, &(0x7f0000000000), 0x4000}])

1.473422958s ago: executing program 8 (id=2312):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000000c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bff57002c1097f92e91002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8096d5742db41bd61080dcbe40e0f802fc12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1531497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db39de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b0bc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

1.431947639s ago: executing program 8 (id=2313):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
unshare(0x62040200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_opts(r7, 0x0, 0x0, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)

1.117779644s ago: executing program 7 (id=2314):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, &(0x7f0000000040)=@unspec, 0xc)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet(r0, 0x0, 0x0, 0x20048880, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x40402, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
mq_open(&(0x7f0000000a00)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00\xbf@\xf4\x1c\xbce\xca\x97\xd5pkv\x88L\xe8$\xef\xfeI\xdaW1\xfcg\xa1\xdb$,0y$\xcd{zl.\xae\x805\xa8\xd6\x85\x15\xd2\x0e~\xcc\x90\x97\xe8h\v\x1a9X\a\xca{\x11#\x95m{U\xe5-\xabRw\xcafy\xe6\aNhX4Ll[\x14\x15<z\xb2\x03d\xad\x925\xbfP\x1b\xea\vt\xe9C\xe9\xb4R\x85*\xdc\xc4@\xee\xd2\xae\x06\x1a\xe1\xd2s\x01\xb8\xf3\xf2\rr\x01mq\xd2\xaf\xe2{\xe4\x1a\xd3Z\x01C\xfbW', 0x6e93ebbbcc0884f2, 0x1c4, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x3})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000c80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kmem_cache_free\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
capset(0x0, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000400)={&(0x7f00000008c0), 0x58, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x20)

948.075056ms ago: executing program 2 (id=2315):
r0 = timerfd_create(0x1, 0x0)
timerfd_settime(r0, 0x3, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
unshare(0x20040600)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r2}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

778.435669ms ago: executing program 1 (id=2316):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x50)
pwritev2(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000140)}], 0x1, 0x9, 0x1, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000bb62f8d53156aee53a7d2b50dca82c6dfa0bf964c90c8f4b81dff8b3832d9750f60cb941828ea5104d6fc541bd96f64389ef19b9e41b4f754c2a6edc905fcd17b3d3bea89796a0107b4c90c2bb40451f"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x24000080, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000903000000000000000000000d008d0f61"], &(0x7f0000000100)=""/223, 0x3e, 0xdf, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x1c, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000000000009500000000000000b708000000", @ANYRES32, @ANYBLOB="0000000000002000b70500f7ffffff0085000000a5000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8"], 0x0, 0x1, 0x93, &(0x7f0000000480)=""/147, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0x0, &(0x7f0000000980)=[{0x40001, 0x1, 0x2000007}, {0x5, 0x0, 0xf, 0xa}, {0x5, 0x2, 0xe, 0x9}, {0x0, 0x3, 0x0, 0x7}], 0x10, 0x7, @void, @value}, 0x94)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @cgroup_sock_addr=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000090000008b00000044"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
faccessat2(r4, &(0x7f0000000040)='\x00', 0x1, 0x1300)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'lo\x00'})

766.603779ms ago: executing program 2 (id=2317):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x5da30000)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x3000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r0, &(0x7f0000000d00)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, 0x2, 0x200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000030601020000000000000000000000000500010007"], 0x1c}}, 0x0)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00', 0x2, 0xffffffffffffffff)

725.060619ms ago: executing program 2 (id=2318):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r2, &(0x7f0000000480)={0x2, 0x4e22, @empty}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendto$inet(r2, &(0x7f00000004c0)="ab", 0x1, 0x20c0, &(0x7f00000001c0)={0x2, 0x4e22, @loopback=0x7f0000c0}, 0x10)

703.413549ms ago: executing program 2 (id=2319):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, &(0x7f0000000040)=@unspec, 0xc)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet(r0, 0x0, 0x0, 0x20048880, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x40402, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
mq_open(&(0x7f0000000a00)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00\xbf@\xf4\x1c\xbce\xca\x97\xd5pkv\x88L\xe8$\xef\xfeI\xdaW1\xfcg\xa1\xdb$,0y$\xcd{zl.\xae\x805\xa8\xd6\x85\x15\xd2\x0e~\xcc\x90\x97\xe8h\v\x1a9X\a\xca{\x11#\x95m{U\xe5-\xabRw\xcafy\xe6\aNhX4Ll[\x14\x15<z\xb2\x03d\xad\x925\xbfP\x1b\xea\vt\xe9C\xe9\xb4R\x85*\xdc\xc4@\xee\xd2\xae\x06\x1a\xe1\xd2s\x01\xb8\xf3\xf2\rr\x01mq\xd2\xaf\xe2{\xe4\x1a\xd3Z\x01C\xfbW', 0x6e93ebbbcc0884f2, 0x1c4, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x3})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000c80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kmem_cache_free\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)

653.76681ms ago: executing program 2 (id=2320):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x541b, 0xf0ff1f00000000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r4 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r5, 0x2007ffb)
sendfile(r4, r5, 0x0, 0x1000000201005)
write$rfkill(r5, &(0x7f0000000040)={0x6, 0x4, 0x3, 0x1}, 0x8)

615.946651ms ago: executing program 0 (id=2321):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x5, 0xe, 0x0, &(0x7f00000003c0)="000000000000000000000001e370", 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50) (fail_nth: 3)

576.194862ms ago: executing program 7 (id=2322):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES32, @ANYRES32], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
epoll_create1(0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0xffff8000, 0x4)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

557.618672ms ago: executing program 7 (id=2323):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
timerfd_gettime(0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x3, [@typedef={0x8, 0x0, 0x0, 0x8, 0x3}, @typedef={0x8, 0x0, 0x0, 0x8, 0x5}, @union={0x1, 0x2, 0x0, 0x5, 0x1, 0x9, [{0x3, 0x3, 0x1}, {0x0, 0x4, 0x4}]}]}, {0x0, [0x30]}}, &(0x7f00000004c0)=""/114, 0x57, 0x72, 0x1, 0x8001, 0x10000, @value}, 0x28)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
statfs(&(0x7f0000000580)='./file0\x00', &(0x7f0000000c00)=""/232)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>r2, {0x9}}, './file0\x00'})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffd43)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r5=>0x0})
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x174)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000140))
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48041, 0x0)
pwrite64(r8, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
ioctl$EXT4_IOC_MIGRATE(r7, 0x6609)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001080)={r3, 0x20, &(0x7f0000000840)={&(0x7f0000000f40)=""/122, 0x7a, <r9=>0x0, &(0x7f0000000fc0)=""/154, 0x9a}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x15, 0x28, &(0x7f0000000d00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@ringbuf_query, @map_fd={0x18, 0x6, 0x1, 0x0, r3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @ldst={0x3, 0x2, 0x4, 0x5, 0x45f36be988204ca6, 0xfffffffffffffffc, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000006c0)='syzkaller\x00', 0x2, 0xc1, &(0x7f0000000e40)=""/193, 0x41000, 0x42, '\x00', r5, @fallback, r3, 0x8, &(0x7f00000007c0)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000800)={0x4d43, 0x2, 0x6, 0x7c4}, 0x10, r9, r4, 0x5, 0x0, &(0x7f00000010c0)=[{0x2, 0x3, 0x6, 0x9}, {0x3, 0x5, 0xd, 0x8}, {0x4, 0x4, 0xa, 0x3}, {0x3, 0x1, 0xb, 0xb}, {0x0, 0x1, 0xd, 0x9}], 0x10, 0x3, @void, @value}, 0x94)

461.471943ms ago: executing program 0 (id=2324):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x64}}, 0x0)

461.120623ms ago: executing program 0 (id=2325):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x1010048, &(0x7f0000000440), 0x1, 0x4d8, &(0x7f0000000b00)="$eJzs3M9vFGUfAPDvbLu0wMtrRURBlAIaGxNbKCgcvGBi4sXEiAc5Nm0lSAFDexBCpCQGzyTejUfjTROvejSe/APw4MHEkBBDYgBPa2Z3pvujs9suLVvKfj7Jts8z88w8zzMzz+yzz7M7AfSt0fRPEvG/iLgVEU/Vos0JRmv/7t+9Ov3g7tXpWKxUTv2dVNPdS+OZfLvtWWSsFFH6ImnZYc385SvnpubmZi9l8YmF859OzF++8vrZ81NnZs/MXpg8ceLY0SPH35x8o/tKFeSX1uve3s8v7tvz7umb700P5suHs/+N9WhrsLtijHYo0ivd7eqxt6MhnCw/Ttd6WhhWbTi7rMtp+786d/D0RhcI6JlKpVIZar96sdLq+rIlwKaVxEaXANgY+Rt9+vk3f/Wo6/FYuHOy9gEorff97FVbMxilLE255fPtehqNiI8W//06fUWncYg/HlEBAIC+8/PJvCfY2v8rxe6GdP/P5lBGIuLpiNgZEc9ExK6IeDaimva5iHi+NYMkotIh/10t8Xr+P2SzCKXba65kB2n/761sbqu5/5f3/mJkIIvtiMg7zLOHs2MyFuWhj8/OzR5ps/8tK+Tf2P9LX2n+eV8wK8ftwZYBupmphamHq+1yd65H7B1srX8ymJ64fBoniYg9EbG3i/2ONITPvvbtvqVIuTndyvWvqhRM6XU9H1ek8k3Eq7XzvxhN57+eY9J5fnJiOOZmD0+kV8Hhwjx+/e3G++3yX7H+P/7Zusk7x386tdZqL0nP/7aG6z/y+dt6/UeSiGRpvnY+ojLQXR43fv+yut/RQ8vXPez1vyX5sBrO29dnUwsLl45EbEn+qX6qbVo+Wd82j+fp0/qPHSpu/zuzbdIj8UJEpBfxixHxUkTsz8p+ICIORkRB1Zb88vbLn9T31G39H620/jOF97+m81+fr19lIN84XTJw7sCtB21uHqs7/8eqobFsSfH9L2k6uKst6dqOHgAAAGwOpah+9780vhQulcbHa2NAu2Jbae7i/ML+iLgwU/uNwEiUS/lIV208uJzk458jDfHJlvjRbNz4q4Gt1fj49MW5mY2uPPS57dU2nyxr/6m/uhznBTahdZhHAzapldr/7ps9KgjQc97/oX81tP/FNkkWfVMGnkze/6F/FbX/a/Fdx98uuGfA5lfRlqGvtWv/pR6XA+i9wfhgKVxt84W/tgWeRPr/0Je6/V1/d4HKUPGq4Sh4YsDwoynG1oK8NiSQ9qzWcYfliFhd4q0Pk0XeBWz/hIdSdzsciuWrBqLTVkkXz3HIA+lRWTHxmd1ruviHClblz0RZ78vm+3o7La/ydK9TYENuRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvuvwAAAP//3vLZrw==")
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x1ff, &(0x7f0000001540)=<r2=>0x0)
io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x30, 0x2, 0x1, 0x0, r1, &(0x7f0000000000), 0x4000}])

415.053714ms ago: executing program 1 (id=2326):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
symlink(&(0x7f00000039c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000040)='./file0\x00')
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x6000)

290.860926ms ago: executing program 1 (id=2327):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setsig(r1, 0xa, 0x13)
fcntl$setlease(r1, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000c3fb"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
io_uring_setup(0x3458, &(0x7f0000000080)={0x0, 0xffffeffa, 0x18, 0x2, 0x1})
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r1, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x30, 0x1410, 0x100, 0x70bd28, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000004c0))
recvmmsg(r0, &(0x7f00000004c0), 0x0, 0x40000000, 0x0)

254.890256ms ago: executing program 0 (id=2328):
r0 = timerfd_create(0x1, 0x0)
timerfd_settime(r0, 0x3, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r2}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

159.836958ms ago: executing program 8 (id=2329):
syz_io_uring_setup(0x445e, &(0x7f0000000080)={0x0, 0x5f3f, 0x10100}, &(0x7f0000000100), &(0x7f0000000300))
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

143.360608ms ago: executing program 0 (id=2330):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, &(0x7f0000000040)=@unspec, 0xc)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet(r0, 0x0, 0x0, 0x20048880, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x40402, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
mq_open(&(0x7f0000000a00)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00\xbf@\xf4\x1c\xbce\xca\x97\xd5pkv\x88L\xe8$\xef\xfeI\xdaW1\xfcg\xa1\xdb$,0y$\xcd{zl.\xae\x805\xa8\xd6\x85\x15\xd2\x0e~\xcc\x90\x97\xe8h\v\x1a9X\a\xca{\x11#\x95m{U\xe5-\xabRw\xcafy\xe6\aNhX4Ll[\x14\x15<z\xb2\x03d\xad\x925\xbfP\x1b\xea\vt\xe9C\xe9\xb4R\x85*\xdc\xc4@\xee\xd2\xae\x06\x1a\xe1\xd2s\x01\xb8\xf3\xf2\rr\x01mq\xd2\xaf\xe2{\xe4\x1a\xd3Z\x01C\xfbW', 0x6e93ebbbcc0884f2, 0x1c4, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x3})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000c80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)

109.203439ms ago: executing program 0 (id=2331):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0)
ioctl$SG_GET_PACK_ID(r0, 0x2287, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f0000000000), 0x1, 0x503, &(0x7f0000000140)="$eJzs3c9vG1kdAPDvOL+cbHaTXfYACNiyLBRU1Unc3Wi1B1hOCKGVEHsEqRsSN4pix1HsLJvQQ/o/IFGJExz5Azj3xJ0LghuXckDiRwRqKnHwasaT1E3tJm0SO4o/H2k08+Y5830v7rxnf934BTC0rkXEXkSMR8QnETGTn0/yLT5sb+njHu3fXT7Yv7ucRKv18b+TrD49Fx0/k3olv2YxIn7yg4ifJ8/Gbezsri9Vq5WtdnFyrlnbnGvs7N5cqy2tVlYrG+Xy4sLi/Pu33iufW1/fqo3nR199+Ke97/wybdZ0fqazH+ep3fWxozip0Yj40UUEG4CRvD/jg24IL6UQEW9ExNvZ/T8TI9mzCQBcZa3WTLRmOssAwFVXyHJgSaGU5wKmo1Aoldo5vDdjqlCtN5o37tS3N1baubLZGCvcWatW5vNc4WyMJWl5ITt+Ui4fK9+KiNcj4lcTk1m5tFyvrgzyhQ8ADLFXjs3//5toz/8AwBVXHHQDAIC+M/8DwPAx/wPA8DH/A8DwMf8DwPAx/wPA8DH/A8BQ+fFHH6Vb6yD//uuVT3e21+uf3lypNNZLte3l0nJ9a7O0Wq+vZt/ZUzvpetV6fXPh3dj+bPa7m43mXGNn93atvr3RvJ19r/ftylhfegUAPM/rbz34axIRex9MZlt0rOVgroarrTDoBgADMzLoBgADc7TalwXcYOic4T2+9ABcEV2W6H1KMSImj59stVqti2sScMGuf0n+H4ZVR/7f/wKGISP/D8NrdNANAAam1UpOu+Z/nPaBAMDlJscP9Pj8/418//v8w4GfrRx/xP2LbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbofr/5bytcCno1AolSJejYjZGEvurFUr8xHxWkT8ZWJsIi0vDLjNAMBZFf6R5Ot/XZ95Z/p47XjyeCLbR8QvfvPxrz9baja3/pye/89Ekp9v3s/PlwfSAQDgBIfzdLbveCP/aP/u8uHWz/b88/sRUWzHP9gfj4Oj+KMxmu2LMRYRU/9N8nJb0pG7OIu9exHxxW79T2I6y4G0Vz49Hj+N/Wpf4xeeil/I6tr79HfxhXNoCwybB+n482G3+68Q17J99/u/mI1QZ5ePf+mllg+yMfBJ/MPxb6TH+HfttDHe/eMP20eTz9bdi/jyaMRh7IOO8ecwftIj/junjP+3r3zt7V51rd9GXI/u8TtjzTVrm3ONnd2ba7Wl1cpqZaNcXlxYnH//1nvluSxHPdd7NvjXBzde61WX9n+qR/ziCf3/5in7/7v/f/LTrz8n/re/0S1+Id58Tvx0TvzWKeMvTf2h2Ksujb/So/8nPf83Thn/4d93n1k2HAAYnMbO7vpStVrZ6ufB4QuJvgZ18CIHI3G+F4yIvXO4Tvqv5lL8frocfK9fscbjhX6q1XqpWL1GjPPIugGXwdFNHxGPB90YAAAAAAAAAAAAAACgq378xdKg+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDV9XkAAAD///ogzOo=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000002b80)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0)

105.645379ms ago: executing program 8 (id=2332):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYRES8], 0x48)
syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYRES32=r0, @ANYRES8=r0, @ANYRES64], 0x8, 0x2f6, &(0x7f0000001cc0)="$eJzs3EtPE10YwPGnV9oSaBdv3jevieFEN7qZQHWtNAYSYxMJUuMlMRlgqk3HlnQaTI3xsnJr/BAuCEt2JMoXYONON27csTFxIQtjTedCoQwgbWkR/r+EzMOc88ycc1qa5zS0G3fePC7mLS2vVyUYUxIQEdkUSUlQPAH3GLTjqGz3Ui4Ofv909tbdezcy2ezEtFKTmZlLaaXU8Mj7J8/ibrfVAVlPPdj4lv66/u/6/xu/Zh4VLFWwVKlcVbqaLX+p6rOmoeYLVlFTaso0dMtQhZJlVJz2stOeN8sLCzWll+aHEgsVw7KUXqqpolFT1bKqVmoq9FAvlJSmaWooIThIbml6Ws+0mTzX5cHgiFQqGT0kIvFdLbmlvgwIAAD0VWv9HxTVzfp/+dxadfD2yrBb/69G/er/y5+da+2o/2Mi4lv/e/f3rf/1w9X/uyui06Wj+h/Hw0h016lAM2w0VjJ6wv37tb26vzxqB9T/AAAAAAAAAAAAAAAAAAAAAAD8DTbr9WS9Xk96R+9nQERiIuL97pMaEpGrfRgyuqiDxx8nQPODe+FhEfP1Ym4x5xzdDmsiYooho5KUn/bzwdWIvU8eqYaUfDBfOPkD7suDSCYvBTt/TJIRaeaH3HjyenZiTDma+Y1jRBLb89OSlH9a7+/kp33zo3Lh/LZ8TZLycU7KYsq8fe9m/vMxpa7dzLbkx+1+AAAAAACcBJraktq5/3X275q2V7uTv7W/bn1/INTcX4/67s/Dcibc37kDAAAAAHBaWLWnRd00jco+QVwO7tN+ED6iK3sz/NMs738Zjm6m+wTezXc0xdyTnVw54rcsgUMsyx5BUNrJGmnMRnW6Yt7bRnv1kanx3j+CdvDf23c/ureYV1ZiB8y0/SC0/xMg0rMXIAAAAAA90yz6vTPj/R0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACnUC++Ha3fcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOi98BAAD//xPfAEw=")
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00'}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_bp={0x0, 0x7}, 0x0, 0x90000, 0x1, 0x1, 0x8, 0x20008, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = dup(r2)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f000016c000/0x1000)=nil, 0x1000, 0x1000000, 0x100010, r4, 0x8000000)
syz_io_uring_setup(0x199, &(0x7f00000000c0)={0x0, 0x7e1f, 0x10000, 0x1, 0x1d3, 0x0, r4}, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x5, 0x0, r4, 0x0, r4})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r7, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
syz_usbip_server_init(0x2)

0s ago: executing program 7 (id=2333):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, &(0x7f0000000040)=@unspec, 0xc)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet(r0, 0x0, 0x0, 0x20048880, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x40402, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
mq_open(&(0x7f0000000a00)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00\xbf@\xf4\x1c\xbce\xca\x97\xd5pkv\x88L\xe8$\xef\xfeI\xdaW1\xfcg\xa1\xdb$,0y$\xcd{zl.\xae\x805\xa8\xd6\x85\x15\xd2\x0e~\xcc\x90\x97\xe8h\v\x1a9X\a\xca{\x11#\x95m{U\xe5-\xabRw\xcafy\xe6\aNhX4Ll[\x14\x15<z\xb2\x03d\xad\x925\xbfP\x1b\xea\vt\xe9C\xe9\xb4R\x85*\xdc\xc4@\xee\xd2\xae\x06\x1a\xe1\xd2s\x01\xb8\xf3\xf2\rr\x01mq\xd2\xaf\xe2{\xe4\x1a\xd3Z\x01C\xfbW', 0x6e93ebbbcc0884f2, 0x1c4, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x3})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000c80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kmem_cache_free\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000400)={&(0x7f00000008c0), 0x58, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x20)

kernel console output (not intermixed with test programs):

mps until 2038-01-19 (0x7fffffff)
[  207.591916][T10074] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  207.599560][T10074] vhci_hcd vhci_hcd.0: Device attached
[  207.610620][T10081] vhci_hcd: connection closed
[  207.610897][  T390] vhci_hcd: stop threads
[  207.610905][  T390] vhci_hcd: release socket
[  207.610911][  T390] vhci_hcd: disconnect device
[  207.695312][T10082] netlink: 16 bytes leftover after parsing attributes in process `kfree'.
[  207.736942][T10091] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  207.861222][T10095] loop2: detected capacity change from 0 to 512
[  207.867750][T10095] EXT4-fs: Ignoring removed nomblk_io_submit option
[  207.905891][T10095] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.920886][T10095] ext4 filesystem being mounted at /352/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  208.077431][T10102] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1830'.
[  208.234616][T10107] loop7: detected capacity change from 0 to 128
[  208.262428][T10111] loop1: detected capacity change from 0 to 128
[  208.330089][T10114] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(11)
[  208.336727][T10114] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  208.344380][T10114] vhci_hcd vhci_hcd.0: Device attached
[  208.365150][T10115] vhci_hcd: connection closed
[  208.365416][  T390] vhci_hcd: stop threads
[  208.374447][  T390] vhci_hcd: release socket
[  208.378852][  T390] vhci_hcd: disconnect device
[  208.401198][T10117] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  208.407849][T10117] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  208.415500][T10117] vhci_hcd vhci_hcd.0: Device attached
[  208.433370][ T9029] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.442394][T10118] vhci_hcd: connection closed
[  208.442588][  T390] vhci_hcd: stop threads
[  208.451691][  T390] vhci_hcd: release socket
[  208.456103][  T390] vhci_hcd: disconnect device
[  208.461989][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.628218][T10136] loop6: detected capacity change from 0 to 512
[  208.648408][T10136] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.671088][T10136] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.914324][T10147] loop2: detected capacity change from 0 to 1024
[  208.925862][T10147] EXT4-fs: Ignoring removed nobh option
[  208.931481][T10147] EXT4-fs: Ignoring removed nobh option
[  208.937662][T10147] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  208.947947][T10147] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: comm syz.2.1847: inode #4294967295: comm syz.2.1847: iget: illegal inode #
[  208.963232][T10147] EXT4-fs (loop2): no journal found
[  208.968607][T10147] EXT4-fs (loop2): can't get journal size
[  208.976066][T10147] EXT4-fs (loop2): failed to initialize system zone (-22)
[  209.017145][T10147] EXT4-fs (loop2): mount failed
[  209.040512][T10157] pimreg: entered allmulticast mode
[  209.144675][T10164] serio: Serial port ptm0
[  209.262453][T10169] FAULT_INJECTION: forcing a failure.
[  209.262453][T10169] name failslab, interval 1, probability 0, space 0, times 0
[  209.275127][T10169] CPU: 1 UID: 0 PID: 10169 Comm: syz.1.1853 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  209.275156][T10169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  209.275167][T10169] Call Trace:
[  209.275172][T10169]  <TASK>
[  209.275178][T10169]  __dump_stack+0x1d/0x30
[  209.275273][T10169]  dump_stack_lvl+0xe8/0x140
[  209.275289][T10169]  dump_stack+0x15/0x1b
[  209.275302][T10169]  should_fail_ex+0x265/0x280
[  209.275328][T10169]  should_failslab+0x8c/0xb0
[  209.275404][T10169]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  209.275428][T10169]  ? kvasprintf_const+0xb3/0x130
[  209.275449][T10169]  kvasprintf+0x8a/0x110
[  209.275546][T10169]  ? format_decode+0xaf/0x580
[  209.275573][T10169]  kvasprintf_const+0xb3/0x130
[  209.275594][T10169]  kobject_set_name_vargs+0x44/0xe0
[  209.275618][T10169]  dev_set_name+0x83/0xb0
[  209.275679][T10169]  ? hrtimer_setup+0x31/0x100
[  209.275695][T10169]  ? swiotlb_dev_init+0x19/0x30
[  209.275712][T10169]  ? swiotlb_dev_init+0x19/0x30
[  209.275762][T10169]  ? device_initialize+0x1fe/0x210
[  209.275784][T10169]  __serio_register_port+0xfc/0x1d0
[  209.275803][T10169]  serport_ldisc_read+0x1d6/0x300
[  209.275865][T10169]  tty_read+0x151/0x470
[  209.275963][T10169]  ? __import_iovec+0x428/0x540
[  209.275986][T10169]  do_iter_readv_writev+0x421/0x4c0
[  209.276006][T10169]  vfs_readv+0x1ea/0x690
[  209.276031][T10169]  do_readv+0xe7/0x210
[  209.276110][T10169]  __x64_sys_readv+0x45/0x50
[  209.276176][T10169]  x64_sys_call+0x29af/0x2fb0
[  209.276197][T10169]  do_syscall_64+0xd2/0x200
[  209.276215][T10169]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  209.276239][T10169]  ? clear_bhb_loop+0x40/0x90
[  209.276260][T10169]  ? clear_bhb_loop+0x40/0x90
[  209.276334][T10169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.276353][T10169] RIP: 0033:0x7f66484be929
[  209.276366][T10169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.276380][T10169] RSP: 002b:00007f6646b27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  209.276396][T10169] RAX: ffffffffffffffda RBX: 00007f66486e5fa0 RCX: 00007f66484be929
[  209.276408][T10169] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[  209.276501][T10169] RBP: 00007f6646b27090 R08: 0000000000000000 R09: 0000000000000000
[  209.276513][T10169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.276525][T10169] R13: 0000000000000000 R14: 00007f66486e5fa0 R15: 00007fffd81ee598
[  209.276544][T10169]  </TASK>
[  209.276602][T10169] serio: Serial port ptm0
[  209.529839][   T23] serio (null): device_add() failed for ptm0/serio0 (Serial port), error: -22
[  209.678347][T10184] loop2: detected capacity change from 0 to 1024
[  209.704025][T10184] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.739962][T10193] loop7: detected capacity change from 0 to 512
[  209.765401][T10193] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  209.802678][T10193] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.827366][T10193] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.864010][T10193] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  209.940129][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.005097][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  210.005112][   T29] audit: type=1326 audit(1750585441.707:12396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.034971][   T29] audit: type=1326 audit(1750585441.707:12397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.118187][   T29] audit: type=1326 audit(1750585441.707:12398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.141844][   T29] audit: type=1326 audit(1750585441.707:12399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.165455][   T29] audit: type=1326 audit(1750585441.707:12400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.189078][   T29] audit: type=1326 audit(1750585441.707:12401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.212659][   T29] audit: type=1326 audit(1750585441.707:12402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.236323][   T29] audit: type=1326 audit(1750585441.707:12403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.260004][   T29] audit: type=1326 audit(1750585441.707:12404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.267456][T10205] loop1: detected capacity change from 0 to 512
[  210.283462][   T29] audit: type=1326 audit(1750585441.707:12405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10200 comm="syz.0.1860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  210.314894][ T9029] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.315200][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.333820][T10205] EXT4-fs (loop1): too many log groups per flexible block group
[  210.341614][T10205] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  210.348496][T10205] EXT4-fs (loop1): mount failed
[  210.359122][T10205] loop1: detected capacity change from 0 to 512
[  210.362083][T10212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1863'.
[  210.382622][T10205] ext4 filesystem being mounted at /369/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  210.561475][T10226] loop1: detected capacity change from 0 to 128
[  210.579635][T10226] bio_check_eod: 1070 callbacks suppressed
[  210.579645][T10226] syz.1.1867: attempt to access beyond end of device
[  210.579645][T10226] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  210.599300][T10226] syz.1.1867: attempt to access beyond end of device
[  210.599300][T10226] loop1: rw=2049, sector=169, nr_sectors = 16 limit=128
[  210.612859][T10226] syz.1.1867: attempt to access beyond end of device
[  210.612859][T10226] loop1: rw=2049, sector=193, nr_sectors = 8 limit=128
[  210.626279][T10226] syz.1.1867: attempt to access beyond end of device
[  210.626279][T10226] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  210.641661][T10226] syz.1.1867: attempt to access beyond end of device
[  210.641661][T10226] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  210.655099][T10226] syz.1.1867: attempt to access beyond end of device
[  210.655099][T10226] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  210.668537][T10226] syz.1.1867: attempt to access beyond end of device
[  210.668537][T10226] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  210.682119][T10226] syz.1.1867: attempt to access beyond end of device
[  210.682119][T10226] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  210.695631][T10226] syz.1.1867: attempt to access beyond end of device
[  210.695631][T10226] loop1: rw=2049, sector=289, nr_sectors = 9 limit=128
[  210.720006][T10226] syz.1.1867: attempt to access beyond end of device
[  210.720006][T10226] loop1: rw=2049, sector=305, nr_sectors = 80 limit=128
[  210.748785][T10226] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  210.755442][T10226] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  210.763055][T10226] vhci_hcd vhci_hcd.0: Device attached
[  210.769979][T10228] vhci_hcd: connection closed
[  210.770163][ T1879] vhci_hcd: stop threads
[  210.779104][ T1879] vhci_hcd: release socket
[  210.783524][ T1879] vhci_hcd: disconnect device
[  210.816754][T10231] loop7: detected capacity change from 0 to 128
[  210.875546][T10231] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(9)
[  210.882119][T10231] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  210.890107][T10231] vhci_hcd vhci_hcd.0: Device attached
[  210.896931][T10232] vhci_hcd: connection closed
[  210.897026][  T390] vhci_hcd: stop threads
[  210.906031][  T390] vhci_hcd: release socket
[  210.910440][  T390] vhci_hcd: disconnect device
[  211.471351][ T1879] Buffer I/O error on dev loop1, logical block 305, lost async page write
[  211.632470][T10249] loop7: detected capacity change from 0 to 1024
[  211.639369][T10249] EXT4-fs: Ignoring removed nobh option
[  211.645022][T10249] EXT4-fs: Ignoring removed bh option
[  211.666425][T10249] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.1874: Allocating blocks 497-513 which overlap fs metadata
[  211.682296][T10249] EXT4-fs (loop7): pa ffff888106aa37e0: logic 256, phys. 369, len 9
[  211.690348][T10249] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  211.701177][T10249] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  212.458982][T10272] loop6: detected capacity change from 0 to 512
[  212.462461][T10274] loop1: detected capacity change from 0 to 512
[  212.465578][T10272] EXT4-fs: Ignoring removed nomblk_io_submit option
[  212.473408][T10274] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1881: iget: bad i_size value: 38620345925642
[  212.492063][T10274] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1881: couldn't read orphan inode 15 (err -117)
[  212.517493][T10274] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1881: bg 0: block 5: invalid block bitmap
[  212.531664][T10274] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  212.544069][T10274] EXT4-fs (loop1): This should not happen!! Data will be lost
[  212.544069][T10274] 
[  212.547833][T10272] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  212.553903][T10274] EXT4-fs (loop1): Total free blocks count 0
[  212.569958][T10274] EXT4-fs (loop1): Free/Dirty block details
[  212.575964][T10274] EXT4-fs (loop1): free_blocks=0
[  212.581019][T10274] EXT4-fs (loop1): dirty_blocks=16
[  212.586210][T10274] EXT4-fs (loop1): Block reservation details
[  212.592345][T10274] EXT4-fs (loop1): i_reserved_data_blocks=16
[  212.735445][ T9029] EXT4-fs error (device loop6): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  212.748754][ T9029] EXT4-fs error (device loop6): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  212.770249][T10284] loop1: detected capacity change from 0 to 128
[  212.840011][T10284] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  212.846665][T10284] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  212.854287][T10284] vhci_hcd vhci_hcd.0: Device attached
[  212.860403][T10285] vhci_hcd: connection closed
[  212.860606][   T12] vhci_hcd: stop threads
[  212.869608][   T12] vhci_hcd: release socket
[  212.874088][   T12] vhci_hcd: disconnect device
[  212.954089][ T1829] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.004031][ T1829] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.065443][ T1829] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.113755][ T1829] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.126769][T10288] chnl_net:caif_netlink_parms(): no params data found
[  213.157365][T10288] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.164536][T10288] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.172232][T10288] bridge_slave_0: entered allmulticast mode
[  213.178554][T10288] bridge_slave_0: entered promiscuous mode
[  213.185338][T10288] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.192497][T10288] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.199892][T10288] bridge_slave_1: entered allmulticast mode
[  213.206649][T10288] bridge_slave_1: entered promiscuous mode
[  213.223942][T10288] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.238136][T10288] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.259721][T10288] team0: Port device team_slave_0 added
[  213.269221][T10288] team0: Port device team_slave_1 added
[  213.324026][ T1829] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  213.334362][ T1829] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  213.344516][ T1829] bond0 (unregistering): Released all slaves
[  213.353278][T10288] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.360388][T10288] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.386590][T10288] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.423122][  T390] Buffer I/O error on dev loop1, logical block 305, lost async page write
[  213.440651][T10288] batman_adv: batadv0: Adding interface: batadv_slave_1
[  213.447800][T10288] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.473832][T10288] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.486147][ T1829] tipc: Left network mode
[  213.499681][ T1829] hsr_slave_0: left promiscuous mode
[  213.518542][T10320] loop2: detected capacity change from 0 to 512
[  213.536991][ T1829] hsr_slave_1: left promiscuous mode
[  213.570020][ T1829] veth1_macvtap: left promiscuous mode
[  213.576016][T10320] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  213.596861][ T1829] veth0_macvtap: left promiscuous mode
[  213.617083][ T1829] veth1_vlan: left promiscuous mode
[  213.627608][ T1829] veth0_vlan: left promiscuous mode
[  213.662466][T10320] ext4 filesystem being mounted at /364/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.674576][T10320] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  213.813094][ T1829] team0 (unregistering): Port device team_slave_1 removed
[  213.822911][ T1829] team0 (unregistering): Port device team_slave_0 removed
[  213.863002][T10288] hsr_slave_0: entered promiscuous mode
[  213.869110][T10288] hsr_slave_1: entered promiscuous mode
[  213.875016][T10288] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.882982][T10288] Cannot create hsr debugfs directory
[  213.929420][T10340] loop2: detected capacity change from 0 to 1024
[  213.989980][T10288] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  214.002913][T10288] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  214.012594][T10288] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  214.022043][T10288] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  214.062789][T10288] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.074599][T10288] 8021q: adding VLAN 0 to HW filter on device team0
[  214.099082][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.106173][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.117068][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.124192][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  214.207017][T10288] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.319094][T10288] veth0_vlan: entered promiscuous mode
[  214.326665][T10288] veth1_vlan: entered promiscuous mode
[  214.341542][T10288] veth0_macvtap: entered promiscuous mode
[  214.348883][T10288] veth1_macvtap: entered promiscuous mode
[  214.360054][T10288] batman_adv: batadv0: Interface activated: batadv_slave_0
[  214.371349][T10288] batman_adv: batadv0: Interface activated: batadv_slave_1
[  214.380987][T10288] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.389703][T10288] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.398456][T10288] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.407310][T10288] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.623778][T10383] loop8: detected capacity change from 0 to 512
[  214.630767][T10383] EXT4-fs: Ignoring removed mblk_io_submit option
[  214.641204][T10383] EXT4-fs error (device loop8): ext4_iget_extra_inode:5035: inode #15: comm syz.8.1886: corrupted in-inode xattr: overlapping e_value 
[  214.656517][T10383] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.1886: couldn't read orphan inode 15 (err -117)
[  215.044960][   T29] kauditd_printk_skb: 423 callbacks suppressed
[  215.044974][   T29] audit: type=1400 audit(1750585446.747:12829): avc:  denied  { setopt } for  pid=10398 comm="syz.0.1909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  215.146276][T10406] xt_hashlimit: max too large, truncated to 1048576
[  215.220109][T10407] binfmt_misc: register: failed to install interpreter file ./file2
[  215.251628][T10414] loop2: detected capacity change from 0 to 512
[  215.274798][T10414] EXT4-fs (loop2): too many log groups per flexible block group
[  215.282551][T10414] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  215.363212][T10414] EXT4-fs (loop2): mount failed
[  215.373278][T10419] loop8: detected capacity change from 0 to 164
[  215.374521][T10414] loop2: detected capacity change from 0 to 512
[  215.388980][T10419] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  215.398432][   T29] audit: type=1400 audit(1750585447.097:12830): avc:  denied  { mount } for  pid=10418 comm="syz.8.1914" name="/" dev="loop8" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  215.432751][   T29] audit: type=1400 audit(1750585447.127:12831): avc:  denied  { read } for  pid=10418 comm="syz.8.1914" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  215.433747][T10414] ext4 filesystem being mounted at /371/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  215.456238][   T29] audit: type=1400 audit(1750585447.127:12832): avc:  denied  { open } for  pid=10418 comm="syz.8.1914" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  215.456272][   T29] audit: type=1400 audit(1750585447.127:12833): avc:  denied  { ioctl } for  pid=10418 comm="syz.8.1914" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  215.532316][T10419] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1914'.
[  215.541374][T10419] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1914'.
[  215.647054][   T29] audit: type=1400 audit(1750585447.347:12834): avc:  denied  { unmount } for  pid=10288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  215.774327][T10444] loop2: detected capacity change from 0 to 512
[  215.823017][T10444] ext4 filesystem being mounted at /374/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.141811][   T29] audit: type=1400 audit(1750585447.847:12835): avc:  denied  { write } for  pid=10453 comm="syz.0.1924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  216.346210][T10466] loop8: detected capacity change from 0 to 512
[  216.375333][T10466] EXT4-fs: Ignoring removed nomblk_io_submit option
[  216.472939][T10466] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  216.640177][T10472] tipc: Started in network mode
[  216.645163][T10472] tipc: Node identity 7, cluster identity 4711
[  216.651427][T10472] tipc: Node number set to 7
[  216.658114][   T29] audit: type=1400 audit(1750585448.357:12836): avc:  denied  { write } for  pid=10471 comm="syz.7.1931" path="socket:[25127]" dev="sockfs" ino=25127 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  216.701879][T10476] loop1: detected capacity change from 0 to 128
[  216.739743][   T29] audit: type=1326 audit(1750585448.437:12837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10475 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  216.742454][T10476] bio_check_eod: 292 callbacks suppressed
[  216.742472][T10476] syz.1.1932: attempt to access beyond end of device
[  216.742472][T10476] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  216.763505][   T29] audit: type=1326 audit(1750585448.437:12838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10475 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  216.817534][T10476] syz.1.1932: attempt to access beyond end of device
[  216.817534][T10476] loop1: rw=2049, sector=169, nr_sectors = 16 limit=128
[  216.833472][T10476] syz.1.1932: attempt to access beyond end of device
[  216.833472][T10476] loop1: rw=2049, sector=193, nr_sectors = 8 limit=128
[  216.869207][T10476] syz.1.1932: attempt to access beyond end of device
[  216.869207][T10476] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  216.891865][T10484] loop7: detected capacity change from 0 to 2048
[  216.898812][T10476] syz.1.1932: attempt to access beyond end of device
[  216.898812][T10476] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  216.912895][T10476] syz.1.1932: attempt to access beyond end of device
[  216.912895][T10476] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  216.934240][T10476] syz.1.1932: attempt to access beyond end of device
[  216.934240][T10476] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  216.948213][T10476] syz.1.1932: attempt to access beyond end of device
[  216.948213][T10476] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  216.990855][T10476] syz.1.1932: attempt to access beyond end of device
[  216.990855][T10476] loop1: rw=2049, sector=289, nr_sectors = 9 limit=128
[  217.041685][T10489] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  217.056654][T10489] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  217.068880][T10489] EXT4-fs (loop7): This should not happen!! Data will be lost
[  217.068880][T10489] 
[  217.071546][T10476] syz.1.1932: attempt to access beyond end of device
[  217.071546][T10476] loop1: rw=2049, sector=305, nr_sectors = 80 limit=128
[  217.078614][T10489] EXT4-fs (loop7): Total free blocks count 0
[  217.098100][T10489] EXT4-fs (loop7): Free/Dirty block details
[  217.104020][T10489] EXT4-fs (loop7): free_blocks=2415919504
[  217.109860][T10489] EXT4-fs (loop7): dirty_blocks=2688
[  217.115178][T10489] EXT4-fs (loop7): Block reservation details
[  217.121223][T10489] EXT4-fs (loop7): i_reserved_data_blocks=168
[  217.152275][T10489] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  217.164543][T10489] EXT4-fs (loop7): This should not happen!! Data will be lost
[  217.164543][T10489] 
[  217.201841][T10476] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  217.208465][T10476] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  217.216145][T10476] vhci_hcd vhci_hcd.0: Device attached
[  217.248252][T10493] vhci_hcd: connection closed
[  217.248610][   T41] vhci_hcd: stop threads
[  217.257625][   T41] vhci_hcd: release socket
[  217.262079][   T41] vhci_hcd: disconnect device
[  217.509991][T10502] netlink: 'syz.2.1939': attribute type 3 has an invalid length.
[  217.517834][T10502] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1939'.
[  217.651593][T10505] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.659033][T10505] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.701968][T10505] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.709458][T10505] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.751633][ T9396] EXT4-fs unmount: 21 callbacks suppressed
[  217.772497][T10507] loop7: detected capacity change from 0 to 1024
[  217.779316][T10507] EXT4-fs: Ignoring removed nobh option
[  217.784967][T10507] EXT4-fs: Ignoring removed bh option
[  217.818556][T10507] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.820722][  T112] Buffer I/O error on dev loop1, logical block 305, lost async page write
[  217.838399][T10507] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.1940: Allocating blocks 497-513 which overlap fs metadata
[  217.855015][T10507] EXT4-fs (loop7): pa ffff888106aa38c0: logic 256, phys. 369, len 9
[  217.863118][T10507] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  217.874929][T10507] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  217.877484][T10515] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1943'.
[  217.957380][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.286086][T10536] loop7: detected capacity change from 0 to 512
[  219.292843][T10536] EXT4-fs: Ignoring removed mblk_io_submit option
[  219.435545][T10540] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1948'.
[  219.549723][T10536] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.1945: corrupted in-inode xattr: overlapping e_value 
[  219.564178][T10536] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.1945: couldn't read orphan inode 15 (err -117)
[  219.577156][T10536] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.723583][T10548] loop1: detected capacity change from 0 to 2048
[  219.738409][T10550] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1952'.
[  219.747339][T10550] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1952'.
[  219.757051][T10550] FAULT_INJECTION: forcing a failure.
[  219.757051][T10550] name failslab, interval 1, probability 0, space 0, times 0
[  219.769864][T10550] CPU: 0 UID: 0 PID: 10550 Comm: syz.2.1952 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  219.769894][T10550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.769906][T10550] Call Trace:
[  219.769913][T10550]  <TASK>
[  219.769921][T10550]  __dump_stack+0x1d/0x30
[  219.769951][T10550]  dump_stack_lvl+0xe8/0x140
[  219.769966][T10550]  dump_stack+0x15/0x1b
[  219.769982][T10550]  should_fail_ex+0x265/0x280
[  219.770130][T10550]  should_failslab+0x8c/0xb0
[  219.770149][T10550]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  219.770174][T10550]  ? __request_module+0x1c4/0x3e0
[  219.770227][T10550]  ? __request_module+0x1df/0x3e0
[  219.770244][T10550]  ? should_failslab+0x8c/0xb0
[  219.770265][T10550]  kstrdup+0x3e/0xd0
[  219.770288][T10550]  __request_module+0x1df/0x3e0
[  219.770345][T10550]  rtnl_newlink+0x658/0x12d0
[  219.770365][T10550]  ? x86_call_depth_emit_accounting+0x128/0x2e0
[  219.770392][T10550]  ? xas_load+0x413/0x430
[  219.770451][T10550]  ? __memcg_slab_free_hook+0x135/0x230
[  219.770521][T10550]  ? __kfree_skb+0x109/0x150
[  219.770553][T10550]  ? __rcu_read_unlock+0x4f/0x70
[  219.770572][T10550]  ? avc_has_perm_noaudit+0x1b1/0x200
[  219.770671][T10550]  ? selinux_capable+0x1f9/0x270
[  219.770702][T10550]  ? security_capable+0x83/0x90
[  219.770728][T10550]  ? ns_capable+0x7d/0xb0
[  219.770817][T10550]  ? __pfx_rtnl_newlink+0x10/0x10
[  219.770835][T10550]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  219.770927][T10550]  netlink_rcv_skb+0x120/0x220
[  219.771080][T10550]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  219.771105][T10550]  rtnetlink_rcv+0x1c/0x30
[  219.771125][T10550]  netlink_unicast+0x59e/0x670
[  219.771235][T10550]  netlink_sendmsg+0x58b/0x6b0
[  219.771252][T10550]  ? __pfx_netlink_sendmsg+0x10/0x10
[  219.771299][T10550]  __sock_sendmsg+0x142/0x180
[  219.771319][T10550]  ____sys_sendmsg+0x31e/0x4e0
[  219.771378][T10550]  ___sys_sendmsg+0x17b/0x1d0
[  219.771416][T10550]  __x64_sys_sendmsg+0xd4/0x160
[  219.771455][T10550]  x64_sys_call+0x2999/0x2fb0
[  219.771474][T10550]  do_syscall_64+0xd2/0x200
[  219.771489][T10550]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.771628][T10550]  ? clear_bhb_loop+0x40/0x90
[  219.771698][T10550]  ? clear_bhb_loop+0x40/0x90
[  219.771719][T10550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.771807][T10550] RIP: 0033:0x7fe80c74e929
[  219.771823][T10550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.771873][T10550] RSP: 002b:00007fe80adb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.771893][T10550] RAX: ffffffffffffffda RBX: 00007fe80c975fa0 RCX: 00007fe80c74e929
[  219.771906][T10550] RDX: 000000000000c0b0 RSI: 0000200000000280 RDI: 0000000000000003
[  219.771917][T10550] RBP: 00007fe80adb7090 R08: 0000000000000000 R09: 0000000000000000
[  219.771927][T10550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.771939][T10550] R13: 0000000000000000 R14: 00007fe80c975fa0 R15: 00007ffcace7e0a8
[  219.771958][T10550]  </TASK>
[  220.068053][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.092969][T10548] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.174018][T10557] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  220.199544][T10557] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  220.211829][T10557] EXT4-fs (loop1): This should not happen!! Data will be lost
[  220.211829][T10557] 
[  220.221500][T10557] EXT4-fs (loop1): Total free blocks count 0
[  220.227483][T10557] EXT4-fs (loop1): Free/Dirty block details
[  220.233438][T10557] EXT4-fs (loop1): free_blocks=2415919504
[  220.239187][T10557] EXT4-fs (loop1): dirty_blocks=2688
[  220.244482][T10557] EXT4-fs (loop1): Block reservation details
[  220.250554][T10557] EXT4-fs (loop1): i_reserved_data_blocks=168
[  220.272166][T10557] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  220.315143][T10564] SELinux:  Context system_u:object is not valid (left unmapped).
[  220.323347][   T29] kauditd_printk_skb: 59 callbacks suppressed
[  220.323365][   T29] audit: type=1400 audit(1750585452.027:12898): avc:  denied  { relabelto } for  pid=10562 comm="syz.8.1955" name="cgroup.procs" dev="cgroup" ino=494 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object"
[  220.355296][   T29] audit: type=1400 audit(1750585452.027:12899): avc:  denied  { associate } for  pid=10562 comm="syz.8.1955" name="cgroup.procs" dev="cgroup" ino=494 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object"
[  220.416013][T10565] loop2: detected capacity change from 0 to 2048
[  220.435750][   T29] audit: type=1400 audit(1750585452.107:12900): avc:  denied  { write } for  pid=10562 comm="syz.8.1955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  220.462343][T10569] loop8: detected capacity change from 0 to 128
[  220.472686][T10565] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.563041][T10572] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  220.589533][T10572] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  220.601775][T10572] EXT4-fs (loop2): This should not happen!! Data will be lost
[  220.601775][T10572] 
[  220.611445][T10572] EXT4-fs (loop2): Total free blocks count 0
[  220.617514][T10572] EXT4-fs (loop2): Free/Dirty block details
[  220.623443][T10572] EXT4-fs (loop2): free_blocks=2415919504
[  220.629180][T10572] EXT4-fs (loop2): dirty_blocks=1088
[  220.634507][T10572] EXT4-fs (loop2): Block reservation details
[  220.640496][T10572] EXT4-fs (loop2): i_reserved_data_blocks=68
[  220.649041][T10572] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  220.720467][   T29] audit: type=1326 audit(1750585452.417:12901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.0.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  220.797426][   T29] audit: type=1326 audit(1750585452.447:12902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.0.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  220.821174][   T29] audit: type=1326 audit(1750585452.447:12903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.0.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  220.844852][   T29] audit: type=1326 audit(1750585452.447:12904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.0.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  220.868467][   T29] audit: type=1326 audit(1750585452.447:12905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.0.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  220.892089][   T29] audit: type=1326 audit(1750585452.447:12906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.0.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  220.915761][   T29] audit: type=1326 audit(1750585452.447:12907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10576 comm="syz.0.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  221.000824][T10573] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(11)
[  221.007527][T10573] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  221.015210][T10573] vhci_hcd vhci_hcd.0: Device attached
[  221.040537][T10574] vhci_hcd: connection closed
[  221.052577][  T112] vhci_hcd: stop threads
[  221.061529][  T112] vhci_hcd: release socket
[  221.065933][  T112] vhci_hcd: disconnect device
[  221.201465][T10584] pimreg: left allmulticast mode
[  221.377254][T10599] loop7: detected capacity change from 0 to 512
[  221.385881][T10599] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.1966: iget: bad i_size value: 38620345925642
[  221.398945][T10599] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.1966: couldn't read orphan inode 15 (err -117)
[  221.411912][T10599] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.436874][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.456175][T10603] loop7: detected capacity change from 0 to 512
[  221.463026][T10603] EXT4-fs: Ignoring removed nomblk_io_submit option
[  221.472631][T10603] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.491912][T10603] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  221.707383][T10611] pimreg: entered allmulticast mode
[  221.724936][T10611] pimreg: left allmulticast mode
[  221.832310][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.927141][T10620] netlink: 16 bytes leftover after parsing attributes in process `kfree'.
[  222.215099][T10633] loop8: detected capacity change from 0 to 512
[  222.222018][T10633] EXT4-fs: Ignoring removed mblk_io_submit option
[  222.298157][T10633] EXT4-fs error (device loop8): ext4_iget_extra_inode:5035: inode #15: comm syz.8.1974: corrupted in-inode xattr: overlapping e_value 
[  222.312731][T10633] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.1974: couldn't read orphan inode 15 (err -117)
[  222.326745][T10633] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.434243][T10634] pimreg: entered allmulticast mode
[  222.486362][T10638] pimreg: left allmulticast mode
[  222.614405][T10640] loop7: detected capacity change from 0 to 128
[  222.751176][T10644] loop7: detected capacity change from 0 to 128
[  222.775081][T10646] loop2: detected capacity change from 0 to 128
[  222.778831][T10644] bio_check_eod: 160 callbacks suppressed
[  222.778845][T10644] syz.7.1979: attempt to access beyond end of device
[  222.778845][T10644] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  222.800929][T10644] syz.7.1979: attempt to access beyond end of device
[  222.800929][T10644] loop7: rw=2049, sector=169, nr_sectors = 16 limit=128
[  222.825050][T10646] syz.2.1980: attempt to access beyond end of device
[  222.825050][T10646] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[  222.839093][T10647] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  222.845746][T10647] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  222.853434][T10647] vhci_hcd vhci_hcd.0: Device attached
[  222.891358][T10644] syz.7.1979: attempt to access beyond end of device
[  222.891358][T10644] loop7: rw=2049, sector=193, nr_sectors = 8 limit=128
[  222.906181][T10646] syz.2.1980: attempt to access beyond end of device
[  222.906181][T10646] loop2: rw=2049, sector=169, nr_sectors = 16 limit=128
[  222.919941][T10651] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(11)
[  222.920235][T10288] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.926569][T10651] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  222.926616][T10651] vhci_hcd vhci_hcd.0: Device attached
[  222.937129][T10644] syz.7.1979: attempt to access beyond end of device
[  222.937129][T10644] loop7: rw=2049, sector=209, nr_sectors = 8 limit=128
[  222.951001][T10646] syz.2.1980: attempt to access beyond end of device
[  222.951001][T10646] loop2: rw=2049, sector=193, nr_sectors = 8 limit=128
[  222.975852][T10646] syz.2.1980: attempt to access beyond end of device
[  222.975852][T10646] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  223.011357][T10646] syz.2.1980: attempt to access beyond end of device
[  223.011357][T10646] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  223.039478][T10657] loop8: detected capacity change from 0 to 512
[  223.045542][T10655] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  223.045990][T10648] vhci_hcd: connection closed
[  223.052373][T10655] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  223.054955][T10644] syz.7.1979: attempt to access beyond end of device
[  223.054955][T10644] loop7: rw=2049, sector=225, nr_sectors = 8 limit=128
[  223.057180][T10655] vhci_hcd vhci_hcd.0: Device attached
[  223.065031][  T112] vhci_hcd: stop threads
[  223.087826][  T112] vhci_hcd: release socket
[  223.092305][  T112] vhci_hcd: disconnect device
[  223.100839][ T1048] vhci_hcd: vhci_device speed not set
[  223.126747][T10661] loop1: detected capacity change from 0 to 512
[  223.135715][T10661] EXT4-fs: Ignoring removed nomblk_io_submit option
[  223.142418][ T3390] vhci_hcd: vhci_device speed not set
[  223.151571][T10657] EXT4-fs (loop8): too many log groups per flexible block group
[  223.159324][T10657] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  223.168624][T10657] EXT4-fs (loop8): mount failed
[  223.174191][T10652] vhci_hcd: connection closed
[  223.175618][T10661] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.194887][  T112] vhci_hcd: stop threads
[  223.198485][T10658] vhci_hcd: connection closed
[  223.199153][  T112] vhci_hcd: release socket
[  223.199169][  T112] vhci_hcd: disconnect device
[  223.203948][ T3390] usb 15-1: new full-speed USB device number 2 using vhci_hcd
[  223.208633][T10661] ext4 filesystem being mounted at /389/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  223.213158][ T3390] usb 15-1: enqueue for inactive port 0
[  223.238400][ T3390] usb 15-1: enqueue for inactive port 0
[  223.244035][ T3390] usb 15-1: enqueue for inactive port 0
[  223.246356][  T112] vhci_hcd: stop threads
[  223.253933][  T112] vhci_hcd: release socket
[  223.258364][  T112] vhci_hcd: disconnect device
[  223.258511][T10657] loop8: detected capacity change from 0 to 512
[  223.282402][T10657] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.295202][T10657] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  223.310867][ T3390] vhci_hcd: vhci_device speed not set
[  223.316341][ T3411] vhci_hcd: vhci_device speed not set
[  223.381502][T10288] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.453189][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.817017][T10688] tipc: Cannot configure node identity twice
[  224.102608][T10695] pimreg: entered allmulticast mode
[  224.125402][T10695] pimreg: left allmulticast mode
[  224.297308][T10698] loop8: detected capacity change from 0 to 128
[  224.441066][T10698] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(11)
[  224.447687][T10698] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  224.455299][T10698] vhci_hcd vhci_hcd.0: Device attached
[  224.465152][T10710] vhci_hcd: connection closed
[  224.465861][  T112] vhci_hcd: stop threads
[  224.474959][  T112] vhci_hcd: release socket
[  224.479370][  T112] vhci_hcd: disconnect device
[  224.490391][T10714] FAULT_INJECTION: forcing a failure.
[  224.490391][T10714] name failslab, interval 1, probability 0, space 0, times 0
[  224.503053][T10714] CPU: 1 UID: 0 PID: 10714 Comm: syz.1.1996 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  224.503079][T10714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.503090][T10714] Call Trace:
[  224.503097][T10714]  <TASK>
[  224.503123][T10714]  __dump_stack+0x1d/0x30
[  224.503145][T10714]  dump_stack_lvl+0xe8/0x140
[  224.503164][T10714]  dump_stack+0x15/0x1b
[  224.503177][T10714]  should_fail_ex+0x265/0x280
[  224.503202][T10714]  should_failslab+0x8c/0xb0
[  224.503307][T10714]  kmem_cache_alloc_node_noprof+0x57/0x320
[  224.503330][T10714]  ? __alloc_skb+0x101/0x320
[  224.503418][T10714]  __alloc_skb+0x101/0x320
[  224.503441][T10714]  netlink_alloc_large_skb+0xba/0xf0
[  224.503466][T10714]  netlink_sendmsg+0x3cf/0x6b0
[  224.503483][T10714]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.503544][T10714]  __sock_sendmsg+0x142/0x180
[  224.503564][T10714]  ____sys_sendmsg+0x31e/0x4e0
[  224.503596][T10714]  ___sys_sendmsg+0x17b/0x1d0
[  224.503697][T10714]  __x64_sys_sendmsg+0xd4/0x160
[  224.503751][T10714]  x64_sys_call+0x2999/0x2fb0
[  224.503823][T10714]  do_syscall_64+0xd2/0x200
[  224.503838][T10714]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  224.503862][T10714]  ? clear_bhb_loop+0x40/0x90
[  224.503918][T10714]  ? clear_bhb_loop+0x40/0x90
[  224.503939][T10714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.503959][T10714] RIP: 0033:0x7f66484be929
[  224.504008][T10714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.504024][T10714] RSP: 002b:00007f6646b27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.504043][T10714] RAX: ffffffffffffffda RBX: 00007f66486e5fa0 RCX: 00007f66484be929
[  224.504056][T10714] RDX: 0000000000004000 RSI: 00002000000000c0 RDI: 0000000000000003
[  224.504148][T10714] RBP: 00007f6646b27090 R08: 0000000000000000 R09: 0000000000000000
[  224.504158][T10714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.504169][T10714] R13: 0000000000000000 R14: 00007f66486e5fa0 R15: 00007fffd81ee598
[  224.504188][T10714]  </TASK>
[  224.878217][T10735] loop2: detected capacity change from 0 to 512
[  224.888574][T10735] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2004: iget: bad i_size value: 38620345925642
[  224.888671][T10735] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2004: couldn't read orphan inode 15 (err -117)
[  224.890520][T10735] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.894161][T10735] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2004: bg 0: block 5: invalid block bitmap
[  224.894394][T10735] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  224.894419][T10735] EXT4-fs (loop2): This should not happen!! Data will be lost
[  224.894419][T10735] 
[  224.894430][T10735] EXT4-fs (loop2): Total free blocks count 0
[  224.894441][T10735] EXT4-fs (loop2): Free/Dirty block details
[  224.894458][T10735] EXT4-fs (loop2): free_blocks=0
[  224.894478][T10735] EXT4-fs (loop2): dirty_blocks=16
[  224.894490][T10735] EXT4-fs (loop2): Block reservation details
[  224.894500][T10735] EXT4-fs (loop2): i_reserved_data_blocks=16
[  224.986931][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.133477][ T1601] Buffer I/O error on dev loop8, logical block 305, lost async page write
[  225.159231][T10755] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2011'.
[  225.338915][T10762] vlan0: entered promiscuous mode
[  225.580120][T10772] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2017'.
[  225.653576][T10778] loop1: detected capacity change from 0 to 1024
[  225.660526][T10778] EXT4-fs: Ignoring removed nobh option
[  225.666197][T10778] EXT4-fs: Ignoring removed bh option
[  225.683559][T10780] loop7: detected capacity change from 0 to 512
[  225.690130][T10780] EXT4-fs: Ignoring removed nomblk_io_submit option
[  225.698402][T10778] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.702290][T10780] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.714625][T10778] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.2020: Allocating blocks 497-513 which overlap fs metadata
[  225.737415][T10780] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  225.738466][T10778] EXT4-fs (loop1): pa ffff8881068021c0: logic 256, phys. 369, len 9
[  225.756440][T10778] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  225.766667][T10778] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  225.804252][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.114152][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.161738][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  226.161750][   T29] audit: type=1326 audit(1750585457.867:12985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.231587][   T29] audit: type=1326 audit(1750585457.897:12986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.255345][   T29] audit: type=1326 audit(1750585457.897:12987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.279040][   T29] audit: type=1326 audit(1750585457.907:12988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.302519][   T29] audit: type=1326 audit(1750585457.907:12989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.326244][   T29] audit: type=1326 audit(1750585457.907:12990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.349820][   T29] audit: type=1326 audit(1750585457.907:12991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.373406][   T29] audit: type=1326 audit(1750585457.907:12992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.397143][   T29] audit: type=1326 audit(1750585457.907:12993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.420698][   T29] audit: type=1326 audit(1750585457.907:12994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10804 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f429ad6e929 code=0x7ffc0000
[  226.475526][T10817] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  226.482125][T10817] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  226.489812][T10817] vhci_hcd vhci_hcd.0: Device attached
[  226.576820][T10818] vhci_hcd: connection closed
[  226.577038][  T112] vhci_hcd: stop threads
[  226.586098][  T112] vhci_hcd: release socket
[  226.590687][  T112] vhci_hcd: disconnect device
[  226.977031][T10825] loop8: detected capacity change from 0 to 128
[  227.072474][T10833] loop7: detected capacity change from 0 to 512
[  227.081960][T10833] EXT4-fs (loop7): too many log groups per flexible block group
[  227.089691][T10833] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  227.089807][T10831] loop1: detected capacity change from 0 to 2048
[  227.103709][T10833] EXT4-fs (loop7): mount failed
[  227.171796][T10831] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.192703][T10825] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(11)
[  227.199393][T10825] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  227.207056][T10825] vhci_hcd vhci_hcd.0: Device attached
[  227.212728][T10833] loop7: detected capacity change from 0 to 512
[  227.219160][T10843] vhci_hcd: connection closed
[  227.219317][ T1829] vhci_hcd: stop threads
[  227.228486][ T1829] vhci_hcd: release socket
[  227.232945][ T1829] vhci_hcd: disconnect device
[  227.276047][T10833] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.298495][T10833] ext4 filesystem being mounted at /74/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  227.309180][T10849] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  227.325217][T10849] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  227.337447][T10849] EXT4-fs (loop1): This should not happen!! Data will be lost
[  227.337447][T10849] 
[  227.347149][T10849] EXT4-fs (loop1): Total free blocks count 0
[  227.353214][T10849] EXT4-fs (loop1): Free/Dirty block details
[  227.359201][T10849] EXT4-fs (loop1): free_blocks=2415919504
[  227.364950][T10849] EXT4-fs (loop1): dirty_blocks=3840
[  227.370306][T10849] EXT4-fs (loop1): Block reservation details
[  227.376309][T10849] EXT4-fs (loop1): i_reserved_data_blocks=240
[  227.403493][T10849] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  227.471348][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.665535][T10861] loop7: detected capacity change from 0 to 128
[  227.753586][T10862] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(11)
[  227.760212][T10862] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  227.767845][T10862] vhci_hcd vhci_hcd.0: Device attached
[  227.814109][ T1601] bio_check_eod: 400 callbacks suppressed
[  227.814124][ T1601] kworker/u8:7: attempt to access beyond end of device
[  227.814124][ T1601] loop8: rw=1, sector=305, nr_sectors = 1 limit=128
[  227.817756][T10863] vhci_hcd: connection closed
[  227.819993][ T1601] Buffer I/O error on dev loop8, logical block 305, lost async page write
[  227.847679][ T1879] vhci_hcd: stop threads
[  227.851986][ T1879] vhci_hcd: release socket
[  227.856397][ T1879] vhci_hcd: disconnect device
[  227.894848][T10872] tipc: Started in network mode
[  227.899730][T10872] tipc: Node identity 7, cluster identity 4711
[  227.905914][T10872] tipc: Node number set to 7
[  228.214325][T10886] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.221761][T10886] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.249783][T10886] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.257287][T10886] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.265027][T10885] loop2: detected capacity change from 0 to 512
[  228.287457][T10885] EXT4-fs: Ignoring removed mblk_io_submit option
[  228.340834][T10888] loop1: detected capacity change from 0 to 512
[  228.351923][T10885] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.2048: corrupted in-inode xattr: overlapping e_value 
[  228.382606][T10885] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2048: couldn't read orphan inode 15 (err -117)
[  228.406805][T10885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.452560][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.452560][ T1879] loop7: rw=1, sector=305, nr_sectors = 80 limit=128
[  228.465422][T10888] EXT4-fs (loop1): too many log groups per flexible block group
[  228.466310][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.466310][ T1879] loop7: rw=1, sector=393, nr_sectors = 8 limit=128
[  228.473780][T10888] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  228.487283][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.487283][ T1879] loop7: rw=1, sector=409, nr_sectors = 8 limit=128
[  228.521084][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.521084][ T1879] loop7: rw=1, sector=425, nr_sectors = 8 limit=128
[  228.530813][T10888] EXT4-fs (loop1): mount failed
[  228.534590][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.534590][ T1879] loop7: rw=1, sector=441, nr_sectors = 8 limit=128
[  228.555349][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.555349][ T1879] loop7: rw=1, sector=457, nr_sectors = 8 limit=128
[  228.569279][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.569279][ T1879] loop7: rw=1, sector=473, nr_sectors = 8 limit=128
[  228.583244][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.583244][ T1879] loop7: rw=1, sector=489, nr_sectors = 8 limit=128
[  228.603961][T10888] loop1: detected capacity change from 0 to 512
[  228.617592][ T1879] kworker/u8:11: attempt to access beyond end of device
[  228.617592][ T1879] loop7: rw=1, sector=505, nr_sectors = 8 limit=128
[  228.637591][T10888] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.650316][T10888] ext4 filesystem being mounted at /405/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  228.741514][T10900] loop7: detected capacity change from 0 to 128
[  228.769712][T10902] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2053'.
[  228.869305][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.942427][T10905] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(10)
[  228.949115][T10905] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  228.956801][T10905] vhci_hcd vhci_hcd.0: Device attached
[  229.014452][T10906] vhci_hcd: connection closed
[  229.014771][ T1879] vhci_hcd: stop threads
[  229.017466][T10909] loop1: detected capacity change from 0 to 128
[  229.019496][ T1879] vhci_hcd: release socket
[  229.034552][ T1879] vhci_hcd: disconnect device
[  229.153265][T10909] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  229.159972][T10909] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  229.167612][T10909] vhci_hcd vhci_hcd.0: Device attached
[  229.201919][T10915] vhci_hcd: connection closed
[  229.202107][ T1829] vhci_hcd: stop threads
[  229.211074][ T1829] vhci_hcd: release socket
[  229.215494][ T1829] vhci_hcd: disconnect device
[  229.225767][T10918] loop8: detected capacity change from 0 to 1024
[  229.236119][T10918] EXT4-fs: Ignoring removed nobh option
[  229.241710][T10918] EXT4-fs: Ignoring removed bh option
[  229.278065][T10918] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.304899][T10918] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4113: comm syz.8.2059: Allocating blocks 497-513 which overlap fs metadata
[  229.324306][T10922] tipc: Cannot configure node identity twice
[  229.329532][T10918] EXT4-fs (loop8): pa ffff888106aa39a0: logic 256, phys. 369, len 9
[  229.338321][T10918] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  229.348689][T10918] EXT4-fs error (device loop8): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  229.375690][T10288] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.397266][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.445896][T10932] loop8: detected capacity change from 0 to 128
[  229.528005][T10936] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(10)
[  229.534645][T10936] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  229.542237][T10936] vhci_hcd vhci_hcd.0: Device attached
[  229.586067][T10937] vhci_hcd: connection closed
[  229.586339][ T1601] vhci_hcd: stop threads
[  229.595367][ T1601] vhci_hcd: release socket
[  229.599787][ T1601] vhci_hcd: disconnect device
[  229.746576][ T1601] Buffer I/O error on dev loop1, logical block 305, lost async page write
[  229.762798][T10949] lo speed is unknown, defaulting to 1000
[  229.768910][T10949] lo speed is unknown, defaulting to 1000
[  229.774952][T10949] lo speed is unknown, defaulting to 1000
[  229.781260][T10949] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  229.782225][T10951] loop2: detected capacity change from 0 to 512
[  229.788897][T10949] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  229.804130][T10949] lo speed is unknown, defaulting to 1000
[  229.810316][T10949] lo speed is unknown, defaulting to 1000
[  229.816448][T10949] lo speed is unknown, defaulting to 1000
[  229.821650][T10952] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2069'.
[  229.822730][T10949] lo speed is unknown, defaulting to 1000
[  229.833022][T10951] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.837523][T10949] lo speed is unknown, defaulting to 1000
[  229.850616][T10951] ext4 filesystem being mounted at /402/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.171653][T10961] loop8: detected capacity change from 0 to 1024
[  230.178280][T10961] EXT4-fs: Ignoring removed nobh option
[  230.183877][T10961] EXT4-fs: Ignoring removed bh option
[  230.194275][T10961] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.212874][T10961] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4113: comm syz.8.2072: Allocating blocks 497-513 which overlap fs metadata
[  230.229331][T10961] EXT4-fs (loop8): pa ffff888106aa3930: logic 256, phys. 369, len 9
[  230.237383][T10961] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  230.248388][T10961] EXT4-fs error (device loop8): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  230.304710][T10288] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.520899][T10974] loop8: detected capacity change from 0 to 128
[  230.587879][T10974] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(11)
[  230.594489][T10974] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  230.602148][T10974] vhci_hcd vhci_hcd.0: Device attached
[  230.608858][T10979] vhci_hcd: connection closed
[  230.609029][   T12] vhci_hcd: stop threads
[  230.618060][   T12] vhci_hcd: release socket
[  230.622498][   T12] vhci_hcd: disconnect device
[  230.638201][T10983] loop1: detected capacity change from 0 to 512
[  230.645419][T10983] EXT4-fs: Ignoring removed nomblk_io_submit option
[  230.672822][T10983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.696510][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.703110][T10983] ext4 filesystem being mounted at /409/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  230.821379][T10992] pimreg: entered allmulticast mode
[  230.834647][T10992] pimreg: left allmulticast mode
[  230.933943][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.153033][T11005] loop8: detected capacity change from 0 to 1024
[  231.160008][T11005] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  231.171033][T11005] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  231.182998][T11005] JBD2: no valid journal superblock found
[  231.188757][T11005] EXT4-fs (loop8): Could not load journal inode
[  231.224151][   T29] kauditd_printk_skb: 192 callbacks suppressed
[  231.224165][   T29] audit: type=1326 audit(1750585462.917:13187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.253978][   T29] audit: type=1326 audit(1750585462.917:13188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.277681][   T29] audit: type=1326 audit(1750585462.917:13189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.301274][   T29] audit: type=1326 audit(1750585462.917:13190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.324898][   T29] audit: type=1326 audit(1750585462.917:13191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.330149][T11011] loop2: detected capacity change from 0 to 512
[  231.348448][   T29] audit: type=1326 audit(1750585462.917:13192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.348477][   T29] audit: type=1326 audit(1750585462.917:13193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.401973][   T29] audit: type=1326 audit(1750585462.917:13194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.425571][   T29] audit: type=1326 audit(1750585462.917:13195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.449264][   T29] audit: type=1326 audit(1750585462.917:13196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11006 comm="syz.2.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  231.542133][T11011] EXT4-fs (loop2): too many log groups per flexible block group
[  231.546940][T11019] loop8: detected capacity change from 0 to 512
[  231.550000][T11011] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  231.563585][T11011] EXT4-fs (loop2): mount failed
[  231.564378][T11019] EXT4-fs error (device loop8): ext4_orphan_get:1393: inode #15: comm syz.8.2093: iget: bad i_size value: 38620345925642
[  231.593812][T11019] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.2093: couldn't read orphan inode 15 (err -117)
[  231.610206][T11011] loop2: detected capacity change from 0 to 512
[  231.610695][T11019] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.643285][T11011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.658618][T11011] ext4 filesystem being mounted at /409/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  231.673753][T10288] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.744593][T11029] loop8: detected capacity change from 0 to 512
[  231.751329][T11029] EXT4-fs: Ignoring removed nomblk_io_submit option
[  231.822083][T11029] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.835328][T11029] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  231.931454][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.978699][T11039] loop7: detected capacity change from 0 to 128
[  232.246605][T11042] netlink: 16 bytes leftover after parsing attributes in process `kfree'.
[  232.346390][T11047] loop2: detected capacity change from 0 to 128
[  232.354088][T10288] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.369618][T11049] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(11)
[  232.376239][T11049] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  232.383947][T11049] vhci_hcd vhci_hcd.0: Device attached
[  232.456567][T11050] vhci_hcd: connection closed
[  232.456889][   T12] vhci_hcd: stop threads
[  232.465917][   T12] vhci_hcd: release socket
[  232.470327][   T12] vhci_hcd: disconnect device
[  232.471438][T11047] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  232.481578][T11047] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  232.489281][T11047] vhci_hcd vhci_hcd.0: Device attached
[  232.502902][T11053] vhci_hcd: connection closed
[  232.504687][ T1879] vhci_hcd: stop threads
[  232.513693][ T1879] vhci_hcd: release socket
[  232.518100][ T1879] vhci_hcd: disconnect device
[  232.562062][T11055] lo speed is unknown, defaulting to 1000
[  232.573769][T11063] loop8: detected capacity change from 0 to 1024
[  232.580908][T11063] EXT4-fs: Ignoring removed nobh option
[  232.586499][T11063] EXT4-fs: Ignoring removed bh option
[  232.602486][T11063] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.618482][T11063] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4113: comm syz.8.2104: Allocating blocks 497-513 which overlap fs metadata
[  232.633100][T11063] EXT4-fs (loop8): pa ffff888106aa3a10: logic 256, phys. 369, len 9
[  232.641194][T11063] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  232.651350][T11063] EXT4-fs error (device loop8): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  232.674835][T10288] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.702914][T11069] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2106'.
[  232.711947][T11069] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2106'.
[  232.903460][  T112] bio_check_eod: 480 callbacks suppressed
[  232.903479][  T112] kworker/u8:4: attempt to access beyond end of device
[  232.903479][  T112] loop7: rw=1, sector=305, nr_sectors = 80 limit=128
[  232.922893][  T112] kworker/u8:4: attempt to access beyond end of device
[  232.922893][  T112] loop7: rw=1, sector=393, nr_sectors = 8 limit=128
[  232.936273][  T112] kworker/u8:4: attempt to access beyond end of device
[  232.936273][  T112] loop7: rw=1, sector=409, nr_sectors = 8 limit=128
[  232.949657][  T112] kworker/u8:4: attempt to access beyond end of device
[  232.949657][  T112] loop7: rw=1, sector=425, nr_sectors = 8 limit=128
[  232.963172][  T112] kworker/u8:4: attempt to access beyond end of device
[  232.963172][  T112] loop7: rw=1, sector=441, nr_sectors = 8 limit=128
[  232.976501][  T112] kworker/u8:4: attempt to access beyond end of device
[  232.976501][  T112] loop7: rw=1, sector=457, nr_sectors = 8 limit=128
[  232.989814][  T112] kworker/u8:4: attempt to access beyond end of device
[  232.989814][  T112] loop7: rw=1, sector=473, nr_sectors = 8 limit=128
[  233.003139][  T112] kworker/u8:4: attempt to access beyond end of device
[  233.003139][  T112] loop7: rw=1, sector=489, nr_sectors = 8 limit=128
[  233.016453][  T112] kworker/u8:4: attempt to access beyond end of device
[  233.016453][  T112] loop7: rw=1, sector=505, nr_sectors = 8 limit=128
[  233.029864][  T112] kworker/u8:4: attempt to access beyond end of device
[  233.029864][  T112] loop7: rw=1, sector=521, nr_sectors = 8 limit=128
[  233.058355][T11073] loop7: detected capacity change from 0 to 512
[  233.072732][T11073] EXT4-fs (loop7): too many log groups per flexible block group
[  233.080424][T11073] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  233.087380][T11073] EXT4-fs (loop7): mount failed
[  233.097839][T11073] loop7: detected capacity change from 0 to 512
[  233.112517][T11073] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.125251][T11073] ext4 filesystem being mounted at /86/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  233.174629][T11081] loop1: detected capacity change from 0 to 512
[  233.182256][T11081] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2109: iget: bad i_size value: 38620345925642
[  233.237273][T11081] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2109: couldn't read orphan inode 15 (err -117)
[  233.263127][T11088] loop2: detected capacity change from 0 to 512
[  233.269883][T11081] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.269957][T11088] EXT4-fs: Ignoring removed nomblk_io_submit option
[  233.303616][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.312239][T11088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.325352][T11088] ext4 filesystem being mounted at /412/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  233.338488][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.375701][T11097] loop1: detected capacity change from 0 to 1024
[  233.391758][T11097] EXT4-fs: Ignoring removed nobh option
[  233.397432][T11097] EXT4-fs: Ignoring removed bh option
[  233.429285][T11097] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.453230][T11106] loop7: detected capacity change from 0 to 1024
[  233.461259][T11106] EXT4-fs: Ignoring removed nobh option
[  233.466055][T11097] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.2114: Allocating blocks 497-513 which overlap fs metadata
[  233.466989][T11106] EXT4-fs: Ignoring removed bh option
[  233.487254][T11097] EXT4-fs (loop1): pa ffff8881068022a0: logic 256, phys. 369, len 9
[  233.495315][T11097] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  233.505941][T11097] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  233.522131][T11106] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.553319][T11106] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.2116: Allocating blocks 497-513 which overlap fs metadata
[  233.571652][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.583851][T11112] loop8: detected capacity change from 0 to 128
[  233.594459][T11106] EXT4-fs (loop7): pa ffff8881068023f0: logic 256, phys. 369, len 9
[  233.602593][T11106] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  233.614458][T11106] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  233.630139][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.653177][T11114] loop1: detected capacity change from 0 to 512
[  233.663767][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.783892][T11118] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(9)
[  233.790424][T11118] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  233.798030][T11118] vhci_hcd vhci_hcd.0: Device attached
[  233.804714][T11114] EXT4-fs (loop1): too many log groups per flexible block group
[  233.812437][T11114] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  233.812650][T11120] vhci_hcd: connection closed
[  233.819428][T11114] EXT4-fs (loop1): mount failed
[  233.829553][ T1601] vhci_hcd: stop threads
[  233.833849][ T1601] vhci_hcd: release socket
[  233.838299][ T1601] vhci_hcd: disconnect device
[  233.852920][T11126] lo speed is unknown, defaulting to 1000
[  233.858879][T11114] loop1: detected capacity change from 0 to 512
[  233.871285][T11127] loop2: detected capacity change from 0 to 512
[  233.878270][T11127] EXT4-fs: Ignoring removed mblk_io_submit option
[  233.887019][T11114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.889671][T11127] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.2122: corrupted in-inode xattr: overlapping e_value 
[  233.902196][T11114] ext4 filesystem being mounted at /417/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  233.914135][T11127] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2122: couldn't read orphan inode 15 (err -117)
[  233.937024][T11127] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.043345][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.060624][T11133] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2123'.
[  234.069548][T11133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2123'.
[  234.331894][T11140] netlink: 16 bytes leftover after parsing attributes in process `kfree'.
[  234.404556][T11146] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2128'.
[  234.413595][T11146] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2128'.
[  234.427087][T11147] pimreg: entered allmulticast mode
[  234.433095][T11147] pimreg: left allmulticast mode
[  234.611037][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.715724][T11159] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  234.824553][T11165] loop7: detected capacity change from 0 to 2048
[  234.842173][T11165] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.199367][T11173] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  235.199612][T11173] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  235.199637][T11173] EXT4-fs (loop7): This should not happen!! Data will be lost
[  235.199637][T11173] 
[  235.199647][T11173] EXT4-fs (loop7): Total free blocks count 0
[  235.199658][T11173] EXT4-fs (loop7): Free/Dirty block details
[  235.199667][T11173] EXT4-fs (loop7): free_blocks=2415919504
[  235.199678][T11173] EXT4-fs (loop7): dirty_blocks=10624
[  235.199721][T11173] EXT4-fs (loop7): Block reservation details
[  235.199730][T11173] EXT4-fs (loop7): i_reserved_data_blocks=664
[  235.199914][T11173] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  235.299068][T11175] loop8: detected capacity change from 0 to 512
[  235.322554][T11175] EXT4-fs (loop8): too many log groups per flexible block group
[  235.330265][T11175] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  235.338051][T11175] EXT4-fs (loop8): mount failed
[  235.352008][T11175] loop8: detected capacity change from 0 to 512
[  235.362262][T11175] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  235.521603][T11188] loop8: detected capacity change from 0 to 2048
[  235.535309][T11190] loop7: detected capacity change from 0 to 1024
[  235.543263][T11190] EXT4-fs: Ignoring removed nobh option
[  235.548885][T11190] EXT4-fs: Ignoring removed bh option
[  235.626784][T11190] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.2140: Allocating blocks 497-513 which overlap fs metadata
[  235.654258][T11190] EXT4-fs (loop7): pa ffff888106802540: logic 256, phys. 369, len 9
[  235.662426][T11190] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  235.671311][T11204] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2147'.
[  235.681383][T11204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2147'.
[  235.681852][T11190] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  235.722921][T11206] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  235.761053][T11206] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  235.763518][T11208] loop7: detected capacity change from 0 to 1024
[  235.773300][T11206] EXT4-fs (loop8): This should not happen!! Data will be lost
[  235.773300][T11206] 
[  235.789433][T11206] EXT4-fs (loop8): Total free blocks count 0
[  235.795549][T11206] EXT4-fs (loop8): Free/Dirty block details
[  235.801588][T11206] EXT4-fs (loop8): free_blocks=2415919504
[  235.807326][T11206] EXT4-fs (loop8): dirty_blocks=1248
[  235.813269][T11206] EXT4-fs (loop8): Block reservation details
[  235.819255][T11206] EXT4-fs (loop8): i_reserved_data_blocks=78
[  235.826258][T11208] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  235.837318][T11208] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  235.870082][T11208] JBD2: no valid journal superblock found
[  235.875892][T11208] EXT4-fs (loop7): Could not load journal inode
[  235.888637][T11206] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  235.900880][T11206] EXT4-fs (loop8): This should not happen!! Data will be lost
[  235.900880][T11206] 
[  235.930454][T11216] loop1: detected capacity change from 0 to 2048
[  235.940023][T11218] loop7: detected capacity change from 0 to 512
[  235.951213][T11218] EXT4-fs: Ignoring removed nomblk_io_submit option
[  235.972740][T11218] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  236.079813][T11224] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  236.102275][T11224] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  236.114569][T11224] EXT4-fs (loop1): This should not happen!! Data will be lost
[  236.114569][T11224] 
[  236.124223][T11224] EXT4-fs (loop1): Total free blocks count 0
[  236.130207][T11224] EXT4-fs (loop1): Free/Dirty block details
[  236.136113][T11224] EXT4-fs (loop1): free_blocks=2415919504
[  236.141863][T11224] EXT4-fs (loop1): dirty_blocks=3520
[  236.147151][T11224] EXT4-fs (loop1): Block reservation details
[  236.153171][T11224] EXT4-fs (loop1): i_reserved_data_blocks=220
[  236.187068][T11224] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  236.199294][T11224] EXT4-fs (loop1): This should not happen!! Data will be lost
[  236.199294][T11224] 
[  236.643618][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  236.643631][   T29] audit: type=1326 audit(1750585468.347:13274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11241 comm="syz.8.2155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd821e929 code=0x7ffc0000
[  236.678886][   T29] audit: type=1326 audit(1750585468.347:13275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11241 comm="syz.8.2155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd821e929 code=0x7ffc0000
[  236.702535][   T29] audit: type=1326 audit(1750585468.377:13276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11241 comm="syz.8.2155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9dd821e929 code=0x7ffc0000
[  236.732878][   T29] audit: type=1326 audit(1750585468.377:13277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11241 comm="syz.8.2155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd821e929 code=0x7ffc0000
[  236.756511][   T29] audit: type=1326 audit(1750585468.377:13278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11241 comm="syz.8.2155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd821e929 code=0x7ffc0000
[  236.780573][   T29] audit: type=1326 audit(1750585468.467:13279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11241 comm="syz.8.2155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dd821e929 code=0x7ffc0000
[  236.804212][   T29] audit: type=1326 audit(1750585468.467:13280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11241 comm="syz.8.2155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd821e929 code=0x7ffc0000
[  236.821500][T11242] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  236.828144][   T29] audit: type=1326 audit(1750585468.467:13281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11241 comm="syz.8.2155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd821e929 code=0x7ffc0000
[  236.835554][T11242] audit: out of memory in audit_log_start
[  237.026991][T11256] loop1: detected capacity change from 0 to 128
[  237.093455][T11256] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  237.100086][T11256] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  237.107701][T11256] vhci_hcd vhci_hcd.0: Device attached
[  237.114916][T11257] vhci_hcd: connection closed
[  237.115165][ T1829] vhci_hcd: stop threads
[  237.124122][ T1829] vhci_hcd: release socket
[  237.128543][ T1829] vhci_hcd: disconnect device
[  237.153160][T11262] loop8: detected capacity change from 0 to 1024
[  237.160151][T11262] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  237.171069][T11262] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  237.181605][T11262] JBD2: no valid journal superblock found
[  237.187349][T11262] EXT4-fs (loop8): Could not load journal inode
[  237.280379][T11270] loop8: detected capacity change from 0 to 2048
[  237.344662][T11276] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  237.359729][T11276] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  237.372800][T11276] EXT4-fs (loop8): This should not happen!! Data will be lost
[  237.372800][T11276] 
[  237.382475][T11276] EXT4-fs (loop8): Total free blocks count 0
[  237.388962][T11276] EXT4-fs (loop8): Free/Dirty block details
[  237.395009][T11276] EXT4-fs (loop8): free_blocks=2415919504
[  237.400829][T11276] EXT4-fs (loop8): dirty_blocks=2848
[  237.406157][T11276] EXT4-fs (loop8): Block reservation details
[  237.412183][T11276] EXT4-fs (loop8): i_reserved_data_blocks=178
[  237.419515][T11276] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  237.431826][T11276] EXT4-fs (loop8): This should not happen!! Data will be lost
[  237.431826][T11276] 
[  237.447771][T11277] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  237.454305][T11277] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  237.461899][T11277] vhci_hcd vhci_hcd.0: Device attached
[  237.640924][ T3411] vhci_hcd: vhci_device speed not set
[  237.703518][T11283] lo speed is unknown, defaulting to 1000
[  237.786873][ T3411] usb 1-1: new full-speed USB device number 14 using vhci_hcd
[  237.823289][T11278] vhci_hcd: connection reset by peer
[  237.855931][  T112] vhci_hcd: stop threads
[  237.860211][  T112] vhci_hcd: release socket
[  237.864713][  T112] vhci_hcd: disconnect device
[  238.215673][T11302] loop8: detected capacity change from 0 to 512
[  238.243815][T11304] loop1: detected capacity change from 0 to 1024
[  238.247162][T11302] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.262323][T11304] ext4 filesystem being mounted at /433/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.309555][T11304] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2179: bg 0: block 393: padding at end of block bitmap is not set
[  238.354003][T11304] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117
[  238.366677][T11304] EXT4-fs (loop1): This should not happen!! Data will be lost
[  238.366677][T11304] 
[  239.173672][T11340] loop2: detected capacity change from 0 to 1024
[  239.201491][T11340] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  239.212505][T11340] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  239.250479][T11341] loop7: detected capacity change from 0 to 128
[  239.261285][T11340] JBD2: no valid journal superblock found
[  239.267033][T11340] EXT4-fs (loop2): Could not load journal inode
[  239.297402][T11338] bio_check_eod: 372 callbacks suppressed
[  239.297417][T11338] syz.7.2190: attempt to access beyond end of device
[  239.297417][T11338] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  239.337553][T11338] syz.7.2190: attempt to access beyond end of device
[  239.337553][T11338] loop7: rw=2049, sector=169, nr_sectors = 16 limit=128
[  239.368460][T11341] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(8)
[  239.370443][T11338] syz.7.2190: attempt to access beyond end of device
[  239.370443][T11338] loop7: rw=2049, sector=193, nr_sectors = 8 limit=128
[  239.375051][T11341] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  239.375186][T11341] vhci_hcd vhci_hcd.0: Device attached
[  239.393114][T11347] loop1: detected capacity change from 0 to 512
[  239.426759][T11338] syz.7.2190: attempt to access beyond end of device
[  239.426759][T11338] loop7: rw=2049, sector=209, nr_sectors = 8 limit=128
[  239.459603][T11338] syz.7.2190: attempt to access beyond end of device
[  239.459603][T11338] loop7: rw=2049, sector=225, nr_sectors = 8 limit=128
[  239.482123][T11347] ext4 filesystem being mounted at /436/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.500898][T11338] syz.7.2190: attempt to access beyond end of device
[  239.500898][T11338] loop7: rw=2049, sector=241, nr_sectors = 8 limit=128
[  239.536926][T11338] syz.7.2190: attempt to access beyond end of device
[  239.536926][T11338] loop7: rw=2049, sector=257, nr_sectors = 8 limit=128
[  239.555673][T11338] syz.7.2190: attempt to access beyond end of device
[  239.555673][T11338] loop7: rw=2049, sector=273, nr_sectors = 8 limit=128
[  239.569503][T11338] syz.7.2190: attempt to access beyond end of device
[  239.569503][T11338] loop7: rw=2049, sector=289, nr_sectors = 9 limit=128
[  239.595219][   T23] vhci_hcd: vhci_device speed not set
[  239.604709][T11344] vhci_hcd: connection closed
[  239.607993][ T1601] vhci_hcd: stop threads
[  239.617082][ T1601] vhci_hcd: release socket
[  239.621579][ T1601] vhci_hcd: disconnect device
[  239.650902][   T23] usb 15-1: new full-speed USB device number 3 using vhci_hcd
[  239.659757][   T23] usb 15-1: enqueue for inactive port 0
[  239.670933][   T23] usb 15-1: enqueue for inactive port 0
[  239.682104][   T23] usb 15-1: enqueue for inactive port 0
[  239.690091][T11369] loop2: detected capacity change from 0 to 2048
[  239.777715][   T23] vhci_hcd: vhci_device speed not set
[  239.803714][T11376] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  239.852795][T11376] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  239.865191][T11376] EXT4-fs (loop2): This should not happen!! Data will be lost
[  239.865191][T11376] 
[  239.874851][T11376] EXT4-fs (loop2): Total free blocks count 0
[  239.880844][T11376] EXT4-fs (loop2): Free/Dirty block details
[  239.886730][T11376] EXT4-fs (loop2): free_blocks=2415919504
[  239.892558][T11376] EXT4-fs (loop2): dirty_blocks=1152
[  239.897937][T11376] EXT4-fs (loop2): Block reservation details
[  239.903948][T11376] EXT4-fs (loop2): i_reserved_data_blocks=72
[  239.987407][T11376] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  239.999671][T11376] EXT4-fs (loop2): This should not happen!! Data will be lost
[  239.999671][T11376] 
[  240.313309][T11387] lo speed is unknown, defaulting to 1000
[  240.738488][T11398] vhci_hcd: invalid port number 96
[  240.743756][T11398] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  241.123164][T11408] loop8: detected capacity change from 0 to 512
[  241.131610][T11408] EXT4-fs error (device loop8): ext4_orphan_get:1393: inode #15: comm syz.8.2216: iget: bad i_size value: 38620345925642
[  241.144743][T11408] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.2216: couldn't read orphan inode 15 (err -117)
[  241.164834][T11411] loop1: detected capacity change from 0 to 512
[  241.186080][T11408] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm syz.8.2216: bg 0: block 5: invalid block bitmap
[  241.231185][T11411] EXT4-fs: Ignoring removed mblk_io_submit option
[  241.240389][T11408] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  241.252761][T11408] EXT4-fs (loop8): This should not happen!! Data will be lost
[  241.252761][T11408] 
[  241.262500][T11408] EXT4-fs (loop8): Total free blocks count 0
[  241.268558][T11408] EXT4-fs (loop8): Free/Dirty block details
[  241.274596][T11408] EXT4-fs (loop8): free_blocks=0
[  241.279585][T11408] EXT4-fs (loop8): dirty_blocks=16
[  241.284799][T11408] EXT4-fs (loop8): Block reservation details
[  241.290894][T11408] EXT4-fs (loop8): i_reserved_data_blocks=16
[  241.317665][T11411] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.2214: corrupted in-inode xattr: overlapping e_value 
[  241.357641][T11416] loop2: detected capacity change from 0 to 128
[  241.400289][T11416] syz.2.2217: attempt to access beyond end of device
[  241.400289][T11416] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[  241.407657][T11411] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2214: couldn't read orphan inode 15 (err -117)
[  241.592399][T11422] lo speed is unknown, defaulting to 1000
[  241.668875][T11428] loop8: detected capacity change from 0 to 1024
[  241.694497][T11428] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  241.705429][T11428] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  241.721678][T11428] JBD2: no valid journal superblock found
[  241.727443][T11428] EXT4-fs (loop8): Could not load journal inode
[  241.729680][   T29] kauditd_printk_skb: 124 callbacks suppressed
[  241.729693][   T29] audit: type=1400 audit(1750585473.427:13406): avc:  granted  { setsecparam } for  pid=11429 comm="syz.2.2224" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  241.768813][T11430] sd 0:0:1:0: device reset
[  241.773667][T10636] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set
[  241.814794][T11430] __nla_validate_parse: 2 callbacks suppressed
[  241.814809][T11430] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2224'.
[  241.829859][T11430] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2224'.
[  241.882339][T11437] loop2: detected capacity change from 0 to 128
[  241.902404][   T29] audit: type=1326 audit(1750585473.607:13407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  241.926055][   T29] audit: type=1326 audit(1750585473.607:13408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  241.971850][T11437] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  241.978502][T11437] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  241.986215][T11437] vhci_hcd vhci_hcd.0: Device attached
[  242.010106][T11442] vhci_hcd: connection closed
[  242.010469][  T112] vhci_hcd: stop threads
[  242.019490][  T112] vhci_hcd: release socket
[  242.023936][  T112] vhci_hcd: disconnect device
[  242.040820][   T29] audit: type=1326 audit(1750585473.657:13409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  242.064566][   T29] audit: type=1326 audit(1750585473.657:13410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  242.088220][   T29] audit: type=1326 audit(1750585473.657:13411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  242.111934][   T29] audit: type=1326 audit(1750585473.657:13412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  242.135596][   T29] audit: type=1326 audit(1750585473.657:13413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  242.159219][   T29] audit: type=1326 audit(1750585473.657:13414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  242.182928][   T29] audit: type=1326 audit(1750585473.657:13415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11436 comm="syz.2.2225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80c74e929 code=0x7ffc0000
[  242.553476][T11457] loop1: detected capacity change from 0 to 128
[  242.583183][T11459] loop8: detected capacity change from 0 to 512
[  242.591769][T11459] EXT4-fs error (device loop8): ext4_orphan_get:1393: inode #15: comm syz.8.2232: iget: bad i_size value: 38620345925642
[  242.604831][T11459] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.2232: couldn't read orphan inode 15 (err -117)
[  242.621328][T11459] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm syz.8.2232: bg 0: block 5: invalid block bitmap
[  242.634130][T11459] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  242.646501][T11459] EXT4-fs (loop8): This should not happen!! Data will be lost
[  242.646501][T11459] 
[  242.656272][T11459] EXT4-fs (loop8): Total free blocks count 0
[  242.662280][T11459] EXT4-fs (loop8): Free/Dirty block details
[  242.668236][T11459] EXT4-fs (loop8): free_blocks=0
[  242.673219][T11459] EXT4-fs (loop8): dirty_blocks=16
[  242.678379][T11459] EXT4-fs (loop8): Block reservation details
[  242.684381][T11459] EXT4-fs (loop8): i_reserved_data_blocks=16
[  242.704693][T11462] lo speed is unknown, defaulting to 1000
[  242.807720][T11465] loop2: detected capacity change from 0 to 512
[  242.898393][T11465] ext4 filesystem being mounted at /437/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.027059][ T3411] usb 1-1: enqueue for inactive port 0
[  243.032749][ T3411] usb 1-1: enqueue for inactive port 0
[  243.067014][T11473] loop1: detected capacity change from 0 to 1024
[  243.074080][T11473] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  243.085067][T11473] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  243.095513][T11473] JBD2: no valid journal superblock found
[  243.101379][T11473] EXT4-fs (loop1): Could not load journal inode
[  243.108718][ T3411] vhci_hcd: vhci_device speed not set
[  243.155397][T11479] loop8: detected capacity change from 0 to 128
[  243.617431][T11479] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(11)
[  243.624070][T11479] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  243.631713][T11479] vhci_hcd vhci_hcd.0: Device attached
[  243.675854][T11489] vhci_hcd: connection closed
[  243.676094][   T41] vhci_hcd: stop threads
[  243.685192][   T41] vhci_hcd: release socket
[  243.689607][   T41] vhci_hcd: disconnect device
[  243.913979][T11504] loop1: detected capacity change from 0 to 512
[  243.963598][T11504] ext4 filesystem being mounted at /444/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.039992][T11515] loop7: detected capacity change from 0 to 128
[  244.194434][T11520] lo speed is unknown, defaulting to 1000
[  244.237847][ T1829] Buffer I/O error on dev loop8, logical block 305, lost async page write
[  244.341043][T11532] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(11)
[  244.347717][T11532] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  244.355320][T11532] vhci_hcd vhci_hcd.0: Device attached
[  244.399648][T11533] vhci_hcd: connection closed
[  244.400764][ T1829] vhci_hcd: stop threads
[  244.409770][ T1829] vhci_hcd: release socket
[  244.409801][T11537] loop8: detected capacity change from 0 to 512
[  244.414204][ T1829] vhci_hcd: disconnect device
[  244.420732][T11537] EXT4-fs: Ignoring removed nomblk_io_submit option
[  244.453853][T11537] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  244.549720][T11546] sd 0:0:1:0: device reset
[  244.642988][T11546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2256'.
[  244.652023][T11546] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2256'.
[  244.703631][T11552] loop8: detected capacity change from 0 to 512
[  244.723385][T11552] EXT4-fs (loop8): too many log groups per flexible block group
[  244.731083][T11552] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  244.741611][T11552] EXT4-fs (loop8): mount failed
[  244.755013][T11552] loop8: detected capacity change from 0 to 512
[  244.774783][T11552] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  244.870257][T11570] loop2: detected capacity change from 0 to 2048
[  244.961174][   T41] bio_check_eod: 305 callbacks suppressed
[  244.961189][   T41] kworker/u8:2: attempt to access beyond end of device
[  244.961189][   T41] loop7: rw=1, sector=305, nr_sectors = 1 limit=128
[  244.980307][   T41] Buffer I/O error on dev loop7, logical block 305, lost async page write
[  245.004482][T11578] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  245.072538][T11581] loop7: detected capacity change from 0 to 1024
[  245.086365][T11578] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  245.087767][T11581] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  245.098588][T11578] EXT4-fs (loop2): This should not happen!! Data will be lost
[  245.098588][T11578] 
[  245.109532][T11581] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  245.119169][T11578] EXT4-fs (loop2): Total free blocks count 0
[  245.134852][T11578] EXT4-fs (loop2): Free/Dirty block details
[  245.139287][T11581] JBD2: no valid journal superblock found
[  245.140792][T11578] EXT4-fs (loop2): free_blocks=2415919504
[  245.140808][T11578] EXT4-fs (loop2): dirty_blocks=832
[  245.140872][T11578] EXT4-fs (loop2): Block reservation details
[  245.140882][T11578] EXT4-fs (loop2): i_reserved_data_blocks=52
[  245.141066][T11583] loop8: detected capacity change from 0 to 512
[  245.146606][T11581] EXT4-fs (loop7): Could not load journal inode
[  245.152797][T11583] EXT4-fs: Ignoring removed nomblk_io_submit option
[  245.207800][T11578] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  245.220031][T11578] EXT4-fs (loop2): This should not happen!! Data will be lost
[  245.220031][T11578] 
[  245.258199][T11584] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11584 comm=syz.1.2267
[  245.510220][T11587] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2270'.
[  245.676863][T11583] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  246.104226][T11608] lo speed is unknown, defaulting to 1000
[  246.297296][T11615] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2276'.
[  246.500944][T11619] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2276'.
[  246.544289][T11615] binfmt_misc: register: failed to install interpreter file ./file0
[  246.556546][T11625] loop1: detected capacity change from 0 to 128
[  246.569654][T11623] lo speed is unknown, defaulting to 1000
[  246.577591][T11625] syz.1.2279: attempt to access beyond end of device
[  246.577591][T11625] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  246.593361][T11625] syz.1.2279: attempt to access beyond end of device
[  246.593361][T11625] loop1: rw=2049, sector=169, nr_sectors = 16 limit=128
[  246.622558][T11625] syz.1.2279: attempt to access beyond end of device
[  246.622558][T11625] loop1: rw=2049, sector=193, nr_sectors = 8 limit=128
[  246.636397][T11625] syz.1.2279: attempt to access beyond end of device
[  246.636397][T11625] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  246.690102][T11625] syz.1.2279: attempt to access beyond end of device
[  246.690102][T11625] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  246.704184][T11625] syz.1.2279: attempt to access beyond end of device
[  246.704184][T11625] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  246.730121][T11625] syz.1.2279: attempt to access beyond end of device
[  246.730121][T11625] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  246.751292][T11625] syz.1.2279: attempt to access beyond end of device
[  246.751292][T11625] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  246.765014][T11625] syz.1.2279: attempt to access beyond end of device
[  246.765014][T11625] loop1: rw=2049, sector=289, nr_sectors = 9 limit=128
[  246.778755][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  246.778769][   T29] audit: type=1326 audit(1750585478.477:13567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  246.810412][   T29] audit: type=1326 audit(1750585478.507:13568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  246.910167][T11625] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  246.916883][T11625] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  246.924558][T11625] vhci_hcd vhci_hcd.0: Device attached
[  246.934294][   T29] audit: type=1326 audit(1750585478.557:13569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  246.957849][   T29] audit: type=1326 audit(1750585478.557:13570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  246.981532][   T29] audit: type=1326 audit(1750585478.557:13571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  247.005133][   T29] audit: type=1326 audit(1750585478.557:13572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  247.028780][   T29] audit: type=1326 audit(1750585478.557:13573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  247.052410][   T29] audit: type=1326 audit(1750585478.557:13574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  247.062535][T11636] vhci_hcd: connection closed
[  247.076090][   T29] audit: type=1326 audit(1750585478.557:13575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  247.104411][   T29] audit: type=1326 audit(1750585478.587:13576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66484be929 code=0x7ffc0000
[  247.128800][   T41] vhci_hcd: stop threads
[  247.133151][   T41] vhci_hcd: release socket
[  247.137653][   T41] vhci_hcd: disconnect device
[  247.174272][T11640] loop2: detected capacity change from 0 to 128
[  247.214635][   T10] vhci_hcd: vhci_device speed not set
[  247.240592][T11643] x_tables: duplicate underflow at hook 1
[  247.264929][T11640] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  247.271648][T11640] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  247.279408][T11640] vhci_hcd vhci_hcd.0: Device attached
[  247.299097][T11643] netlink: 'syz.7.2285': attribute type 1 has an invalid length.
[  247.306888][T11643] netlink: 'syz.7.2285': attribute type 1 has an invalid length.
[  247.314704][T11641] vhci_hcd: connection closed
[  247.318726][   T12] vhci_hcd: stop threads
[  247.327676][   T12] vhci_hcd: release socket
[  247.332116][   T12] vhci_hcd: disconnect device
[  247.358589][T11650] loop7: detected capacity change from 0 to 512
[  247.366553][T11650] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.2289: iget: bad i_size value: 38620345925642
[  247.380230][T11650] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.2289: couldn't read orphan inode 15 (err -117)
[  247.397322][T11650] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.2289: bg 0: block 5: invalid block bitmap
[  247.411326][T11650] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  247.423621][T11650] EXT4-fs (loop7): This should not happen!! Data will be lost
[  247.423621][T11650] 
[  247.433270][T11650] EXT4-fs (loop7): Total free blocks count 0
[  247.439248][T11650] EXT4-fs (loop7): Free/Dirty block details
[  247.445225][T11650] EXT4-fs (loop7): free_blocks=0
[  247.450173][T11650] EXT4-fs (loop7): dirty_blocks=16
[  247.455307][T11650] EXT4-fs (loop7): Block reservation details
[  247.461375][T11650] EXT4-fs (loop7): i_reserved_data_blocks=16
[  247.562611][T11660] sd 0:0:1:0: device reset
[  247.599020][T11663] loop7: detected capacity change from 0 to 1024
[  247.606128][T11663] EXT4-fs: Ignoring removed nobh option
[  247.611781][T11663] EXT4-fs: Ignoring removed bh option
[  247.637617][T11663] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.2291: Allocating blocks 497-513 which overlap fs metadata
[  247.652421][T11663] EXT4-fs (loop7): pa ffff888106aa3af0: logic 256, phys. 369, len 9
[  247.660463][T11663] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  247.681130][T11663] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  247.695859][   T12] Buffer I/O error on dev loop1, logical block 305, lost async page write
[  247.736344][T11673] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  247.742984][T11673] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  247.750700][T11673] vhci_hcd vhci_hcd.0: Device attached
[  247.930817][ T3390] vhci_hcd: vhci_device speed not set
[  247.966082][T11674] vhci_hcd: connection closed
[  247.966579][ T1829] vhci_hcd: stop threads
[  247.975559][ T1829] vhci_hcd: release socket
[  247.979973][ T1829] vhci_hcd: disconnect device
[  247.991355][ T3390] usb 1-1: new full-speed USB device number 15 using vhci_hcd
[  248.009420][T11683] loop1: detected capacity change from 0 to 512
[  248.015718][ T3390] usb 1-1: enqueue for inactive port 0
[  248.015744][ T3390] usb 1-1: enqueue for inactive port 0
[  248.030857][ T3390] usb 1-1: enqueue for inactive port 0
[  248.037016][T11683] EXT4-fs: Ignoring removed mblk_io_submit option
[  248.047668][T11685] loop7: detected capacity change from 0 to 2048
[  248.052027][T11682] lo speed is unknown, defaulting to 1000
[  248.078377][T11685] EXT4-fs mount: 43 callbacks suppressed
[  248.078406][T11685] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.097793][T11683] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.2295: corrupted in-inode xattr: overlapping e_value 
[  248.111901][ T3390] vhci_hcd: vhci_device speed not set
[  248.117780][T11683] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2295: couldn't read orphan inode 15 (err -117)
[  248.130688][T11683] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.195680][T11691] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  248.223194][T11691] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  248.235472][T11691] EXT4-fs (loop7): This should not happen!! Data will be lost
[  248.235472][T11691] 
[  248.245287][T11691] EXT4-fs (loop7): Total free blocks count 0
[  248.251292][T11691] EXT4-fs (loop7): Free/Dirty block details
[  248.257206][T11691] EXT4-fs (loop7): free_blocks=2415919504
[  248.263003][T11691] EXT4-fs (loop7): dirty_blocks=2080
[  248.268322][T11691] EXT4-fs (loop7): Block reservation details
[  248.274343][T11691] EXT4-fs (loop7): i_reserved_data_blocks=130
[  248.303435][T11691] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  248.441990][T11701] loop8: detected capacity change from 0 to 512
[  248.477183][T11701] EXT4-fs: Ignoring removed nomblk_io_submit option
[  248.514579][T11701] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.580966][T11701] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  248.764018][T11711] loop2: detected capacity change from 0 to 128
[  248.834391][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.852140][T11711] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  248.858763][T11711] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  248.866471][T11711] vhci_hcd vhci_hcd.0: Device attached
[  248.874892][T11714] vhci_hcd: connection closed
[  248.875071][  T112] vhci_hcd: stop threads
[  248.884204][  T112] vhci_hcd: release socket
[  248.888649][  T112] vhci_hcd: disconnect device
[  248.973445][T11721] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  249.063938][T10288] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.097154][T11728] loop7: detected capacity change from 0 to 512
[  249.106311][T11728] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.2310: iget: bad i_size value: 38620345925642
[  249.119521][T11728] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.2310: couldn't read orphan inode 15 (err -117)
[  249.131813][T11728] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.151858][T11728] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.2310: bg 0: block 5: invalid block bitmap
[  249.180851][T11728] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  249.193160][T11728] EXT4-fs (loop7): This should not happen!! Data will be lost
[  249.193160][T11728] 
[  249.202856][T11728] EXT4-fs (loop7): Total free blocks count 0
[  249.208841][T11728] EXT4-fs (loop7): Free/Dirty block details
[  249.214754][T11728] EXT4-fs (loop7): free_blocks=0
[  249.219786][T11728] EXT4-fs (loop7): dirty_blocks=16
[  249.224979][T11728] EXT4-fs (loop7): Block reservation details
[  249.230974][T11728] EXT4-fs (loop7): i_reserved_data_blocks=16
[  249.357578][T11734] lo speed is unknown, defaulting to 1000
[  249.738710][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.913791][T11752] loop2: detected capacity change from 0 to 2048
[  249.928443][T11754] FAULT_INJECTION: forcing a failure.
[  249.928443][T11754] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.941610][T11754] CPU: 1 UID: 0 PID: 11754 Comm: syz.0.2321 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  249.941764][T11754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  249.941826][T11754] Call Trace:
[  249.941833][T11754]  <TASK>
[  249.941841][T11754]  __dump_stack+0x1d/0x30
[  249.941863][T11754]  dump_stack_lvl+0xe8/0x140
[  249.941938][T11754]  dump_stack+0x15/0x1b
[  249.941952][T11754]  should_fail_ex+0x265/0x280
[  249.941977][T11754]  should_fail+0xb/0x20
[  249.942007][T11754]  should_fail_usercopy+0x1a/0x20
[  249.942032][T11754]  _copy_from_user+0x1c/0xb0
[  249.942050][T11754]  bpf_test_init+0xdf/0x160
[  249.942133][T11754]  bpf_prog_test_run_xdp+0x274/0x910
[  249.942160][T11754]  ? kstrtouint+0x76/0xc0
[  249.942183][T11754]  ? __rcu_read_unlock+0x4f/0x70
[  249.942277][T11754]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  249.942365][T11754]  bpf_prog_test_run+0x22a/0x390
[  249.942446][T11754]  __sys_bpf+0x3dc/0x790
[  249.942476][T11754]  __x64_sys_bpf+0x41/0x50
[  249.942575][T11754]  x64_sys_call+0x2478/0x2fb0
[  249.942597][T11754]  do_syscall_64+0xd2/0x200
[  249.942672][T11754]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  249.942700][T11754]  ? clear_bhb_loop+0x40/0x90
[  249.942807][T11754]  ? clear_bhb_loop+0x40/0x90
[  249.942905][T11754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.942923][T11754] RIP: 0033:0x7f429ad6e929
[  249.942939][T11754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.942957][T11754] RSP: 002b:00007f42993d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  249.942989][T11754] RAX: ffffffffffffffda RBX: 00007f429af95fa0 RCX: 00007f429ad6e929
[  249.943003][T11754] RDX: 0000000000000050 RSI: 0000200000000500 RDI: 000000000000000a
[  249.943073][T11754] RBP: 00007f42993d7090 R08: 0000000000000000 R09: 0000000000000000
[  249.943084][T11754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.943095][T11754] R13: 0000000000000000 R14: 00007f429af95fa0 R15: 00007ffc7f0907b8
[  249.943109][T11754]  </TASK>
[  249.987677][T11758] loop7: detected capacity change from 0 to 512
[  250.010925][T11752] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.153743][T11758] EXT4-fs (loop7): too many log groups per flexible block group
[  250.182137][T11758] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  250.189528][T11758] EXT4-fs (loop7): mount failed
[  250.214668][T11758] loop7: detected capacity change from 0 to 512
[  250.232619][T11758] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.233253][T11774] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  250.245547][T11758] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  250.260064][T11774] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  250.282407][T11774] EXT4-fs (loop2): This should not happen!! Data will be lost
[  250.282407][T11774] 
[  250.292102][T11774] EXT4-fs (loop2): Total free blocks count 0
[  250.298099][T11774] EXT4-fs (loop2): Free/Dirty block details
[  250.304029][T11774] EXT4-fs (loop2): free_blocks=2415919504
[  250.309816][T11774] EXT4-fs (loop2): dirty_blocks=3104
[  250.312962][T11775] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  250.315194][T11774] EXT4-fs (loop2): Block reservation details
[  250.328113][T11774] EXT4-fs (loop2): i_reserved_data_blocks=194
[  250.338242][T11774] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  250.441820][T11786] loop8: detected capacity change from 0 to 128
[  250.537164][ T9396] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.559522][T11786] bio_check_eod: 59 callbacks suppressed
[  250.559594][T11786] syz.8.2332: attempt to access beyond end of device
[  250.559594][T11786] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  250.579127][T11786] syz.8.2332: attempt to access beyond end of device
[  250.579127][T11786] loop8: rw=2049, sector=169, nr_sectors = 16 limit=128
[  250.592961][T11786] syz.8.2332: attempt to access beyond end of device
[  250.592961][T11786] loop8: rw=2049, sector=193, nr_sectors = 8 limit=128
[  250.613787][T11786] syz.8.2332: attempt to access beyond end of device
[  250.613787][T11786] loop8: rw=2049, sector=209, nr_sectors = 8 limit=128
[  250.613795][T11789] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(10)
[  250.613857][T11789] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  250.613888][T11789] vhci_hcd vhci_hcd.0: Device attached
[  250.613938][T11786] ==================================================================
[  250.613966][T11786] BUG: KCSAN: data-race in data_push_tail / vsnprintf
[  250.614000][T11786] 
[  250.614007][T11786] write to 0xffffffff88e5e7a8 of 1 bytes by task 11789 on cpu 1:
[  250.614023][T11786]  vsnprintf+0x2ce/0x890
[  250.614044][T11786]  vscnprintf+0x41/0x90
[  250.614065][T11786]  printk_sprint+0x30/0x2d0
[  250.614087][T11786]  vprintk_store+0x599/0x860
[  250.614103][T11786]  vprintk_emit+0x178/0x650
[  250.614122][T11786]  dev_vprintk_emit+0x242/0x2a0
[  250.614146][T11786]  dev_printk_emit+0x84/0xb0
[  250.614165][T11786]  __dev_printk+0xf3/0x110
[  250.614187][T11786]  _dev_info+0x9b/0xd0
[  250.614210][T11786]  attach_store+0x495/0x680
[  250.614234][T11786]  dev_attr_store+0x4a/0x70
[  250.614256][T11786]  sysfs_kf_write+0xfb/0x120
[  250.614278][T11786]  kernfs_fop_write_iter+0x1be/0x2d0
[  250.614299][T11786]  vfs_write+0x4a0/0x8e0
[  250.614333][T11786]  ksys_write+0xda/0x1a0
[  250.614350][T11786]  __x64_sys_write+0x40/0x50
[  250.614369][T11786]  x64_sys_call+0x2cdd/0x2fb0
[  250.614394][T11786]  do_syscall_64+0xd2/0x200
[  250.614414][T11786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.614436][T11786] 
[  250.614445][T11786] read to 0xffffffff88e5e7a8 of 8 bytes by task 11786 on cpu 0:
[  250.614464][T11786]  data_push_tail+0xfd/0x420
[  250.614490][T11786]  data_alloc+0xbf/0x2b0
[  250.614514][T11786]  prb_reserve+0x808/0xaf0
[  250.614543][T11786]  vprintk_store+0x56d/0x860
[  250.614559][T11786]  vprintk_emit+0x178/0x650
[  250.614575][T11786]  vprintk_default+0x26/0x30
[  250.614592][T11786]  vprintk+0x1d/0x30
[  250.614612][T11786]  _printk+0x79/0xa0
[  250.614639][T11786]  submit_bio_noacct+0x808/0x8f0
[  250.614660][T11786]  submit_bio+0x227/0x240
[  250.614679][T11786]  mpage_writepages+0x754/0x1250
[  250.614698][T11786]  fat_writepages+0x24/0x30
[  250.614723][T11786]  do_writepages+0x1c3/0x310
[  250.614747][T11786]  file_write_and_wait_range+0x156/0x2c0
[  250.614777][T11786]  __generic_file_fsync+0x46/0x140
[  250.614806][T11786]  fat_file_fsync+0x49/0x100
[  250.614832][T11786]  vfs_fsync_range+0x10d/0x130
[  250.614851][T11786]  generic_file_write_iter+0x1b8/0x2f0
[  250.614871][T11786]  do_iter_readv_writev+0x421/0x4c0
[  250.614888][T11786]  vfs_writev+0x2df/0x8b0
[  250.614907][T11786]  __se_sys_pwritev2+0xfc/0x1c0
[  250.614925][T11786]  __x64_sys_pwritev2+0x67/0x80
[  250.614944][T11786]  x64_sys_call+0x1cea/0x2fb0
[  250.614968][T11786]  do_syscall_64+0xd2/0x200
[  250.614986][T11786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.615009][T11786] 
[  250.615015][T11786] value changed: 0x00000000fffff678 -> 0x63685f6963687620
[  250.615029][T11786] 
[  250.615035][T11786] Reported by Kernel Concurrency Sanitizer on:
[  250.615049][T11786] CPU: 0 UID: 0 PID: 11786 Comm: syz.8.2332 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  250.615080][T11786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.615092][T11786] ==================================================================
[  250.790899][ T3411] vhci_hcd: vhci_device speed not set
[  250.792894][T11786] syz.8.2332: attempt to access beyond end of device
[  250.792894][T11786] loop8: rw=2049, sector=225, nr_sectors = 8 limit=128
[  250.860823][ T3411] usb 17-1: new full-speed USB device number 2 using vhci_hcd
[  250.863761][T11786] syz.8.2332: attempt to access beyond end of device
[  250.863761][T11786] loop8: rw=2049, sector=241, nr_sectors = 8 limit=128
[  250.979063][T11786] syz.8.2332: attempt to access beyond end of device
[  250.979063][T11786] loop8: rw=2049, sector=257, nr_sectors = 8 limit=128
[  250.992512][T11786] syz.8.2332: attempt to access beyond end of device
[  250.992512][T11786] loop8: rw=2049, sector=273, nr_sectors = 8 limit=128
[  251.005952][T11786] syz.8.2332: attempt to access beyond end of device
[  251.005952][T11786] loop8: rw=2049, sector=289, nr_sectors = 9 limit=128
[  251.025343][T11790] vhci_hcd: connection reset by peer
[  251.031135][   T41] vhci_hcd: stop threads
[  251.035425][   T41] vhci_hcd: release socket
[  251.039885][   T41] vhci_hcd: disconnect device
[  255.910858][ T3411] usb 17-1: enqueue for inactive port 0
[  255.916509][ T3411] usb 17-1: enqueue for inactive port 0
[  255.990835][ T3411] vhci_hcd: vhci_device speed not set