last executing test programs:

2m6.578236773s ago: executing program 4 (id=224):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x50, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491}}, {0x4, 0x1b}}]}]}, 0x50}}, 0x0) (fail_nth: 6)

2m6.201337531s ago: executing program 4 (id=227):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{}, &(0x7f00000001c0), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xbe0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[], 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
setgroups(0x0, 0x0)
bind$tipc(r2, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000200)={0x4, &(0x7f0000000000)=[{0x3, 0x5, 0x5, 0x3}, {0x2, 0x0, 0x0, 0x8}, {0x8d8, 0x4, 0x7, 0xe7b}, {0x9, 0xc4, 0xf, 0x9}]}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000d300000000000000008000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00')
inotify_init()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43}, 0xfffffffffffffdfb)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f00000000c0)=@name={0x1e, 0x2, 0x0, {{0x0, 0x4}}}, 0x10, 0x0}, 0x0)

2m5.989239791s ago: executing program 4 (id=231):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

2m5.95779581s ago: executing program 4 (id=232):
mkdir(0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="009f587a31d53b5cb6077bd11087bb6e13aac56feecaaae0b009cee43814e80646ff2772abedb27f35c706ba7c624afb75f473956061ae41834d27270063fa18a3515f9ac6cd6f15a042b1edcd60bdeb55446beed1014aa13d43d399fb4f716b8a24502a8e3e697642b172841c89aecefe0cfb3c32d7c28955601f41fb90d51951d91a35a5abeb4ffceef5cf6e190ec9eb6f91a0d06882039b54dd4485b823414e06691b0244ca11ac0baeaeec1a96861d358464329c64b77e6ff2e2d8a6bb29268be3e7c46750210270d79e1054add6c2ef3f0373", @ANYRESHEX, @ANYRES16], 0x1, 0x128d, &(0x7f0000002300)="$eJzs3U1rXFUcB+D/JJNkkpoXtVZTKB50owhjkoUrN0FSKA4I0RRUEG7NREMmL2SGQERsXLkS/BiiLt0J4hfIxo1rQRDJxmUX4pXJTGymM0nbmGmkPM9mLuec3zn33jNcOHAP9+D1r9bXVurllawRA4VCFLeGongnRYqBGIyWvXj55i+/Xnv73ffenK9UFhZTuj7/zuxrKaWJ5398/9PvXvipcenm9xM/jMT+1AcHf879tn9lf/rg729jtZ5W62ljs5GydGtzs5HdqlXT8mp9rZzStahm9Woqtce4W79S29za2k3ZxvL42NZ2tV5P2cZuWqvupkYhNbZ3U/ZRtrqRyuVyGh8L/oulb+7keR6R50MxHHme56MxFpfiiRiPiZiMqXgynoqn43I8E1fi2Xgupg9bHeWHL/b0AQAAAAAAAAAAAAAAAAAA4DFxn/3/he79/yMXfcoAAAAAAAAAAAAAAAAAAADw2Ll3/38x4iG+/w8AAAAAAAAAAAAAAAAAAACch/t8//+e/f+v2P8PAAAAAAAAAAAAAAAAAAAA/VBq/SymVIpY/2JnaWep9dsqn1+J1ahFNWZiMv6Kw93/La3j66XKwkw6NBWvrt9u52/vLA125meHJmOq0J2/UVmYbeVTZ34kxo7n52IyLvcY/0ZlYa5nvhQvvdjMf97Kl2Myfv4wNqMWyxGF9tUf5j+bTemNtyqjnfmrzXYnGuzztAAAAMB5Kqd/da/f99qNeta3qtrr89RuWei1Pp/puT4vxtXiRV01R+q7n6xltVp1+4wHwyf3M9xZMtpueeaxChGRdcQnxn5fbHZ51pM/t4PBB2s8ej6DDp3eJppzcqxkunRqhwPHZjCK/4ObeQ4Hf3x9rKQU/RprqPl37qo6uqFZrfn8fLAOYy/P+3pbhntVjZyWOvmZUejj84hH6+6kX/SZAAAAAAAAAAAA8DB6vv03GhFd7wN+3FVy9Hp4Z7y755NH//IRXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8ww4cCwAAAAAI87dOo2MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+RTr32")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x11, @empty, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x2, 0x0, 0x0, 0x1c, 0x4, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea000000000000b600", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffff89ffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='kfree\x00'}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x201, 0xb1)

2m5.295254318s ago: executing program 4 (id=244):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
write$tun(0xffffffffffffffff, 0x0, 0x3a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
membarrier(0x10, 0x0)
membarrier(0x8, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

2m4.559801545s ago: executing program 4 (id=252):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={<r1=>r0, 0x7, 0x80000000, 0xffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xf, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702ae93000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x2}, 0x8)
sendto$inet6(r3, &(0x7f0000001240)='>', 0x1, 0x0, &(0x7f00000012c0)={0xa, 0x0, 0x0, @local, 0x1}, 0x1c)
shutdown(r3, 0x1)

2m4.554109785s ago: executing program 32 (id=252):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={<r1=>r0, 0x7, 0x80000000, 0xffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xf, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702ae93000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x2}, 0x8)
sendto$inet6(r3, &(0x7f0000001240)='>', 0x1, 0x0, &(0x7f00000012c0)={0xa, 0x0, 0x0, @local, 0x1}, 0x1c)
shutdown(r3, 0x1)

4.650499108s ago: executing program 2 (id=2304):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1c1c41, 0x6)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r5 = dup(r1)
write$P9_RLERRORu(r5, &(0x7f0000000300)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00\x00', @ANYBLOB='N'], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

4.516680157s ago: executing program 2 (id=2306):
r0 = syz_io_uring_setup(0x4b5, &(0x7f0000000140)={0x0, 0x86e1, 0x1, 0x20000a}, &(0x7f0000010080), &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x8, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
creat(0x0, 0x81)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000080)={{0xa, 0x0, 0x101, @empty}, {0xa, 0x0, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x0, {[0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x1]}}, 0x5c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_PRI(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x68, 0x0, 0x1, 0x0, 0x400000, {{}, {0x0, 0x410c}, {0x4c, 0x14, {0xfffffff0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}], 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3000003, 0x200000006c832, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

3.847515675s ago: executing program 1 (id=2326):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="190000000400000008000000ff"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
mount_setattr(r0, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0xb}, 0x20)

3.839492435s ago: executing program 1 (id=2327):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000180)={r2, 0x105c, 0xffffffffffffff80, 0x3})
syz_clone3(0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_udp(0xa, 0x2, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x80, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x44, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x20, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x104}}, 0x0)
ioctl$TCSETA(r4, 0x4b6a, &(0x7f0000000340)={0xfeff, 0x0, 0x0, 0xfeff, 0x3, "72710080ab003f00"})
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000040)={0x8, 0x8, 0x7})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x3, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x3b}, [], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.864165781s ago: executing program 1 (id=2344):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r6}, 0x10)
eventfd2(0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x18, 0x80003, 0x7)
write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
dup2(r7, r8)

2.310900359s ago: executing program 5 (id=2352):
mprotect(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @none}, 0x8)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f00000021c0)=0x1, 0x4)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2008, 0x800})
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000040), 0x4)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4, 0x0, 0x46}, 0x18)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000940)=ANY=[@ANYBLOB="4400000011002901800000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0)

2.310550199s ago: executing program 5 (id=2353):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x9135}, 0x18)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

2.251643579s ago: executing program 5 (id=2354):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000180)={r2, 0x105c, 0xffffffffffffff80, 0x3})
syz_clone3(0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_udp(0xa, 0x2, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x80, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x44, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x20, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x104}}, 0x0)
ioctl$TCSETA(r4, 0x4b6a, &(0x7f0000000340)={0xfeff, 0x0, 0x0, 0xfeff, 0x3, "72710080ab003f00"})
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000040)={0x8, 0x8, 0x7})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x3, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x3b}, [], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.951542407s ago: executing program 1 (id=2355):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="1200000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r0], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r2}, 0x10)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x3d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x4}}}}]}, 0x4c}}, 0x20000844)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0xffd, '\x00', 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='mm_page_free\x00'}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
sendto$inet(r8, 0x0, 0x0, 0x24000080, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r9 = gettid()
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r10, &(0x7f0000001340)=[{&(0x7f0000001280)=""/138, 0x8a}], 0x1)
readv(r10, &(0x7f0000001240)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2809426, &(0x7f00000002c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1000}}, {@nodiscard}, {@debug}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")

1.329248945s ago: executing program 5 (id=2365):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r6}, 0x10)
eventfd2(0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x18, 0x80003, 0x7)
write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
dup2(r7, r8)

1.294809415s ago: executing program 5 (id=2366):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
r1 = getpid()
kcmp(r1, r1, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r3, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x12, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r4, r3, 0x0, 0x578410eb)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r6}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)

1.255759405s ago: executing program 2 (id=2368):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000009"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r3, 0x4028700f, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000140)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@grpid}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")

1.122362174s ago: executing program 3 (id=2370):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x9135}, 0x18)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

1.042374714s ago: executing program 3 (id=2371):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1b02ffffff001d0000000012873520669d28fd00e5b83186db90933228103cda0b0e5dae1ea3fe7019d485e79ef96e0ab67750a20cee7a32fcf7dee856b712ff1dd4ba60ae109e10cc0242ffd676a2e8dbbef4be0b09b145dc552a1dae3829c8812172d0b973b52cc39ee4b565c2feb491c9e9542b726e679a52b8c8bfd23a6c605ae92ef1811d535c32a28c5313", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$inet(0x2, 0x80000, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000f4977b241173141c277bfca9dd060000000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)

1.041634324s ago: executing program 2 (id=2372):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xa3500, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f00000003c0)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000102", 0xfffff, r0)

1.001736614s ago: executing program 1 (id=2373):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1c1c41, 0x6)
write$P9_RVERSION(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00\x00', @ANYBLOB='N'], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

977.968503ms ago: executing program 3 (id=2374):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xa3500, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f00000003c0)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000102", 0xfffff, r1)

961.583754ms ago: executing program 2 (id=2375):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000180)={r2, 0x105c, 0xffffffffffffff80, 0x3})
syz_clone3(0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_udp(0xa, 0x2, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x80, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x44, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x20, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x104}}, 0x0)
ioctl$TCSETA(r4, 0x4b6a, &(0x7f0000000340)={0xfeff, 0x0, 0x0, 0xfeff, 0x3, "72710080ab003f00"})
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000040)={0x8, 0x8, 0x7})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x3, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x3b}, [], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

917.576933ms ago: executing program 3 (id=2376):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r6}, 0x10)
eventfd2(0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x18, 0x80003, 0x7)
write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
dup2(r7, r8)

906.288833ms ago: executing program 0 (id=2377):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70219c40000000085000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r4, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x0, 0x0, 0x20e, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5})

905.832023ms ago: executing program 1 (id=2378):
r0 = syz_io_uring_setup(0x4b5, &(0x7f0000000140)={0x0, 0x86e1, 0x1, 0x20000a}, &(0x7f0000010080), &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x8, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
creat(0x0, 0x81)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000080)={{0xa, 0x0, 0x101, @empty}, {0xa, 0x0, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x0, {[0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x1]}}, 0x5c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_PRI(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x68, 0x0, 0x1, 0x0, 0x400000, {{}, {0x0, 0x410c}, {0x4c, 0x14, {0xfffffff0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}], 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3000003, 0x200000006c832, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

869.093163ms ago: executing program 3 (id=2379):
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff00c}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

803.783603ms ago: executing program 0 (id=2380):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0xe, 0xb, 0x8}]}, 0x10)

756.111282ms ago: executing program 0 (id=2381):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x9135}, 0x18)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

710.561032ms ago: executing program 0 (id=2382):
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff00c}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

529.039732ms ago: executing program 3 (id=2383):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="1200000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r0], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r2}, 0x10)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x3d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x4}}}}]}, 0x4c}}, 0x20000844)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0xffd, '\x00', 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='mm_page_free\x00'}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
sendto$inet(r8, 0x0, 0x0, 0x24000080, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r9 = gettid()
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r10, &(0x7f0000001340)=[{&(0x7f0000001280)=""/138, 0x8a}], 0x1)
readv(r10, &(0x7f0000001240)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2809426, &(0x7f00000002c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1000}}, {@nodiscard}, {@debug}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")

417.764891ms ago: executing program 0 (id=2384):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1b02ffffff001d0000000012873520669d28fd00e5b83186db90933228103cda0b0e5dae1ea3fe7019d485e79ef96e0ab67750a20cee7a32fcf7dee856b712ff1dd4ba60ae109e10cc0242ffd676a2e8dbbef4be0b09b145dc552a1dae3829c8812172d0b973b52cc39ee4b565c2feb491c9e9542b726e679a52b8c8bfd23a6c605ae92ef1811d535c32a28c5313", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000000)='./file0\x00', 0x4000, &(0x7f0000000700)=ANY=[@ANYRESDEC=r0, @ANYRESOCT], 0xfd, 0x299, &(0x7f0000000280)="$eJzs3M9rE0EUwPHXtGnTlDY5iKAgPvSil6WNf0GQFsSAUhtRD8LUbjRkTUp2jUTE9ubVv6N49CZY/4FevHkXL0UQvPQgXelu1mxLsD9s3Np8P1B2ujMvM7s7CW8XdjbvvXlaq7hWxXiSyqikRFZlSyS/U+oY6mxTQXlU4lbl6sSPzxfu3H9ws1gqzc6rzhUXrhVUderih+cv31766E3cfTf1fkw28g83vxe+bJzdOLe5vRB9esNTo4uNhmcWHVuXqm7NUr3t2Ma1tVp37eau+orTWF5uq6kvTWaXm7brqqm3tWa31Wuo12yreWyqdbUsSyezMmiGDx1RXpufN8W+DAZJGO+1s9ksmuGeleW1fzEoAABwsiSV/z+pulp1tb5f/p8S8v/+CfL/7Z5JI06H9M4NQNFkO9/f3cj/AQAAAAAAAAAAAAAAAAAAAAD4H2z5fs73/Vy0jf7GRCQjItH/SY8T/XGE6z+U4HBxzGIv7mVEnNetcqscbsP6YkWq4ogt02mRn8F86AjLczdKs9MayMu6s9KJD14SHIviI/ne8TNhvMbiV1rltGTj/RckJ2d6xxf2xKdFpFUelSuXY/GW5OTTI2mII0vBvO7Gv5pRvX6rtKf/8aAdAAAAAACngaW/5Xff/4arSVqWRsuG7KkPd3afD0hun+cDKuuj0o0fkfMjyR03AAAAAACDxG2/qBnHsZsUDlcYxFNnZcJJ88fGvu+v7DT6+05TIpLQkX4TkRNwwo+78PVZeAEP0jjJXyUAAAAA/dBN+pMeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg+ugi4dF7Y+y9lisu+FkjhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GX4FAAD//z2KG1o=")
socket$inet(0x2, 0x80000, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000f4977b241173141c277bfca9dd060000000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)

255.493221ms ago: executing program 0 (id=2385):
syz_mount_image$ext4(&(0x7f0000000780)='ext3\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000540)={[], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@fowner_eq}, {@uid_eq}, {@fscontext={'fscontext', 0x3d, 'system_u'}}]}, 0x1, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff00c}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="000631f7cec19cec2e02050000000000000000a36bce8627d94306c1008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

255.231311ms ago: executing program 5 (id=2386):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x3, 0x801, 0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001300290a00000000000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0)

0s ago: executing program 2 (id=2387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
close(r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'batadv_slave_0\x00'})
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r3, 0x2275, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

er parsing attributes in process `syz.1.1537'.
[  132.355556][ T8911] loop2: detected capacity change from 0 to 1024
[  132.358117][ T8905] loop0: detected capacity change from 0 to 512
[  132.364586][ T8911] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.396113][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.428920][ T8905] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.441708][ T8905] ext4 filesystem being mounted at /351/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.473354][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.590848][ T8932] loop0: detected capacity change from 0 to 8192
[  132.614401][ T8932]  loop0: p1 p2 < > p3 p4 < p5 >
[  132.619430][ T8932] loop0: partition table partially beyond EOD, truncated
[  132.629263][ T8932] loop0: p1 size 108986119 extends beyond EOD, truncated
[  132.637716][ T8932] loop0: p2 start 591104 is beyond EOD, truncated
[  132.644183][ T8932] loop0: p3 size 50462720 extends beyond EOD, truncated
[  132.652679][ T8932] loop0: p5 size 108986119 extends beyond EOD, truncated
[  132.698891][ T8955] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1543'.
[  132.709219][ T8955] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1543'.
[  132.720337][ T8955] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1543'.
[  132.736728][ T8955] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1543'.
[  132.800988][ T8968] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[  132.849555][ T8974] loop3: detected capacity change from 0 to 512
[  132.856458][ T8974] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  132.867163][ T8974] EXT4-fs (loop3): 1 truncate cleaned up
[  132.873256][ T8974] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.895772][ T8977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.905023][ T8977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.165180][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.190115][ T8980] loop3: detected capacity change from 0 to 512
[  133.214105][ T8980] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.1549: Failed to acquire dquot type 1
[  133.226264][ T8980] EXT4-fs (loop3): 1 truncate cleaned up
[  133.232329][ T8980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.245243][ T8980] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.288348][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.375522][ T8988] loop3: detected capacity change from 0 to 512
[  133.395895][ T8988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.412545][ T8988] ext4 filesystem being mounted at /329/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.429156][ T8988] bpf_get_probe_write_proto: 2 callbacks suppressed
[  133.429174][ T8988] syz.3.1551[8988] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.437471][ T8988] syz.3.1551[8988] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.449068][ T8988] syz.3.1551[8988] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.487452][ T8988] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #19: comm syz.3.1551: corrupted inode contents
[  133.513274][ T8988] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #19: comm syz.3.1551: mark_inode_dirty error
[  133.531378][ T8988] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #19: comm syz.3.1551: corrupted inode contents
[  133.544103][ T8988] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3006: inode #19: comm syz.3.1551: mark_inode_dirty error
[  133.556416][ T8988] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3009: inode #19: comm syz.3.1551: mark inode dirty (error -117)
[  133.569528][ T8988] EXT4-fs warning (device loop3): ext4_evict_inode:276: xattr delete (err -117)
[  133.624742][ T8999] loop1: detected capacity change from 0 to 8192
[  133.643520][ T9005] loop2: detected capacity change from 0 to 512
[  133.650266][ T8999]  loop1: p1 p2 < > p3 p4 < p5 >
[  133.650785][ T9005] EXT4-fs: Ignoring removed bh option
[  133.655505][ T8999] loop1: partition table partially beyond EOD, truncated
[  133.666983][ T9005] journal_path: Non-blockdev passed as './bus'
[  133.670973][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.674274][ T9005] EXT4-fs: error: could not find journal device path
[  133.683516][ T8999] loop1: p1 size 108986119 extends beyond EOD, truncated
[  133.700002][ T8999] loop1: p2 start 591104 is beyond EOD, truncated
[  133.706519][ T8999] loop1: p3 size 50462720 extends beyond EOD, truncated
[  133.717099][ T8999] loop1: p5 size 108986119 extends beyond EOD, truncated
[  133.730779][ T9007] loop3: detected capacity change from 0 to 512
[  133.781003][ T9007] __quota_error: 364 callbacks suppressed
[  133.781022][ T9007] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  133.796914][ T9007] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  133.807037][ T9007] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.1558: Failed to acquire dquot type 1
[  133.821714][ T9010] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  133.835392][ T9007] EXT4-fs (loop3): 1 truncate cleaned up
[  133.845650][ T9007] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.860558][ T9007] ext4 filesystem being mounted at /330/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.889311][ T9012] bridge_slave_0: left allmulticast mode
[  133.895162][ T9012] bridge_slave_0: left promiscuous mode
[  133.900931][ T9012] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.910430][ T9012] bridge_slave_1: left allmulticast mode
[  133.916122][ T9012] bridge_slave_1: left promiscuous mode
[  133.921925][ T9012] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.932620][ T9012] bond0: (slave bond_slave_0): Releasing backup interface
[  133.940951][ T9012] bond0: (slave bond_slave_1): Releasing backup interface
[  133.950004][ T9012] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.957722][ T9012] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.981541][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.037620][ T9038] loop3: detected capacity change from 0 to 1024
[  134.051790][ T9038] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.072944][   T29] audit: type=1326 audit(1736315797.426:7061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9037 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  134.096571][   T29] audit: type=1326 audit(1736315797.426:7062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9037 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  134.119947][   T29] audit: type=1326 audit(1736315797.426:7063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9037 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  134.143308][   T29] audit: type=1326 audit(1736315797.426:7064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9037 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  134.166553][   T29] audit: type=1326 audit(1736315797.426:7065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9037 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  134.190324][   T29] audit: type=1326 audit(1736315797.426:7066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9037 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  134.213645][   T29] audit: type=1326 audit(1736315797.426:7067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9037 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  134.236961][   T29] audit: type=1326 audit(1736315797.426:7068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9037 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  134.261228][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.563121][ T9089] loop1: detected capacity change from 0 to 512
[  134.799855][ T9099] SELinux: syz.2.1566 (9099) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  134.913442][ T9126] bridge0: port 1(vlan2) entered blocking state
[  134.919798][ T9126] bridge0: port 1(vlan2) entered disabled state
[  134.927515][ T9126] vlan2: entered allmulticast mode
[  134.934521][ T9126] vlan2: left allmulticast mode
[  135.022789][ T9143] loop5: detected capacity change from 0 to 512
[  135.051310][ T9143] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.1571: Failed to acquire dquot type 1
[  135.063449][ T9143] EXT4-fs (loop5): 1 truncate cleaned up
[  135.069584][ T9143] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.083651][ T9143] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.146105][ T9164] loop2: detected capacity change from 0 to 512
[  135.159316][ T9164] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.176012][ T9164] ext4 filesystem being mounted at /344/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.187876][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.209696][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.336172][ T9172] loop2: detected capacity change from 0 to 8192
[  135.381791][ T9172]  loop2: p1 p2 < > p3 p4 < p5 >
[  135.386836][ T9172] loop2: partition table partially beyond EOD, truncated
[  135.404999][ T9172] loop2: p1 size 108986119 extends beyond EOD, truncated
[  135.422045][ T9172] loop2: p2 start 591104 is beyond EOD, truncated
[  135.428610][ T9172] loop2: p3 size 50462720 extends beyond EOD, truncated
[  135.445680][ T9172] loop2: p5 size 108986119 extends beyond EOD, truncated
[  135.600503][ T9198] loop2: detected capacity change from 0 to 512
[  135.627842][ T9198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.651509][ T9194] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1583'.
[  135.662302][ T9198] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.763170][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.808110][ T9211] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 19971 - 0
[  135.818077][ T9211] netdevsim netdevsim3 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  135.821711][ T9213] loop2: detected capacity change from 0 to 164
[  135.837906][ T9213] nfs: Unknown parameter '**.'
[  135.886022][ T9211] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 19971 - 0
[  135.896008][ T9211] netdevsim netdevsim3 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  135.947868][ T9211] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 19971 - 0
[  135.957790][ T9211] netdevsim netdevsim3 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  135.982504][ T9220] loop5: detected capacity change from 0 to 512
[  136.022219][ T9211] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 19971 - 0
[  136.032161][ T9211] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  136.073483][ T9226] loop2: detected capacity change from 0 to 1024
[  136.088908][ T9228] loop0: detected capacity change from 0 to 512
[  136.110100][ T9228] journal_path: Non-blockdev passed as './file1'
[  136.115618][ T9226] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.116606][ T9228] EXT4-fs: error: could not find journal device path
[  136.150597][ T9211] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 19971 - 0
[  136.158941][ T9211] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  136.206851][ T9231] loop0: detected capacity change from 0 to 512
[  136.214406][ T9231] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  136.217763][ T9211] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 19971 - 0
[  136.232649][ T9211] netdevsim netdevsim3 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  136.244857][ T9211] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 19971 - 0
[  136.249334][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.253399][ T9211] netdevsim netdevsim3 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  136.274215][ T9211] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 19971 - 0
[  136.278410][ T9231] EXT4-fs (loop0): 1 truncate cleaned up
[  136.282566][ T9211] netdevsim netdevsim3 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  136.324414][ T9231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.345193][ T9231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.415751][ T9242] loop0: detected capacity change from 0 to 512
[  136.427789][ T9242] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.1597: Failed to acquire dquot type 1
[  136.447045][ T9246] loop2: detected capacity change from 0 to 1024
[  136.451761][ T9242] EXT4-fs (loop0): 1 truncate cleaned up
[  136.464815][ T9242] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.477149][ T9246] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.484999][ T9242] ext4 filesystem being mounted at /357/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.517963][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.564268][ T9254] loop3: detected capacity change from 0 to 1024
[  136.565801][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.601844][ T9254] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.667692][ T9267] loop2: detected capacity change from 0 to 1024
[  136.685864][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.696912][ T9268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.709715][ T9268] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.755023][ T9267] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.784020][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.660147][ T9309] loop3: detected capacity change from 0 to 512
[  137.667150][ T9308] bond0: (slave batadv0): Releasing backup interface
[  137.760231][ T9312] loop2: detected capacity change from 0 to 1024
[  137.784036][ T9312] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.795318][ T9316] loop5: detected capacity change from 0 to 1024
[  137.807285][ T9316] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.820718][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.843984][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.911420][ T9322] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1620'.
[  138.367860][ T9348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1627'.
[  138.389501][ T9350] loop1: detected capacity change from 0 to 1024
[  138.398895][ T9350] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.425917][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.428972][ T9352] loop3: detected capacity change from 0 to 1024
[  138.445417][ T9352] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  138.459589][ T9354] loop1: detected capacity change from 0 to 1024
[  138.466993][ T9352] JBD2: no valid journal superblock found
[  138.472807][ T9352] EXT4-fs (loop3): Could not load journal inode
[  138.487404][ T9354] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.514744][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.857166][ T9372] loop5: detected capacity change from 0 to 512
[  138.878582][ T9372] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.891295][ T9372] ext4 filesystem being mounted at /263/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.923952][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.005089][ T9385] loop2: detected capacity change from 0 to 1024
[  139.028425][ T9385] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.062543][ T9388] loop1: detected capacity change from 0 to 512
[  139.116956][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.138140][ T9390] loop5: detected capacity change from 0 to 512
[  139.149870][ T9390] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  139.172958][ T9390] EXT4-fs (loop5): 1 truncate cleaned up
[  139.173367][ T9392] loop2: detected capacity change from 0 to 512
[  139.179118][ T9390] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.186094][ T9392] journal_path: Non-blockdev passed as './file1'
[  139.203613][ T9392] EXT4-fs: error: could not find journal device path
[  139.214027][ T9390] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.260533][ T9396] FAULT_INJECTION: forcing a failure.
[  139.260533][ T9396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.273714][ T9396] CPU: 0 UID: 0 PID: 9396 Comm: syz.5.1644 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  139.284484][ T9396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  139.294620][ T9396] Call Trace:
[  139.297902][ T9396]  <TASK>
[  139.300878][ T9396]  dump_stack_lvl+0xf2/0x150
[  139.305559][ T9396]  dump_stack+0x15/0x1a
[  139.309741][ T9396]  should_fail_ex+0x223/0x230
[  139.314441][ T9396]  should_fail+0xb/0x10
[  139.318600][ T9396]  should_fail_usercopy+0x1a/0x20
[  139.323662][ T9396]  _copy_from_user+0x1e/0xb0
[  139.328271][ T9396]  get_timespec64+0x49/0x140
[  139.332944][ T9396]  __se_sys_nanosleep+0x46/0x2c0
[  139.337946][ T9396]  ? ksys_write+0x176/0x1b0
[  139.342460][ T9396]  __x64_sys_nanosleep+0x31/0x40
[  139.347478][ T9396]  x64_sys_call+0x1ea7/0x2dc0
[  139.352183][ T9396]  do_syscall_64+0xc9/0x1c0
[  139.356707][ T9396]  ? clear_bhb_loop+0x55/0xb0
[  139.361473][ T9396]  ? clear_bhb_loop+0x55/0xb0
[  139.366161][ T9396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.372347][ T9396] RIP: 0033:0x7fbb4d1a5d29
[  139.376778][ T9396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.396418][ T9396] RSP: 002b:00007fbb4b817038 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[  139.404853][ T9396] RAX: ffffffffffffffda RBX: 00007fbb4d395fa0 RCX: 00007fbb4d1a5d29
[  139.412855][ T9396] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  139.420840][ T9396] RBP: 00007fbb4b817090 R08: 0000000000000000 R09: 0000000000000000
[  139.428979][ T9396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.436962][ T9396] R13: 0000000000000001 R14: 00007fbb4d395fa0 R15: 00007ffe3a120508
[  139.444981][ T9396]  </TASK>
[  139.490406][   T29] kauditd_printk_skb: 218 callbacks suppressed
[  139.490422][   T29] audit: type=1326 audit(1736315802.501:7283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.520532][   T29] audit: type=1326 audit(1736315802.501:7284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.544078][   T29] audit: type=1326 audit(1736315802.501:7285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.567534][   T29] audit: type=1326 audit(1736315802.501:7286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.591031][   T29] audit: type=1326 audit(1736315802.501:7287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.614443][   T29] audit: type=1326 audit(1736315802.501:7288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.637854][   T29] audit: type=1326 audit(1736315802.501:7289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.661491][   T29] audit: type=1326 audit(1736315802.501:7290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.684927][   T29] audit: type=1326 audit(1736315802.501:7291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.708399][   T29] audit: type=1326 audit(1736315802.501:7292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9403 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  139.959504][ T9430] loop0: detected capacity change from 0 to 512
[  139.966313][ T9430] journal_path: Non-blockdev passed as './file1'
[  139.972723][ T9430] EXT4-fs: error: could not find journal device path
[  140.006213][ T9432] loop0: detected capacity change from 0 to 1024
[  140.028076][ T9432] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.053513][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.076438][ T9435] loop0: detected capacity change from 0 to 164
[  140.085112][ T9435] nfs: Unknown parameter '**.'
[  140.227982][ T9441] loop0: detected capacity change from 0 to 512
[  140.234711][ T9441] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  140.245847][ T9441] EXT4-fs (loop0): 1 truncate cleaned up
[  140.698719][ T9450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1662'.
[  140.707796][ T9450] IPVS: Unknown mcast interface: vcan0
[  140.716430][ T9450] SELinux: failed to load policy
[  140.774030][ T9458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1665'.
[  140.782988][ T9458] IPVS: Unknown mcast interface: vcan0
[  140.790314][ T9458] SELinux: failed to load policy
[  140.857565][ T9462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.866242][ T9462] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.880740][ T9463] netlink: 'syz.1.1666': attribute type 10 has an invalid length.
[  140.889486][ T9463] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.897476][ T9463] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  141.250039][ T9466] netlink: 'syz.0.1668': attribute type 10 has an invalid length.
[  141.427711][ T9468] FAULT_INJECTION: forcing a failure.
[  141.427711][ T9468] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.440829][ T9468] CPU: 0 UID: 0 PID: 9468 Comm: syz.3.1669 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  141.451522][ T9468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.461754][ T9468] Call Trace:
[  141.465075][ T9468]  <TASK>
[  141.468003][ T9468]  dump_stack_lvl+0xf2/0x150
[  141.472672][ T9468]  dump_stack+0x15/0x1a
[  141.476911][ T9468]  should_fail_ex+0x223/0x230
[  141.481610][ T9468]  should_fail+0xb/0x10
[  141.485835][ T9468]  should_fail_usercopy+0x1a/0x20
[  141.490884][ T9468]  _copy_to_user+0x20/0xa0
[  141.495332][ T9468]  simple_read_from_buffer+0xa0/0x110
[  141.500766][ T9468]  proc_fail_nth_read+0xf9/0x140
[  141.505769][ T9468]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  141.511361][ T9468]  vfs_read+0x1a2/0x700
[  141.515542][ T9468]  ? ipv6_setsockopt+0xd1/0x130
[  141.520422][ T9468]  ? __rcu_read_unlock+0x4e/0x70
[  141.525492][ T9468]  ? __fget_files+0x17c/0x1c0
[  141.530253][ T9468]  ksys_read+0xe8/0x1b0
[  141.534422][ T9468]  __x64_sys_read+0x42/0x50
[  141.538934][ T9468]  x64_sys_call+0x2874/0x2dc0
[  141.543664][ T9468]  do_syscall_64+0xc9/0x1c0
[  141.548185][ T9468]  ? clear_bhb_loop+0x55/0xb0
[  141.552869][ T9468]  ? clear_bhb_loop+0x55/0xb0
[  141.557548][ T9468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.563532][ T9468] RIP: 0033:0x7f6d8635473c
[  141.567966][ T9468] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  141.587599][ T9468] RSP: 002b:00007f6d849c1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  141.596114][ T9468] RAX: ffffffffffffffda RBX: 00007f6d86545fa0 RCX: 00007f6d8635473c
[  141.604085][ T9468] RDX: 000000000000000f RSI: 00007f6d849c10a0 RDI: 0000000000000004
[  141.612137][ T9468] RBP: 00007f6d849c1090 R08: 0000000000000000 R09: 0000000000000000
[  141.620116][ T9468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.628091][ T9468] R13: 0000000000000000 R14: 00007f6d86545fa0 R15: 00007ffc86e3ce28
[  141.636078][ T9468]  </TASK>
[  141.720283][ T9478] FAULT_INJECTION: forcing a failure.
[  141.720283][ T9478] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.733424][ T9478] CPU: 1 UID: 0 PID: 9478 Comm: syz.1.1674 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  141.744144][ T9478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.754302][ T9478] Call Trace:
[  141.757704][ T9478]  <TASK>
[  141.760695][ T9478]  dump_stack_lvl+0xf2/0x150
[  141.765325][ T9478]  dump_stack+0x15/0x1a
[  141.769561][ T9478]  should_fail_ex+0x223/0x230
[  141.774271][ T9478]  should_fail+0xb/0x10
[  141.778507][ T9478]  should_fail_usercopy+0x1a/0x20
[  141.783581][ T9478]  _copy_to_user+0x20/0xa0
[  141.788139][ T9478]  simple_read_from_buffer+0xa0/0x110
[  141.793549][ T9478]  proc_fail_nth_read+0xf9/0x140
[  141.798577][ T9478]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  141.804242][ T9478]  vfs_read+0x1a2/0x700
[  141.808415][ T9478]  ? __rcu_read_unlock+0x4e/0x70
[  141.813394][ T9478]  ? __fget_files+0x17c/0x1c0
[  141.818098][ T9478]  ksys_read+0xe8/0x1b0
[  141.822644][ T9478]  __x64_sys_read+0x42/0x50
[  141.827189][ T9478]  x64_sys_call+0x2874/0x2dc0
[  141.831889][ T9478]  do_syscall_64+0xc9/0x1c0
[  141.836420][ T9478]  ? clear_bhb_loop+0x55/0xb0
[  141.841162][ T9478]  ? clear_bhb_loop+0x55/0xb0
[  141.845897][ T9478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.851862][ T9478] RIP: 0033:0x7f9805b9473c
[  141.856297][ T9478] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  141.868356][ T9484] loop2: detected capacity change from 0 to 8192
[  141.875989][ T9478] RSP: 002b:00007f9804201030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  141.876016][ T9478] RAX: ffffffffffffffda RBX: 00007f9805d85fa0 RCX: 00007f9805b9473c
[  141.876032][ T9478] RDX: 000000000000000f RSI: 00007f98042010a0 RDI: 0000000000000004
[  141.906830][ T9478] RBP: 00007f9804201090 R08: 0000000000000000 R09: 0000000000000003
[  141.914895][ T9478] R10: 0000000000001200 R11: 0000000000000246 R12: 0000000000000001
[  141.922866][ T9478] R13: 0000000000000000 R14: 00007f9805d85fa0 R15: 00007ffe990c7098
[  141.930928][ T9478]  </TASK>
[  141.949221][ T9484]  loop2: p1 p2 < > p3 p4 < p5 >
[  141.954343][ T9484] loop2: partition table partially beyond EOD, truncated
[  141.962049][ T9484] loop2: p1 size 108986119 extends beyond EOD, truncated
[  141.971410][ T9484] loop2: p2 start 591104 is beyond EOD, truncated
[  141.977878][ T9484] loop2: p3 size 50462720 extends beyond EOD, truncated
[  141.989901][ T9484] loop2: p5 size 108986119 extends beyond EOD, truncated
[  142.030220][ T7630] udevd[7630]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[  142.043717][ T3457] udevd[3457]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  142.043796][ T6120] udevd[6120]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  142.054928][ T3462] udevd[3462]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  142.114097][ T9490] loop1: detected capacity change from 0 to 8192
[  142.168181][ T9490]  loop1: p1 p2 < > p3 p4 < p5 >
[  142.173222][ T9490] loop1: partition table partially beyond EOD, truncated
[  142.180349][ T9490] loop1: p1 size 108986119 extends beyond EOD, truncated
[  142.188275][ T9490] loop1: p2 start 591104 is beyond EOD, truncated
[  142.194840][ T9490] loop1: p3 size 50462720 extends beyond EOD, truncated
[  142.203056][ T9490] loop1: p5 size 108986119 extends beyond EOD, truncated
[  142.222646][ T9507] netlink: 'syz.2.1684': attribute type 10 has an invalid length.
[  142.234952][ T9507] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.262143][ T9507] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  142.275542][ T9510] loop0: detected capacity change from 0 to 512
[  142.282392][ T9508] $Hÿ: (slave batadv0): Releasing backup interface
[  142.286146][ T9510] EXT4-fs: Ignoring removed bh option
[  142.295404][ T9508] batadv0: left promiscuous mode
[  142.297246][ T9510] journal_path: Non-blockdev passed as './bus'
[  142.306710][ T9510] EXT4-fs: error: could not find journal device path
[  142.334979][ T7630] udevd[7630]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  142.347200][ T6120] udevd[6120]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  142.355370][ T9512] loop1: detected capacity change from 0 to 512
[  142.364803][ T3462] udevd[3462]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  142.364982][ T6121] udevd[6121]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  142.395498][ T9512] EXT4-fs: Ignoring removed bh option
[  142.408677][ T9512] journal_path: Non-blockdev passed as './bus'
[  142.414876][ T9512] EXT4-fs: error: could not find journal device path
[  142.475215][ T9514] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1688'.
[  142.520673][ T9524] loop0: detected capacity change from 0 to 512
[  142.528136][ T9524] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  142.545386][ T9526] bridge0: port 1(vlan0) entered blocking state
[  142.551805][ T9526] bridge0: port 1(vlan0) entered disabled state
[  142.556466][ T9522] loop3: detected capacity change from 0 to 8192
[  142.559963][ T9526] vlan0: entered allmulticast mode
[  142.566007][ T9524] EXT4-fs (loop0): 1 truncate cleaned up
[  142.575501][ T9526] vlan0: left allmulticast mode
[  142.622217][ T9522]  loop3: p1 p2 < > p3 p4 < p5 >
[  142.625307][ T9532] bridge0: port 2(vlan2) entered blocking state
[  142.627183][ T9522] loop3: partition table partially beyond EOD, truncated
[  142.633572][ T9532] bridge0: port 2(vlan2) entered disabled state
[  142.641785][ T9522] loop3: p1 size 108986119 extends beyond EOD, truncated
[  142.654947][ T9532] vlan2: entered allmulticast mode
[  142.661584][ T9522] loop3: p2 start 591104 is beyond EOD, truncated
[  142.668114][ T9522] loop3: p3 size 50462720 extends beyond EOD, truncated
[  142.677005][ T9532] vlan2: left allmulticast mode
[  142.685245][ T9522] loop3: p5 size 108986119 extends beyond EOD, truncated
[  142.752712][ T9541] loop0: detected capacity change from 0 to 512
[  142.759354][ T9541] journal_path: Non-blockdev passed as './file1'
[  142.765786][ T9541] EXT4-fs: error: could not find journal device path
[  142.799350][ T9543] loop0: detected capacity change from 0 to 512
[  142.808521][ T9546] FAULT_INJECTION: forcing a failure.
[  142.808521][ T9546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.808923][ T9543] EXT4-fs: Ignoring removed bh option
[  142.821675][ T9546] CPU: 1 UID: 0 PID: 9546 Comm: syz.3.1698 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  142.827289][ T9543] journal_path: Non-blockdev passed as './bus'
[  142.837669][ T9546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.837687][ T9546] Call Trace:
[  142.837695][ T9546]  <TASK>
[  142.837704][ T9546]  dump_stack_lvl+0xf2/0x150
[  142.837776][ T9546]  dump_stack+0x15/0x1a
[  142.843973][ T9543] EXT4-fs: error: could not find journal device path
[  142.853930][ T9546]  should_fail_ex+0x223/0x230
[  142.880416][ T9546]  should_fail+0xb/0x10
[  142.884616][ T9546]  should_fail_usercopy+0x1a/0x20
[  142.889720][ T9546]  _copy_to_user+0x20/0xa0
[  142.894235][ T9546]  simple_read_from_buffer+0xa0/0x110
[  142.899648][ T9546]  proc_fail_nth_read+0xf9/0x140
[  142.904687][ T9546]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  142.910284][ T9546]  vfs_read+0x1a2/0x700
[  142.914463][ T9546]  ? __rcu_read_unlock+0x4e/0x70
[  142.919440][ T9546]  ? __fget_files+0x17c/0x1c0
[  142.924244][ T9546]  ksys_read+0xe8/0x1b0
[  142.928415][ T9546]  __x64_sys_read+0x42/0x50
[  142.932953][ T9546]  x64_sys_call+0x2874/0x2dc0
[  142.937638][ T9546]  do_syscall_64+0xc9/0x1c0
[  142.942150][ T9546]  ? clear_bhb_loop+0x55/0xb0
[  142.946857][ T9546]  ? clear_bhb_loop+0x55/0xb0
[  142.951547][ T9546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.957693][ T9546] RIP: 0033:0x7f6d8635473c
[  142.962122][ T9546] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  142.981848][ T9546] RSP: 002b:00007f6d849c1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  142.990368][ T9546] RAX: ffffffffffffffda RBX: 00007f6d86545fa0 RCX: 00007f6d8635473c
[  142.998371][ T9546] RDX: 000000000000000f RSI: 00007f6d849c10a0 RDI: 0000000000000003
[  143.006357][ T9546] RBP: 00007f6d849c1090 R08: 0000000000000000 R09: 0000000000000000
[  143.014369][ T9546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.022346][ T9546] R13: 0000000000000001 R14: 00007f6d86545fa0 R15: 00007ffc86e3ce28
[  143.030393][ T9546]  </TASK>
[  143.040004][ T9547] bond0: (slave batadv0): Releasing backup interface
[  143.127203][ T9560] loop1: detected capacity change from 0 to 512
[  143.140479][ T9560] journal_path: Non-blockdev passed as './file1'
[  143.147062][ T9560] EXT4-fs: error: could not find journal device path
[  143.308464][ T9570] loop1: detected capacity change from 0 to 8192
[  143.370522][ T9570]  loop1: p1 p2 < > p3 p4 < p5 >
[  143.375515][ T9570] loop1: partition table partially beyond EOD, truncated
[  143.383036][ T9570] loop1: p1 size 108986119 extends beyond EOD, truncated
[  143.395965][ T9570] loop1: p2 start 591104 is beyond EOD, truncated
[  143.402528][ T9570] loop1: p3 size 50462720 extends beyond EOD, truncated
[  143.414978][ T9570] loop1: p5 size 108986119 extends beyond EOD, truncated
[  143.478831][ T9579] loop3: detected capacity change from 0 to 512
[  143.498630][ T9579] journal_path: Non-blockdev passed as './bus'
[  143.504866][ T9579] EXT4-fs: error: could not find journal device path
[  143.537010][ T9585] SELinux: failed to load policy
[  143.601973][ T9594] loop5: detected capacity change from 0 to 512
[  143.607487][ T9588] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1716'.
[  143.610913][ T9594] journal_path: Non-blockdev passed as './file1'
[  143.623484][ T9594] EXT4-fs: error: could not find journal device path
[  143.702672][ T9607] loop1: detected capacity change from 0 to 512
[  143.711632][ T9607] EXT4-fs: Ignoring removed bh option
[  143.717313][ T9607] journal_path: Non-blockdev passed as './bus'
[  143.723559][ T9607] EXT4-fs: error: could not find journal device path
[  143.809814][ T9612] FAULT_INJECTION: forcing a failure.
[  143.809814][ T9612] name failslab, interval 1, probability 0, space 0, times 0
[  143.822522][ T9612] CPU: 1 UID: 0 PID: 9612 Comm: syz.1.1726 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  143.832870][ T9614] loop3: detected capacity change from 0 to 8192
[  143.833262][ T9612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  143.849830][ T9612] Call Trace:
[  143.853128][ T9612]  <TASK>
[  143.856178][ T9612]  dump_stack_lvl+0xf2/0x150
[  143.860813][ T9612]  dump_stack+0x15/0x1a
[  143.865003][ T9612]  should_fail_ex+0x223/0x230
[  143.869743][ T9612]  should_failslab+0x8f/0xb0
[  143.874364][ T9612]  kmem_cache_alloc_noprof+0x52/0x320
[  143.879831][ T9612]  ? audit_log_start+0x34c/0x6b0
[  143.884825][ T9612]  audit_log_start+0x34c/0x6b0
[  143.889607][ T9612]  audit_seccomp+0x4b/0x130
[  143.894144][ T9612]  __seccomp_filter+0x6fa/0x1180
[  143.899106][ T9612]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  143.904779][ T9612]  ? vfs_write+0x596/0x920
[  143.909223][ T9612]  __secure_computing+0x9f/0x1c0
[  143.914180][ T9612]  syscall_trace_enter+0xd1/0x1f0
[  143.919228][ T9612]  do_syscall_64+0xaa/0x1c0
[  143.923826][ T9612]  ? clear_bhb_loop+0x55/0xb0
[  143.928510][ T9612]  ? clear_bhb_loop+0x55/0xb0
[  143.933199][ T9612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.939203][ T9612] RIP: 0033:0x7f9805b95d29
[  143.943625][ T9612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.963240][ T9612] RSP: 002b:00007f9804201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  143.971661][ T9612] RAX: ffffffffffffffda RBX: 00007f9805d85fa0 RCX: 00007f9805b95d29
[  143.979696][ T9612] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  143.987682][ T9612] RBP: 00007f9804201090 R08: 0000000000000000 R09: 0000000000000000
[  143.995723][ T9612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.003787][ T9612] R13: 0000000000000000 R14: 00007f9805d85fa0 R15: 00007ffe990c7098
[  144.011773][ T9612]  </TASK>
[  144.039636][ T9622] SELinux: failed to load policy
[  144.053359][ T9614]  loop3: p1 p2 < > p3 p4 < p5 >
[  144.058337][ T9614] loop3: partition table partially beyond EOD, truncated
[  144.065972][ T9614] loop3: p1 size 108986119 extends beyond EOD, truncated
[  144.074775][ T9614] loop3: p2 start 591104 is beyond EOD, truncated
[  144.081322][ T9614] loop3: p3 size 50462720 extends beyond EOD, truncated
[  144.106188][ T9614] loop3: p5 size 108986119 extends beyond EOD, truncated
[  144.128811][ T9628] loop5: detected capacity change from 0 to 512
[  144.146622][ T9628] journal_path: Non-blockdev passed as './file1'
[  144.153141][ T9628] EXT4-fs: error: could not find journal device path
[  144.210153][ T3457] udevd[3457]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  144.210954][ T3462] udevd[3462]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  144.241370][ T9643] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1733'.
[  144.297886][ T9634] loop3: detected capacity change from 0 to 8192
[  144.343621][ T9653] netlink: 'syz.1.1738': attribute type 10 has an invalid length.
[  144.357488][ T9653] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.376651][ T9653] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  144.382122][ T9655] netlink: 744 bytes leftover after parsing attributes in process `syz.5.1742'.
[  144.394469][ T9655] netlink: 744 bytes leftover after parsing attributes in process `syz.5.1742'.
[  144.403584][ T9655] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1742'.
[  144.457307][ T9665] SELinux: failed to load policy
[  144.605383][ T9675] loop0: detected capacity change from 0 to 8192
[  144.672048][ T9675]  loop0: p1 p2 < > p3 p4 < p5 >
[  144.677119][ T9675] loop0: partition table partially beyond EOD, truncated
[  144.687748][ T9675] loop0: p1 size 108986119 extends beyond EOD, truncated
[  144.703427][ T9675] loop0: p2 start 591104 is beyond EOD, truncated
[  144.709980][ T9675] loop0: p3 size 50462720 extends beyond EOD, truncated
[  144.731121][ T9684] loop3: detected capacity change from 0 to 1024
[  144.739747][ T9675] loop0: p5 size 108986119 extends beyond EOD, truncated
[  144.741630][ T9684] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.762398][ T9685] loop2: detected capacity change from 0 to 512
[  144.769010][ T2999]  loop0: p1 p2 < > p3 p4 < p5 >
[  144.774025][ T2999] loop0: partition table partially beyond EOD, truncated
[  144.781250][ T9684] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  144.789363][ T2999] loop0: p1 size 108986119 extends beyond EOD, truncated
[  144.796559][ T9684] EXT4-fs (loop3): orphan cleanup on readonly fs
[  144.805077][ T2999] loop0: p2 start 591104 is beyond EOD, truncated
[  144.809168][ T9684] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  144.811704][ T2999] loop0: p3 size 50462720 extends beyond EOD, truncated
[  144.823347][ T9684] EXT4-fs (loop3): Remounting filesystem read-only
[  144.829249][ T2999] loop0: p5 size 108986119 extends beyond EOD, truncated
[  144.841193][ T9684] __quota_error: 631 callbacks suppressed
[  144.841210][ T9684] Quota error (device loop3): write_blk: dquota write failed
[  144.855031][ T9684] Quota error (device loop3): write_blk: dquota write failed
[  144.862448][ T9684] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  144.888280][ T9684] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  144.897427][ T9684] EXT4-fs (loop3): 1 orphan inode deleted
[  144.904673][ T9684] SELinux: (dev loop3, type ext4) getxattr errno 5
[  144.917697][ T9684] FAULT_INJECTION: forcing a failure.
[  144.917697][ T9684] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.922097][ T9688] bridge0: port 2(vlan2) entered blocking state
[  144.930909][ T9684] CPU: 1 UID: 0 PID: 9684 Comm: syz.3.1750 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  144.937183][ T9688] bridge0: port 2(vlan2) entered disabled state
[  144.947814][ T9684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  144.947832][ T9684] Call Trace:
[  144.947840][ T9684]  <TASK>
[  144.947849][ T9684]  dump_stack_lvl+0xf2/0x150
[  144.967986][ T9688] vlan2: entered allmulticast mode
[  144.970521][ T9684]  dump_stack+0x15/0x1a
[  144.984626][ T9684]  should_fail_ex+0x223/0x230
[  144.989539][ T9684]  should_fail+0xb/0x10
[  144.993730][ T9684]  should_fail_usercopy+0x1a/0x20
[  144.998787][ T9684]  _copy_to_user+0x20/0xa0
[  145.003232][ T9684]  simple_read_from_buffer+0xa0/0x110
[  145.008782][ T9684]  proc_fail_nth_read+0xf9/0x140
[  145.013754][ T9684]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  145.019315][ T9684]  vfs_read+0x1a2/0x700
[  145.023565][ T9684]  ? __rcu_read_unlock+0x4e/0x70
[  145.028542][ T9684]  ? __fget_files+0x17c/0x1c0
[  145.033417][ T9684]  ksys_read+0xe8/0x1b0
[  145.037645][ T9684]  __x64_sys_read+0x42/0x50
[  145.042276][ T9684]  x64_sys_call+0x2874/0x2dc0
[  145.046965][ T9684]  do_syscall_64+0xc9/0x1c0
[  145.051472][ T9684]  ? clear_bhb_loop+0x55/0xb0
[  145.056212][ T9684]  ? clear_bhb_loop+0x55/0xb0
[  145.060892][ T9684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.066844][ T9684] RIP: 0033:0x7f6d8635473c
[  145.071296][ T9684] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  145.090919][ T9684] RSP: 002b:00007f6d849c1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  145.099351][ T9684] RAX: ffffffffffffffda RBX: 00007f6d86545fa0 RCX: 00007f6d8635473c
[  145.107335][ T9684] RDX: 000000000000000f RSI: 00007f6d849c10a0 RDI: 0000000000000006
[  145.115307][ T9684] RBP: 00007f6d849c1090 R08: 0000000000000000 R09: 0000000000000000
[  145.123375][ T9684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.131395][ T9684] R13: 0000000000000000 R14: 00007f6d86545fa0 R15: 00007ffc86e3ce28
[  145.139407][ T9684]  </TASK>
[  145.144483][ T9688] vlan2: left allmulticast mode
[  145.188585][ T9690] loop1: detected capacity change from 0 to 1024
[  145.196001][ T9690] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  145.208650][ T9690] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  145.220269][ T9690] EXT4-fs (loop1): orphan cleanup on readonly fs
[  145.229624][ T9690] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  145.251394][ T9690] EXT4-fs (loop1): Remounting filesystem read-only
[  145.258441][ T9690] Quota error (device loop1): write_blk: dquota write failed
[  145.260256][ T9696] loop0: detected capacity change from 0 to 1024
[  145.265916][ T9690] Quota error (device loop1): write_blk: dquota write failed
[  145.279667][ T9690] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  145.290955][ T9690] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  145.291175][   T29] audit: type=1326 audit(1736315807.941:7922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9692 comm="syz.3.1753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  145.300096][ T9690] EXT4-fs (loop1): 1 orphan inode deleted
[  145.328982][   T29] audit: type=1326 audit(1736315807.969:7923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9692 comm="syz.3.1753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  145.352994][ T9690] SELinux: (dev loop1, type ext4) getxattr errno 5
[  145.475998][ T9712] loop0: detected capacity change from 0 to 1024
[  145.579665][ T9720] loop3: detected capacity change from 0 to 8192
[  145.607549][ T9726] loop5: detected capacity change from 0 to 512
[  145.616674][ T9730] loop2: detected capacity change from 0 to 164
[  145.623663][ T9720]  loop3: p1 p2 < > p3 p4 < p5 >
[  145.628658][ T9720] loop3: partition table partially beyond EOD, truncated
[  145.645322][ T9730] nfs: Unknown parameter '**.'
[  145.645730][ T9732] loop0: detected capacity change from 0 to 512
[  145.658674][ T9720] loop3: p1 size 108986119 extends beyond EOD, truncated
[  145.672661][ T9732] journal_path: Non-blockdev passed as './file1'
[  145.679148][ T9732] EXT4-fs: error: could not find journal device path
[  145.686928][ T9720] loop3: p2 start 591104 is beyond EOD, truncated
[  145.693452][ T9720] loop3: p3 size 50462720 extends beyond EOD, truncated
[  145.717761][ T9726] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.1763: Failed to acquire dquot type 1
[  145.735010][ T9726] EXT4-fs (loop5): 1 truncate cleaned up
[  145.741376][ T9726] ext4 filesystem being mounted at /290/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.757121][ T9720] loop3: p5 size 108986119 extends beyond EOD, truncated
[  145.794747][ T9742] bond0: (slave batadv0): Releasing backup interface
[  146.010417][ T9778] SELinux: failed to load policy
[  146.057177][ T9781] bridge0: port 1(vlan2) entered blocking state
[  146.063530][ T9781] bridge0: port 1(vlan2) entered disabled state
[  146.068593][ T9783] loop2: detected capacity change from 0 to 512
[  146.075026][ T9781] vlan2: entered allmulticast mode
[  146.082757][ T9781] vlan2: left allmulticast mode
[  146.118393][ T9783] ext4 filesystem being mounted at /387/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  146.146702][ T9783] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9783 comm=syz.2.1775
[  146.159305][ T9783] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=9783 comm=syz.2.1775
[  146.183246][ T9797] loop3: detected capacity change from 0 to 512
[  146.192391][ T9797] journal_path: Non-blockdev passed as './bus'
[  146.198600][ T9802] futex_wake_op: syz.5.1778 tries to shift op by -1; fix this program
[  146.198783][ T9797] EXT4-fs: error: could not find journal device path
[  146.223070][ T9800] loop1: detected capacity change from 0 to 512
[  146.280400][ T9800] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.1779: Failed to acquire dquot type 1
[  146.330411][ T9800] EXT4-fs (loop1): 1 truncate cleaned up
[  146.345116][ T9800] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.484275][ T9837] SELinux: failed to load policy
[  146.510211][ T9841] loop2: detected capacity change from 0 to 164
[  146.542530][ T9841] nfs: Unknown parameter '**.'
[  146.621716][ T9852] loop3: detected capacity change from 0 to 512
[  146.637320][ T9852] EXT4-fs: Ignoring removed bh option
[  146.642819][ T9852] journal_path: Non-blockdev passed as './bus'
[  146.649153][ T9852] EXT4-fs: error: could not find journal device path
[  146.754246][ T9860] loop0: detected capacity change from 0 to 512
[  146.777165][ T9860] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  146.815303][ T9867] hub 9-0:1.0: USB hub found
[  146.825466][ T9867] hub 9-0:1.0: 8 ports detected
[  146.826040][ T9860] EXT4-fs (loop0): 1 truncate cleaned up
[  147.497930][ T9912] loop1: detected capacity change from 0 to 512
[  147.504872][ T9912] journal_path: Non-blockdev passed as './file1'
[  147.510486][ T9914] loop0: detected capacity change from 0 to 512
[  147.511206][ T9912] EXT4-fs: error: could not find journal device path
[  147.558261][ T9914] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.1806: Failed to acquire dquot type 1
[  147.589597][ T9914] EXT4-fs (loop0): 1 truncate cleaned up
[  147.595789][ T9914] ext4 filesystem being mounted at /390/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.841109][ T9929] loop2: detected capacity change from 0 to 512
[  147.953615][ T9933] SELinux: failed to load policy
[  148.052810][ T9942] bridge0: port 1(vlan2) entered blocking state
[  148.059159][ T9942] bridge0: port 1(vlan2) entered disabled state
[  148.067971][ T9942] vlan2: entered allmulticast mode
[  148.076592][ T9942] vlan2: left allmulticast mode
[  148.202010][ T9951] loop5: detected capacity change from 0 to 512
[  148.220383][ T9951] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.1818: Failed to acquire dquot type 1
[  148.237824][ T9951] EXT4-fs (loop5): 1 truncate cleaned up
[  148.245393][ T9951] ext4 filesystem being mounted at /300/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.264651][ T9954] loop1: detected capacity change from 0 to 4096
[  148.295648][ T9944] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #15: comm syz.1.1815: corrupted inode contents
[  148.310447][ T9944] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #15: comm syz.1.1815: mark_inode_dirty error
[  148.405712][ T9944] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #15: comm syz.1.1815: corrupted inode contents
[  148.436172][ T9944] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1815: mark_inode_dirty error
[  148.457195][ T9944] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #15: comm syz.1.1815: corrupted inode contents
[  148.487650][ T9944] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1815: mark_inode_dirty error
[  148.540352][ T9944] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #15: comm syz.1.1815: corrupted inode contents
[  148.567459][ T9944] EXT4-fs error (device loop1): ext4_truncate:4240: inode #15: comm syz.1.1815: mark_inode_dirty error
[  148.609158][ T9944] EXT4-fs error (device loop1): ext4_evict_inode:267: comm syz.1.1815: couldn't truncate inode 15 (err -117)
[  148.762658][ T9978] FAULT_INJECTION: forcing a failure.
[  148.762658][ T9978] name failslab, interval 1, probability 0, space 0, times 0
[  148.775450][ T9978] CPU: 0 UID: 0 PID: 9978 Comm: syz.2.1825 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  148.786226][ T9978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.796366][ T9978] Call Trace:
[  148.799742][ T9978]  <TASK>
[  148.802774][ T9978]  dump_stack_lvl+0xf2/0x150
[  148.807453][ T9978]  dump_stack+0x15/0x1a
[  148.811699][ T9978]  should_fail_ex+0x223/0x230
[  148.816417][ T9978]  should_failslab+0x8f/0xb0
[  148.821085][ T9978]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  148.827477][ T9978]  ? sidtab_sid2str_get+0xb8/0x140
[  148.832756][ T9978]  kmemdup_noprof+0x2a/0x60
[  148.837439][ T9978]  sidtab_sid2str_get+0xb8/0x140
[  148.842412][ T9978]  security_sid_to_context_core+0x1eb/0x2f0
[  148.848364][ T9978]  security_sid_to_context+0x27/0x30
[  148.853709][ T9978]  selinux_lsmprop_to_secctx+0x2c/0x40
[  148.859268][ T9978]  security_lsmprop_to_secctx+0x4a/0x90
[  148.864855][ T9978]  audit_log_task_context+0x93/0x1c0
[  148.870189][ T9978]  audit_log_task+0xf9/0x1c0
[  148.874847][ T9978]  audit_seccomp+0x68/0x130
[  148.879379][ T9978]  __seccomp_filter+0x6fa/0x1180
[  148.884449][ T9978]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  148.890122][ T9978]  ? vfs_write+0x596/0x920
[  148.894627][ T9978]  __secure_computing+0x9f/0x1c0
[  148.899611][ T9978]  syscall_trace_enter+0xd1/0x1f0
[  148.904803][ T9978]  ? fpregs_assert_state_consistent+0x83/0xa0
[  148.910920][ T9978]  do_syscall_64+0xaa/0x1c0
[  148.915441][ T9978]  ? clear_bhb_loop+0x55/0xb0
[  148.920220][ T9978]  ? clear_bhb_loop+0x55/0xb0
[  148.924929][ T9978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.930863][ T9978] RIP: 0033:0x7f31ceec47df
[  148.935319][ T9978] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  148.955148][ T9978] RSP: 002b:00007f31cd531000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  148.963599][ T9978] RAX: ffffffffffffffda RBX: 00007f31cf0b5fa0 RCX: 00007f31ceec47df
[  148.971593][ T9978] RDX: 000000000000004a RSI: 0000000020000440 RDI: 00000000000000c8
[  148.979755][ T9978] RBP: 00007f31cd531090 R08: 0000000000000000 R09: 0000000000000000
[  148.987871][ T9978] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  148.995883][ T9978] R13: 0000000000000000 R14: 00007f31cf0b5fa0 R15: 00007fffd1c3b188
[  149.004009][ T9978]  </TASK>
[  149.018895][ T9975] Falling back ldisc for ttyS3.
[  149.102098][T10007] loop5: detected capacity change from 0 to 512
[  149.116732][T10007] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  149.123144][T10008] loop3: detected capacity change from 0 to 512
[  149.161416][T10007] EXT4-fs (loop5): 1 truncate cleaned up
[  149.177181][T10008] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  149.232822][T10008] EXT4-fs (loop3): 1 truncate cleaned up
[  149.335324][T10035] loop2: detected capacity change from 0 to 512
[  149.356014][T10035] EXT4-fs: Ignoring removed bh option
[  149.366475][T10035] journal_path: Non-blockdev passed as './bus'
[  149.372717][T10035] EXT4-fs: error: could not find journal device path
[  149.454239][T10048] loop2: detected capacity change from 0 to 164
[  149.487398][T10048] nfs: Unknown parameter '**.'
[  149.556481][T10055] SELinux: failed to load policy
[  149.630505][T10064] loop3: detected capacity change from 0 to 512
[  149.859104][T10074] loop2: detected capacity change from 0 to 8192
[  149.917501][T10074]  loop2: p1 p2 < > p3 p4 < p5 >
[  149.922656][T10074] loop2: partition table partially beyond EOD, truncated
[  149.951736][T10074] loop2: p1 size 108986119 extends beyond EOD, truncated
[  149.973781][T10074] loop2: p2 start 591104 is beyond EOD, truncated
[  149.980364][T10074] loop2: p3 size 50462720 extends beyond EOD, truncated
[  149.997611][T10074] loop2: p5 size 108986119 extends beyond EOD, truncated
[  150.005348][T10087] loop5: detected capacity change from 0 to 512
[  150.049547][T10087] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.1851: corrupted in-inode xattr: invalid ea_ino
[  150.096981][T10087] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.1851: couldn't read orphan inode 15 (err -117)
[  150.194631][ T3462] udevd[3462]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  150.216025][ T7630] udevd[7630]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[  150.227953][ T6120] udevd[6120]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  150.239692][ T3457] udevd[3457]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  150.392201][T10095] FAULT_INJECTION: forcing a failure.
[  150.392201][T10095] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.405338][T10095] CPU: 0 UID: 0 PID: 10095 Comm: syz.3.1854 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  150.416115][T10095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  150.426301][T10095] Call Trace:
[  150.429597][T10095]  <TASK>
[  150.432650][T10095]  dump_stack_lvl+0xf2/0x150
[  150.437318][T10095]  dump_stack+0x15/0x1a
[  150.441520][T10095]  should_fail_ex+0x223/0x230
[  150.446212][T10095]  should_fail+0xb/0x10
[  150.450460][T10095]  should_fail_usercopy+0x1a/0x20
[  150.455521][T10095]  _copy_to_user+0x20/0xa0
[  150.459964][T10095]  simple_read_from_buffer+0xa0/0x110
[  150.465363][T10095]  proc_fail_nth_read+0xf9/0x140
[  150.470350][T10095]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.476014][T10095]  vfs_read+0x1a2/0x700
[  150.480193][T10095]  ? __rcu_read_unlock+0x4e/0x70
[  150.485230][T10095]  ? __fget_files+0x17c/0x1c0
[  150.489953][T10095]  ksys_read+0xe8/0x1b0
[  150.494148][T10095]  __x64_sys_read+0x42/0x50
[  150.498689][T10095]  x64_sys_call+0x2874/0x2dc0
[  150.503386][T10095]  do_syscall_64+0xc9/0x1c0
[  150.507935][T10095]  ? clear_bhb_loop+0x55/0xb0
[  150.512643][T10095]  ? clear_bhb_loop+0x55/0xb0
[  150.517384][T10095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.523313][T10095] RIP: 0033:0x7f6d8635473c
[  150.527746][T10095] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  150.547480][T10095] RSP: 002b:00007f6d849c1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  150.555924][T10095] RAX: ffffffffffffffda RBX: 00007f6d86545fa0 RCX: 00007f6d8635473c
[  150.564005][T10095] RDX: 000000000000000f RSI: 00007f6d849c10a0 RDI: 0000000000000003
[  150.572016][T10095] RBP: 00007f6d849c1090 R08: 0000000000000000 R09: 0000000000000000
[  150.580011][T10095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.588072][T10095] R13: 0000000000000001 R14: 00007f6d86545fa0 R15: 00007ffc86e3ce28
[  150.596145][T10095]  </TASK>
[  150.807689][   T29] kauditd_printk_skb: 288 callbacks suppressed
[  150.807706][   T29] audit: type=1326 audit(1736315813.100:8203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb4d1a4690 code=0x7ffc0000
[  150.837582][   T29] audit: type=1326 audit(1736315813.100:8204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fbb4d1a4a77 code=0x7ffc0000
[  150.843621][T10087] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz.5.1851: path /313/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0
[  150.861204][   T29] audit: type=1326 audit(1736315813.100:8205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb4d1a4690 code=0x7ffc0000
[  150.906172][   T29] audit: type=1326 audit(1736315813.100:8206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  150.929734][   T29] audit: type=1326 audit(1736315813.100:8207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  150.953298][   T29] audit: type=1326 audit(1736315813.100:8208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  150.976851][   T29] audit: type=1326 audit(1736315813.100:8209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  151.000351][   T29] audit: type=1326 audit(1736315813.100:8210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  151.009834][T10104] loop0: detected capacity change from 0 to 512
[  151.023868][   T29] audit: type=1326 audit(1736315813.137:8211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  151.053536][   T29] audit: type=1326 audit(1736315813.137:8212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10086 comm="syz.5.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  151.084100][T10104] EXT4-fs: Ignoring removed oldalloc option
[  151.094103][T10108] SELinux: failed to load policy
[  151.110619][T10104] EXT4-fs: Mount option(s) incompatible with ext2
[  151.145581][T10104] serio: Serial port ptm0
[  151.157082][T10113] loop2: detected capacity change from 0 to 512
[  151.170914][T10113] journal_path: Non-blockdev passed as './file1'
[  151.177352][T10113] EXT4-fs: error: could not find journal device path
[  151.181833][T10115] loop3: detected capacity change from 0 to 512
[  151.192988][T10117] loop5: detected capacity change from 0 to 128
[  151.206516][T10115] EXT4-fs: Ignoring removed bh option
[  151.217017][T10117] vfat: Unknown parameter '1844674407370955161501777777777777777777777'
[  151.227596][T10115] journal_path: Non-blockdev passed as './bus'
[  151.233881][T10115] EXT4-fs: error: could not find journal device path
[  151.254481][T10100] loop1: detected capacity change from 0 to 8192
[  151.372942][T10129] loop5: detected capacity change from 0 to 512
[  151.395415][T10129] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  151.437470][T10129] EXT4-fs (loop5): 1 truncate cleaned up
[  151.453228][T10140] SELinux: failed to load policy
[  151.542845][T10152] loop3: detected capacity change from 0 to 512
[  151.552818][T10152] EXT4-fs: Ignoring removed oldalloc option
[  151.560938][T10150] loop1: detected capacity change from 0 to 8192
[  151.564734][T10152] EXT4-fs: Mount option(s) incompatible with ext2
[  151.583066][T10154] loop5: detected capacity change from 0 to 512
[  151.589618][T10154] journal_path: Non-blockdev passed as './file1'
[  151.593525][T10152] serio: Serial port ptm0
[  151.596046][T10154] EXT4-fs: error: could not find journal device path
[  151.605925][T10150]  loop1: p1 p2 < > p3 p4 < p5 >
[  151.612294][T10150] loop1: partition table partially beyond EOD, truncated
[  151.622008][T10150] loop1: p1 size 108986119 extends beyond EOD, truncated
[  151.632002][T10150] loop1: p2 start 591104 is beyond EOD, truncated
[  151.638502][T10150] loop1: p3 size 50462720 extends beyond EOD, truncated
[  151.647191][T10150] loop1: p5 size 108986119 extends beyond EOD, truncated
[  151.743794][T10167] loop3: detected capacity change from 0 to 512
[  151.766779][T10167] ext4 filesystem being mounted at /397/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.782557][ T3462] udevd[3462]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  151.799340][T10159] loop5: detected capacity change from 0 to 8192
[  151.825138][T10167] EXT4-fs warning (device loop3): ext4_group_add:1716: Can't resize non-sparse filesystem further
[  151.842095][T10173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1884'.
[  151.851054][T10173] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1884'.
[  151.908910][T10177] loop5: detected capacity change from 0 to 512
[  151.927929][T10177] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  151.942164][T10179] loop3: detected capacity change from 0 to 512
[  151.955592][T10177] EXT4-fs (loop5): 1 truncate cleaned up
[  151.969551][T10179] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.1887: Failed to acquire dquot type 1
[  151.981866][T10179] EXT4-fs (loop3): 1 truncate cleaned up
[  151.988186][T10179] ext4 filesystem being mounted at /399/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.996385][T10188] loop1: detected capacity change from 0 to 512
[  152.035055][T10188] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.1890: Failed to acquire dquot type 1
[  152.055419][T10188] EXT4-fs (loop1): 1 truncate cleaned up
[  152.061818][T10188] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.111283][T10200] loop3: detected capacity change from 0 to 512
[  152.180315][   T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4
[  152.188189][   T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2
[  152.195941][   T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x3
[  152.204244][   T24] hid-generic 0000:3000000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  152.268639][T10222] loop1: detected capacity change from 0 to 512
[  152.291245][T10222] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.1902: Failed to acquire dquot type 1
[  152.303394][T10222] EXT4-fs (loop1): 1 truncate cleaned up
[  152.309604][T10222] ext4 filesystem being mounted at /315/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.355329][T10225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1903'.
[  152.457972][T10248] loop5: detected capacity change from 0 to 512
[  152.466910][T10248] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  152.489333][T10248] EXT4-fs (loop5): 1 truncate cleaned up
[  152.533975][T10254] netlink: 'syz.1.1908': attribute type 10 has an invalid length.
[  152.545814][T10256] loop5: detected capacity change from 0 to 164
[  152.597136][T10259] hub 9-0:1.0: USB hub found
[  152.607871][T10259] hub 9-0:1.0: 8 ports detected
[  152.709413][T10263] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1916'.
[  152.760643][T10274] loop0: detected capacity change from 0 to 512
[  152.779324][T10274] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.1919: Failed to acquire dquot type 1
[  152.795031][T10274] EXT4-fs (loop0): 1 truncate cleaned up
[  152.803540][T10274] ext4 filesystem being mounted at /406/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.946977][T10290] loop5: detected capacity change from 0 to 512
[  152.954862][T10290] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  152.966246][T10290] EXT4-fs (loop5): 1 truncate cleaned up
[  152.999056][T10295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.009659][T10295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.543247][T10311] loop3: detected capacity change from 0 to 8192
[  153.551114][T10317] loop1: detected capacity change from 0 to 512
[  153.565957][T10317] journal_path: Non-blockdev passed as './file1'
[  153.572372][T10317] EXT4-fs: error: could not find journal device path
[  153.589571][T10311]  loop3: p1 p2 < > p3 p4 < p5 >
[  153.594740][T10311] loop3: partition table partially beyond EOD, truncated
[  153.603117][T10319] hub 9-0:1.0: USB hub found
[  153.607950][T10319] hub 9-0:1.0: 8 ports detected
[  153.608638][T10311] loop3: p1 size 108986119 extends beyond EOD, truncated
[  153.622689][T10311] loop3: p2 start 591104 is beyond EOD, truncated
[  153.629149][T10311] loop3: p3 size 50462720 extends beyond EOD, truncated
[  153.643929][T10311] loop3: p5 size 108986119 extends beyond EOD, truncated
[  153.646388][T10323] loop2: detected capacity change from 0 to 512
[  153.660351][T10323] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  153.675575][T10323] EXT4-fs (loop2): 1 truncate cleaned up
[  153.994511][T10348] loop5: detected capacity change from 0 to 8192
[  154.107292][T10354] hub 9-0:1.0: USB hub found
[  154.112184][T10354] hub 9-0:1.0: 8 ports detected
[  154.184366][T10358] loop5: detected capacity change from 0 to 512
[  154.200476][T10358] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  154.213526][T10358] EXT4-fs (loop5): 1 truncate cleaned up
[  154.312494][T10365] SELinux: failed to load policy
[  154.526745][T10380] loop1: detected capacity change from 0 to 512
[  154.553328][T10380] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.1963: Failed to acquire dquot type 1
[  154.581899][T10380] EXT4-fs (loop1): 1 truncate cleaned up
[  154.600847][T10380] ext4 filesystem being mounted at /326/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.662950][T10392] SELinux: failed to load policy
[  154.739288][T10400] hub 9-0:1.0: USB hub found
[  154.744903][T10400] hub 9-0:1.0: 8 ports detected
[  154.874127][T10413] loop2: detected capacity change from 0 to 8192
[  154.953086][T10420] SELinux: failed to load policy
[  155.670249][T10438] hub 9-0:1.0: USB hub found
[  155.675263][T10438] hub 9-0:1.0: 8 ports detected
[  155.793678][T10443] netlink: 'syz.5.1988': attribute type 10 has an invalid length.
[  155.809013][T10443] 8021q: adding VLAN 0 to HW filter on device batadv0
[  155.818991][T10443] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  155.831550][T10446] hub 9-0:1.0: USB hub found
[  155.836600][T10446] hub 9-0:1.0: 8 ports detected
[  155.920485][T10452] loop2: detected capacity change from 0 to 512
[  155.927359][T10452] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  155.941736][T10452] EXT4-fs (loop2): 1 truncate cleaned up
[  156.121390][T10462] hub 9-0:1.0: USB hub found
[  156.131918][T10462] hub 9-0:1.0: 8 ports detected
[  156.233137][   T29] kauditd_printk_skb: 556 callbacks suppressed
[  156.233154][   T29] audit: type=1326 audit(1736315818.184:8759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10465 comm="syz.2.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31ceec5d29 code=0x7ffc0000
[  156.262897][   T29] audit: type=1326 audit(1736315818.184:8760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10465 comm="syz.2.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31ceec5d29 code=0x7ffc0000
[  156.302860][T10470] loop2: detected capacity change from 0 to 128
[  156.321504][T10470] FAT-fs (loop2): bogus number of reserved sectors
[  156.328125][T10470] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  156.337547][T10470] FAT-fs (loop2): Can't find a valid FAT filesystem
[  156.354041][   T29] audit: type=1326 audit(1736315818.184:8761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10465 comm="syz.2.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f31ceec5d29 code=0x7ffc0000
[  156.377613][   T29] audit: type=1326 audit(1736315818.184:8762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10465 comm="syz.2.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31ceec5d29 code=0x7ffc0000
[  156.401122][   T29] audit: type=1400 audit(1736315818.240:8763): avc:  denied  { read } for  pid=10453 comm="syz.3.1992" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  156.425474][   T29] audit: type=1400 audit(1736315818.240:8764): avc:  denied  { open } for  pid=10453 comm="syz.3.1992" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  156.450191][   T29] audit: type=1400 audit(1736315818.240:8765): avc:  denied  { ioctl } for  pid=10453 comm="syz.3.1992" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  156.540220][T10470] loop2: detected capacity change from 0 to 164
[  156.582741][T10470] +}[@: attempt to access beyond end of device
[  156.582741][T10470] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  156.596233][T10470] +}[@: attempt to access beyond end of device
[  156.596233][T10470] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  156.702937][T10477] loop1: detected capacity change from 0 to 512
[  156.715976][T10478] loop2: detected capacity change from 0 to 1024
[  156.716512][   T29] audit: type=1326 audit(1736315818.633:8766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.5.2000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  156.729772][T10477] EXT4-fs: Ignoring removed bh option
[  156.746111][   T29] audit: type=1326 audit(1736315818.633:8767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.5.2000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  156.761805][T10478] ext4: Unknown parameter 'nouser_xattr'
[  156.774908][   T29] audit: type=1326 audit(1736315818.633:8768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.5.2000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  156.809004][T10477] journal_path: Non-blockdev passed as './bus'
[  156.815313][T10477] EXT4-fs: error: could not find journal device path
[  156.816702][T10478] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2001'.
[  156.992431][T10495] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.001431][T10495] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.100894][T10500] loop0: detected capacity change from 0 to 512
[  157.108681][T10500] journal_path: Non-blockdev passed as './file1'
[  157.115209][T10500] EXT4-fs: error: could not find journal device path
[  157.433619][T10511] loop3: detected capacity change from 0 to 512
[  157.458300][T10511] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.477361][T10511] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 3915 (only 1 groups)
[  157.647904][T10523] hub 9-0:1.0: USB hub found
[  157.652674][T10523] hub 9-0:1.0: 8 ports detected
[  157.793650][T10531] loop2: detected capacity change from 0 to 128
[  157.800470][T10531] vfat: Unknown parameter '1844674407370955161501777777777777777777777'
[  157.877393][T10538] loop2: detected capacity change from 0 to 512
[  157.884097][T10538] journal_path: Non-blockdev passed as './file1'
[  157.890554][T10538] EXT4-fs: error: could not find journal device path
[  157.945635][T10544] loop3: detected capacity change from 0 to 512
[  158.150298][T10558] loop0: detected capacity change from 0 to 512
[  158.164133][T10558] EXT4-fs: Ignoring removed bh option
[  158.164544][T10560] hub 9-0:1.0: USB hub found
[  158.169882][T10558] journal_path: Non-blockdev passed as './bus'
[  158.174690][T10560] hub 9-0:1.0: 8 ports detected
[  158.180589][T10558] EXT4-fs: error: could not find journal device path
[  158.227881][T10565] loop5: detected capacity change from 0 to 128
[  158.234391][T10565] vfat: Unknown parameter '1844674407370955161501777777777777777777777'
[  158.291158][T10571] loop5: detected capacity change from 0 to 512
[  158.297910][T10571] journal_path: Non-blockdev passed as './file1'
[  158.304427][T10571] EXT4-fs: error: could not find journal device path
[  158.366440][T10579] loop0: detected capacity change from 0 to 512
[  158.379005][T10579] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  158.402382][T10579] EXT4-fs (loop0): 1 truncate cleaned up
[  158.465641][T10589] loop0: detected capacity change from 0 to 512
[  158.473604][T10589] EXT4-fs: Ignoring removed bh option
[  158.494291][T10589] journal_path: Non-blockdev passed as './bus'
[  158.500499][T10589] EXT4-fs: error: could not find journal device path
[  158.548775][T10599] FAULT_INJECTION: forcing a failure.
[  158.548775][T10599] name failslab, interval 1, probability 0, space 0, times 0
[  158.549166][T10598] loop5: detected capacity change from 0 to 128
[  158.561448][T10599] CPU: 1 UID: 0 PID: 10599 Comm: syz.0.2046 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  158.578729][T10599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  158.588859][T10599] Call Trace:
[  158.592206][T10599]  <TASK>
[  158.595142][T10599]  dump_stack_lvl+0xf2/0x150
[  158.599804][T10599]  dump_stack+0x15/0x1a
[  158.604031][T10599]  should_fail_ex+0x223/0x230
[  158.608762][T10599]  should_failslab+0x8f/0xb0
[  158.614304][T10599]  __kmalloc_noprof+0xab/0x3f0
[  158.619084][T10599]  ? inotify_handle_inode_event+0x127/0x310
[  158.625006][T10599]  inotify_handle_inode_event+0x127/0x310
[  158.630748][T10599]  inotify_ignored_and_remove_idr+0x29/0x60
[  158.636730][T10599]  inotify_freeing_mark+0x1d/0x30
[  158.641773][T10599]  ? __pfx_inotify_freeing_mark+0x10/0x10
[  158.647507][T10599]  fsnotify_clear_marks_by_group+0x3ca/0x4d0
[  158.653577][T10599]  fsnotify_destroy_group+0x55/0x190
[  158.658932][T10599]  ? locks_remove_posix+0x1af/0x310
[  158.664148][T10599]  inotify_release+0x1f/0x30
[  158.668759][T10599]  ? __pfx_inotify_release+0x10/0x10
[  158.674086][T10599]  __fput+0x17a/0x6d0
[  158.678188][T10599]  ? file_close_fd_locked+0x17f/0x1a0
[  158.683646][T10599]  __fput_sync+0x96/0xc0
[  158.687907][T10599]  __se_sys_close+0x109/0x1b0
[  158.692627][T10599]  __x64_sys_close+0x1f/0x30
[  158.697263][T10599]  x64_sys_call+0x266c/0x2dc0
[  158.702046][T10599]  do_syscall_64+0xc9/0x1c0
[  158.706574][T10599]  ? clear_bhb_loop+0x55/0xb0
[  158.711392][T10599]  ? clear_bhb_loop+0x55/0xb0
[  158.716130][T10599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.722223][T10599] RIP: 0033:0x7f647f0d5d29
[  158.726654][T10599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.746451][T10599] RSP: 002b:00007f647d741038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  158.754950][T10599] RAX: ffffffffffffffda RBX: 00007f647f2c5fa0 RCX: 00007f647f0d5d29
[  158.762939][T10599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  158.771017][T10599] RBP: 00007f647d741090 R08: 0000000000000000 R09: 0000000000000000
[  158.779054][T10599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.787034][T10599] R13: 0000000000000000 R14: 00007f647f2c5fa0 R15: 00007ffe38814798
[  158.795048][T10599]  </TASK>
[  158.802802][T10598] vfat: Unknown parameter '1844674407370955161501777777777777777777777'
[  158.850198][T10603] loop0: detected capacity change from 0 to 512
[  158.861639][T10603] journal_path: Non-blockdev passed as './file1'
[  158.868231][T10603] EXT4-fs: error: could not find journal device path
[  158.931648][T10614] loop5: detected capacity change from 0 to 512
[  158.959114][T10609] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2050'.
[  158.963058][T10614] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.2052: Failed to acquire dquot type 1
[  158.980424][T10614] EXT4-fs (loop5): 1 truncate cleaned up
[  158.987096][T10614] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.040659][T10630] SELinux: failed to load policy
[  159.204337][T10646] loop5: detected capacity change from 0 to 512
[  159.212020][T10646] journal_path: Non-blockdev passed as './file1'
[  159.218415][T10646] EXT4-fs: error: could not find journal device path
[  159.257924][T10649] loop5: detected capacity change from 0 to 512
[  159.315184][T10655] loop3: detected capacity change from 0 to 512
[  159.325191][T10651] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2064'.
[  159.349899][T10649] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.2063: Failed to acquire dquot type 1
[  159.371665][T10660] loop2: detected capacity change from 0 to 512
[  159.378793][T10660] EXT4-fs: Ignoring removed bh option
[  159.384452][T10660] journal_path: Non-blockdev passed as './bus'
[  159.385774][T10649] EXT4-fs (loop5): 1 truncate cleaned up
[  159.390671][T10660] EXT4-fs: error: could not find journal device path
[  159.396841][T10649] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.439047][T10662] FAULT_INJECTION: forcing a failure.
[  159.439047][T10662] name failslab, interval 1, probability 0, space 0, times 0
[  159.451776][T10662] CPU: 0 UID: 0 PID: 10662 Comm: syz.2.2066 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  159.462599][T10662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  159.472680][T10662] Call Trace:
[  159.475971][T10662]  <TASK>
[  159.478928][T10662]  dump_stack_lvl+0xf2/0x150
[  159.483625][T10662]  dump_stack+0x15/0x1a
[  159.487867][T10662]  should_fail_ex+0x223/0x230
[  159.492621][T10662]  should_failslab+0x8f/0xb0
[  159.497326][T10662]  kmem_cache_alloc_node_noprof+0x59/0x320
[  159.503160][T10662]  ? __alloc_skb+0x10b/0x310
[  159.507804][T10662]  __alloc_skb+0x10b/0x310
[  159.512323][T10662]  netlink_alloc_large_skb+0xad/0xe0
[  159.517633][T10662]  netlink_sendmsg+0x3b4/0x6e0
[  159.522420][T10662]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.527790][T10662]  __sock_sendmsg+0x140/0x180
[  159.532527][T10662]  ____sys_sendmsg+0x312/0x410
[  159.537306][T10662]  __sys_sendmsg+0x19d/0x230
[  159.541954][T10662]  __x64_sys_sendmsg+0x46/0x50
[  159.546732][T10662]  x64_sys_call+0x2734/0x2dc0
[  159.551566][T10662]  do_syscall_64+0xc9/0x1c0
[  159.556295][T10662]  ? clear_bhb_loop+0x55/0xb0
[  159.560993][T10662]  ? clear_bhb_loop+0x55/0xb0
[  159.565749][T10662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.571670][T10662] RIP: 0033:0x7f31ceec5d29
[  159.576148][T10662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.595767][T10662] RSP: 002b:00007f31cd531038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  159.604287][T10662] RAX: ffffffffffffffda RBX: 00007f31cf0b5fa0 RCX: 00007f31ceec5d29
[  159.612264][T10662] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000006
[  159.620243][T10662] RBP: 00007f31cd531090 R08: 0000000000000000 R09: 0000000000000000
[  159.628222][T10662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.636226][T10662] R13: 0000000000000000 R14: 00007f31cf0b5fa0 R15: 00007fffd1c3b188
[  159.644222][T10662]  </TASK>
[  159.686123][T10668] loop2: detected capacity change from 0 to 512
[  159.721624][T10668] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.2067: Failed to acquire dquot type 1
[  159.734127][T10668] EXT4-fs (loop2): 1 truncate cleaned up
[  159.740278][T10668] ext4 filesystem being mounted at /453/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.857076][T10687] bridge0: port 2(vlan2) entered blocking state
[  159.863489][T10687] bridge0: port 2(vlan2) entered disabled state
[  159.870188][T10687] vlan2: entered allmulticast mode
[  159.877593][T10687] vlan2: left allmulticast mode
[  159.898131][T10691] loop5: detected capacity change from 0 to 512
[  159.905259][T10691] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  159.923228][T10691] EXT4-fs (loop5): 1 truncate cleaned up
[  159.943819][T10694] loop2: detected capacity change from 0 to 512
[  159.955156][T10694] EXT4-fs: Ignoring removed bh option
[  159.966021][T10697] loop3: detected capacity change from 0 to 512
[  159.976511][T10694] journal_path: Non-blockdev passed as './bus'
[  159.982753][T10694] EXT4-fs: error: could not find journal device path
[  160.004132][T10697] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.2077: Failed to acquire dquot type 1
[  160.033033][T10704] SELinux: failed to load policy
[  160.040937][T10697] EXT4-fs (loop3): 1 truncate cleaned up
[  160.047006][T10697] ext4 filesystem being mounted at /430/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.087296][T10708] loop2: detected capacity change from 0 to 512
[  160.112830][T10708] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.2082: Failed to acquire dquot type 1
[  160.174689][T10708] EXT4-fs (loop2): 1 truncate cleaned up
[  160.195410][T10708] ext4 filesystem being mounted at /457/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.207608][T10718] hub 9-0:1.0: USB hub found
[  160.222020][T10718] hub 9-0:1.0: 8 ports detected
[  160.267089][T10725] loop1: detected capacity change from 0 to 164
[  160.367115][T10730] loop2: detected capacity change from 0 to 512
[  160.394844][T10730] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  160.428920][T10730] EXT4-fs (loop2): 1 truncate cleaned up
[  160.487360][T10739] loop1: detected capacity change from 0 to 512
[  160.505555][T10739] EXT4-fs: Ignoring removed bh option
[  160.511964][T10739] journal_path: Non-blockdev passed as './bus'
[  160.518187][T10739] EXT4-fs: error: could not find journal device path
[  160.563996][T10744] loop1: detected capacity change from 0 to 164
[  160.589708][T10746] loop3: detected capacity change from 0 to 512
[  160.691766][T10752] syz.2.2098[10752] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.693173][T10752] syz.2.2098[10752] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.716160][T10752] syz.2.2098[10752] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  161.072066][T10778] syz.0.2110[10778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  161.083677][T10778] syz.0.2110[10778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  161.095498][T10778] syz.0.2110[10778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  161.139809][T10780] loop5: detected capacity change from 0 to 164
[  161.160243][T10783] SELinux: failed to load policy
[  161.174866][T10784] loop0: detected capacity change from 0 to 512
[  161.196341][T10784] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.2112: Failed to acquire dquot type 1
[  161.276193][T10784] EXT4-fs (loop0): 1 truncate cleaned up
[  161.296974][T10784] EXT4-fs mount: 76 callbacks suppressed
[  161.296991][T10784] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.321060][T10784] ext4 filesystem being mounted at /429/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.324584][T10802] loop5: detected capacity change from 0 to 512
[  161.355583][T10807] SELinux: failed to load policy
[  161.392701][T10802] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.393278][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.416102][T10802] ext4 filesystem being mounted at /392/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.428404][T10802] EXT4-fs warning (device loop5): ext4_group_add:1716: Can't resize non-sparse filesystem further
[  161.531734][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.553609][T10825] 9pnet_fd: Insufficient options for proto=fd
[  161.706855][   T29] kauditd_printk_skb: 314 callbacks suppressed
[  161.706896][   T29] audit: type=1326 audit(1736315823.305:9071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.759833][   T29] audit: type=1326 audit(1736315823.334:9072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.775966][T10847] SELinux: failed to load policy
[  161.783541][   T29] audit: type=1326 audit(1736315823.334:9073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.790133][T10839] bridge0: port 1(vlan2) entered blocking state
[  161.811929][   T29] audit: type=1326 audit(1736315823.334:9074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.811969][   T29] audit: type=1326 audit(1736315823.334:9075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.812005][   T29] audit: type=1326 audit(1736315823.334:9076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.818299][T10839] bridge0: port 1(vlan2) entered disabled state
[  161.822104][T10839] vlan2: entered allmulticast mode
[  161.841772][   T29] audit: type=1326 audit(1736315823.334:9077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.841815][   T29] audit: type=1326 audit(1736315823.343:9078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.892333][T10848] loop2: detected capacity change from 0 to 512
[  161.895165][   T29] audit: type=1326 audit(1736315823.343:9079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  161.977115][   T29] audit: type=1326 audit(1736315823.343:9080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10842 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f647f0d5d29 code=0x7ffc0000
[  162.002468][T10839] vlan2: left allmulticast mode
[  162.074116][T10854] loop3: detected capacity change from 0 to 512
[  162.087386][T10854] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  162.112385][T10854] EXT4-fs (loop3): 1 truncate cleaned up
[  162.118417][T10854] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.137740][T10854] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.152549][T10860] loop5: detected capacity change from 0 to 512
[  162.159218][T10860] EXT4-fs: Ignoring removed bh option
[  162.164939][T10860] journal_path: Non-blockdev passed as './bus'
[  162.171255][T10860] EXT4-fs: error: could not find journal device path
[  162.227281][T10868] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  162.239770][T10868] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[  162.264087][T10871] loop1: detected capacity change from 0 to 256
[  162.265210][T10868] loop5: detected capacity change from 0 to 128
[  162.270621][T10870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2145'.
[  162.285580][T10870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2145'.
[  162.295892][T10868] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  162.299346][T10874] SELinux: failed to load policy
[  162.319143][T10868] ext4 filesystem being mounted at /399/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  163.001268][T10892] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2151'.
[  163.199453][ T4337] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.525999][T10908] syz.5.2154[10908] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.526174][T10908] syz.5.2154[10908] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.563149][T10909] netlink: 'syz.3.2156': attribute type 10 has an invalid length.
[  163.605259][T10908] syz.5.2154[10908] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.639977][T10909] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.693034][T10909] batadv0: entered promiscuous mode
[  163.723498][T10909] $Hÿ: (slave batadv0): Enslaving as an active interface with an up link
[  163.755021][T10911] SELinux: failed to load policy
[  164.012690][T10920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.064213][T10920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.335280][T10929] SELinux: failed to load policy
[  164.510186][T10936] SELinux: failed to load policy
[  164.930569][T10943] loop5: detected capacity change from 0 to 512
[  165.432788][T10950] loop3: detected capacity change from 0 to 512
[  165.507743][T10943] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.520639][T10943] ext4 filesystem being mounted at /406/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.532441][T10943] EXT4-fs warning (device loop5): ext4_group_add:1716: Can't resize non-sparse filesystem further
[  165.554289][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.569479][T10950] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.2173: Failed to acquire dquot type 1
[  165.589257][T10950] EXT4-fs (loop3): 1 truncate cleaned up
[  165.597768][T10958] bridge0: port 1(vlan2) entered blocking state
[  165.604059][T10958] bridge0: port 1(vlan2) entered disabled state
[  165.610287][T10950] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.610358][T10950] ext4 filesystem being mounted at /448/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.634187][T10958] vlan2: entered allmulticast mode
[  165.649609][T10958] vlan2: left allmulticast mode
[  165.695166][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.736226][T10973] SELinux: failed to load policy
[  165.746858][T10972] netlink: 'syz.2.2178': attribute type 10 has an invalid length.
[  165.756847][T10972] 8021q: adding VLAN 0 to HW filter on device batadv0
[  165.764754][T10972] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  165.777478][T10975] SELinux: failed to load policy
[  165.810224][T10977] loop5: detected capacity change from 0 to 512
[  165.816415][T10979] loop3: detected capacity change from 0 to 512
[  165.816840][T10977] EXT4-fs: Ignoring removed bh option
[  165.828437][T10977] journal_path: Non-blockdev passed as './bus'
[  165.834690][T10977] EXT4-fs: error: could not find journal device path
[  165.865265][T10979] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.2183: Failed to acquire dquot type 1
[  165.876601][T10983] loop5: detected capacity change from 0 to 512
[  165.879209][T10979] EXT4-fs (loop3): 1 truncate cleaned up
[  165.889112][T10979] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.890439][T10983] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  165.901913][T10979] ext4 filesystem being mounted at /450/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.915620][T10983] EXT4-fs (loop5): 1 truncate cleaned up
[  165.929901][T10983] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.943317][T10983] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.987605][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.003487][T10988] loop5: detected capacity change from 0 to 512
[  166.016497][T10988] journal_path: Non-blockdev passed as './file1'
[  166.023047][T10988] EXT4-fs: error: could not find journal device path
[  166.051877][T10994] netlink: 3 bytes leftover after parsing attributes in process `+}[@'.
[  166.061482][T10994] 0ªX¹¦À: renamed from caif0
[  166.068310][T10994] 0ªX¹¦À: entered allmulticast mode
[  166.073709][T10994] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  166.372594][T11012] SELinux: failed to load policy
[  166.433459][T11018] FAULT_INJECTION: forcing a failure.
[  166.433459][T11018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.446573][T11018] CPU: 1 UID: 0 PID: 11018 Comm: syz.5.2195 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  166.457418][T11018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  166.467483][T11018] Call Trace:
[  166.470757][T11018]  <TASK>
[  166.473692][T11018]  dump_stack_lvl+0xf2/0x150
[  166.478307][T11018]  dump_stack+0x15/0x1a
[  166.482779][T11018]  should_fail_ex+0x223/0x230
[  166.487468][T11018]  should_fail+0xb/0x10
[  166.491720][T11018]  should_fail_usercopy+0x1a/0x20
[  166.496751][T11018]  _copy_to_user+0x20/0xa0
[  166.501303][T11018]  simple_read_from_buffer+0xa0/0x110
[  166.506791][T11018]  proc_fail_nth_read+0xf9/0x140
[  166.511836][T11018]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.517445][T11018]  vfs_read+0x1a2/0x700
[  166.521709][T11018]  ? __rcu_read_unlock+0x4e/0x70
[  166.526736][T11018]  ? __fget_files+0x17c/0x1c0
[  166.531498][T11018]  ksys_read+0xe8/0x1b0
[  166.535670][T11018]  __x64_sys_read+0x42/0x50
[  166.540238][T11018]  x64_sys_call+0x2874/0x2dc0
[  166.544929][T11018]  do_syscall_64+0xc9/0x1c0
[  166.549462][T11018]  ? clear_bhb_loop+0x55/0xb0
[  166.554152][T11018]  ? clear_bhb_loop+0x55/0xb0
[  166.558845][T11018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.564780][T11018] RIP: 0033:0x7fbb4d1a473c
[  166.569255][T11018] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  166.588873][T11018] RSP: 002b:00007fbb4b817030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  166.597456][T11018] RAX: ffffffffffffffda RBX: 00007fbb4d395fa0 RCX: 00007fbb4d1a473c
[  166.605447][T11018] RDX: 000000000000000f RSI: 00007fbb4b8170a0 RDI: 0000000000000003
[  166.613428][T11018] RBP: 00007fbb4b817090 R08: 0000000000000000 R09: 0000000000000000
[  166.621406][T11018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.629440][T11018] R13: 0000000000000001 R14: 00007fbb4d395fa0 R15: 00007ffe3a120508
[  166.637426][T11018]  </TASK>
[  166.812082][T11038] loop5: detected capacity change from 0 to 512
[  166.819215][T11038] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  166.840924][T11038] EXT4-fs (loop5): 1 truncate cleaned up
[  166.847106][T11038] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.860213][T11038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.174289][T11067] FAULT_INJECTION: forcing a failure.
[  167.174289][T11067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.177342][   T29] kauditd_printk_skb: 424 callbacks suppressed
[  167.177360][   T29] audit: type=1326 audit(1736315828.427:9501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11064 comm="syz.3.2213" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x0
[  167.187446][T11067] CPU: 0 UID: 0 PID: 11067 Comm: syz.0.2214 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  167.227279][T11067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.237456][T11067] Call Trace:
[  167.240744][T11067]  <TASK>
[  167.243690][T11067]  dump_stack_lvl+0xf2/0x150
[  167.248371][T11067]  dump_stack+0x15/0x1a
[  167.252584][T11067]  should_fail_ex+0x223/0x230
[  167.257325][T11067]  should_fail+0xb/0x10
[  167.261505][T11067]  should_fail_usercopy+0x1a/0x20
[  167.266667][T11067]  _copy_from_user+0x1e/0xb0
[  167.271278][T11067]  autofs_dev_ioctl+0xd6/0x660
[  167.276201][T11067]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[  167.281653][T11067]  __se_sys_ioctl+0xc9/0x140
[  167.286273][T11067]  __x64_sys_ioctl+0x43/0x50
[  167.290941][T11067]  x64_sys_call+0x1690/0x2dc0
[  167.295651][T11067]  do_syscall_64+0xc9/0x1c0
[  167.300315][T11067]  ? clear_bhb_loop+0x55/0xb0
[  167.304994][T11067]  ? clear_bhb_loop+0x55/0xb0
[  167.309732][T11067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.315737][T11067] RIP: 0033:0x7f647f0d5d29
[  167.320161][T11067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.339777][T11067] RSP: 002b:00007f647d741038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.348194][T11067] RAX: ffffffffffffffda RBX: 00007f647f2c5fa0 RCX: 00007f647f0d5d29
[  167.356222][T11067] RDX: 0000000020001040 RSI: 00000000c018937e RDI: 0000000000000003
[  167.364425][T11067] RBP: 00007f647d741090 R08: 0000000000000000 R09: 0000000000000000
[  167.372393][T11067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.380363][T11067] R13: 0000000000000000 R14: 00007f647f2c5fa0 R15: 00007ffe38814798
[  167.388407][T11067]  </TASK>
[  167.394043][T11060] netlink: 'syz.5.2211': attribute type 1 has an invalid length.
[  167.425729][   T29] audit: type=1326 audit(1736315828.661:9502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11070 comm="syz.0.2215" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f647f0d5d29 code=0x0
[  167.465872][   T29] audit: type=1326 audit(1736315828.698:9503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.5.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  167.487742][T11078] FAULT_INJECTION: forcing a failure.
[  167.487742][T11078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.496147][   T29] audit: type=1326 audit(1736315828.698:9504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.5.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  167.502676][T11078] CPU: 1 UID: 0 PID: 11078 Comm: syz.5.2218 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  167.526044][   T29] audit: type=1326 audit(1736315828.698:9505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.5.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  167.536745][T11078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.536763][T11078] Call Trace:
[  167.536771][T11078]  <TASK>
[  167.536779][T11078]  dump_stack_lvl+0xf2/0x150
[  167.560703][   T29] audit: type=1326 audit(1736315828.698:9506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.5.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  167.570726][T11078]  dump_stack+0x15/0x1a
[  167.574013][   T29] audit: type=1326 audit(1736315828.698:9507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.5.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  167.576944][T11078]  should_fail_ex+0x223/0x230
[  167.576975][T11078]  should_fail+0xb/0x10
[  167.581592][   T29] audit: type=1326 audit(1736315828.698:9508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.5.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  167.604998][T11078]  should_fail_usercopy+0x1a/0x20
[  167.605040][T11078]  _copy_from_user+0x1e/0xb0
[  167.605074][T11078]  move_addr_to_kernel+0x82/0x120
[  167.609257][   T29] audit: type=1326 audit(1736315828.698:9509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.5.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  167.632753][T11078]  __sys_connect+0x67/0x1b0
[  167.632787][T11078]  __x64_sys_connect+0x41/0x50
[  167.637446][   T29] audit: type=1326 audit(1736315828.698:9510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.5.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb4d1a5d29 code=0x7ffc0000
[  167.641609][T11078]  x64_sys_call+0x22a7/0x2dc0
[  167.740979][T11078]  do_syscall_64+0xc9/0x1c0
[  167.745509][T11078]  ? clear_bhb_loop+0x55/0xb0
[  167.750199][T11078]  ? clear_bhb_loop+0x55/0xb0
[  167.754958][T11078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.760944][T11078] RIP: 0033:0x7fbb4d1a5d29
[  167.765364][T11078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.784988][T11078] RSP: 002b:00007fbb4b817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  167.793465][T11078] RAX: ffffffffffffffda RBX: 00007fbb4d395fa0 RCX: 00007fbb4d1a5d29
[  167.801602][T11078] RDX: 0000000000000010 RSI: 00000000200004c0 RDI: 0000000000000003
[  167.809631][T11078] RBP: 00007fbb4b817090 R08: 0000000000000000 R09: 0000000000000000
[  167.817672][T11078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.825647][T11078] R13: 0000000000000000 R14: 00007fbb4d395fa0 R15: 00007ffe3a120508
[  167.833641][T11078]  </TASK>
[  167.964497][T11096] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2222'.
[  167.968310][T11098] batadv_slave_1: entered promiscuous mode
[  167.980347][T11098] batadv_slave_1: left promiscuous mode
[  168.019694][T11105] batadv_slave_1: entered promiscuous mode
[  168.025926][T11105] batadv_slave_1: left promiscuous mode
[  168.031623][T11105] FAULT_INJECTION: forcing a failure.
[  168.031623][T11105] name failslab, interval 1, probability 0, space 0, times 0
[  168.044322][T11105] CPU: 1 UID: 0 PID: 11105 Comm: syz.5.2227 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  168.055212][T11105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  168.065281][T11105] Call Trace:
[  168.068640][T11105]  <TASK>
[  168.071643][T11105]  dump_stack_lvl+0xf2/0x150
[  168.076327][T11105]  dump_stack+0x15/0x1a
[  168.080548][T11105]  should_fail_ex+0x223/0x230
[  168.085263][T11105]  should_failslab+0x8f/0xb0
[  168.089953][T11105]  kmem_cache_alloc_node_noprof+0x59/0x320
[  168.095832][T11105]  ? __alloc_skb+0x10b/0x310
[  168.100452][T11105]  __alloc_skb+0x10b/0x310
[  168.104938][T11105]  rtmsg_ifinfo_build_skb+0x63/0x1b0
[  168.110332][T11105]  rtmsg_ifinfo+0x6b/0x100
[  168.114847][T11105]  __dev_notify_flags+0x75/0x1a0
[  168.119853][T11105]  __dev_set_promiscuity+0x105/0x340
[  168.125163][T11105]  ? __dev_remove_pack+0x120/0x140
[  168.130290][T11105]  dev_set_promiscuity+0x3b/0x90
[  168.135319][T11105]  packet_release+0x2fb/0x7f0
[  168.140093][T11105]  sock_close+0x68/0x150
[  168.144377][T11105]  ? __pfx_sock_close+0x10/0x10
[  168.149298][T11105]  __fput+0x17a/0x6d0
[  168.153417][T11105]  ____fput+0x1c/0x30
[  168.157406][T11105]  task_work_run+0x13a/0x1a0
[  168.162061][T11105]  syscall_exit_to_user_mode+0xa8/0x120
[  168.167630][T11105]  do_syscall_64+0xd6/0x1c0
[  168.172157][T11105]  ? clear_bhb_loop+0x55/0xb0
[  168.176845][T11105]  ? clear_bhb_loop+0x55/0xb0
[  168.181552][T11105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.187538][T11105] RIP: 0033:0x7fbb4d1a5d29
[  168.191959][T11105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.211612][T11105] RSP: 002b:00007fbb4b817038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  168.220231][T11105] RAX: 0000000000000000 RBX: 00007fbb4d395fa0 RCX: 00007fbb4d1a5d29
[  168.228541][T11105] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[  168.236515][T11105] RBP: 00007fbb4b817090 R08: 0000000000000000 R09: 0000000000000000
[  168.244555][T11105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.252541][T11105] R13: 0000000000000000 R14: 00007fbb4d395fa0 R15: 00007ffe3a120508
[  168.260522][T11105]  </TASK>
[  168.298333][T11111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2230'.
[  168.312383][T11113] loop5: detected capacity change from 0 to 164
[  168.317929][T11111] bond0: (slave batadv0): Releasing backup interface
[  168.678357][T11139] loop5: detected capacity change from 0 to 512
[  168.701253][T11140] loop0: detected capacity change from 0 to 512
[  168.839523][T11143] SELinux: failed to load policy
[  168.856560][T11145] loop1: detected capacity change from 0 to 1024
[  168.870238][T11145] EXT4-fs: Ignoring removed orlov option
[  168.883185][T11147] loop3: detected capacity change from 0 to 128
[  168.891361][T11147] vfat: Unknown parameter '1844674407370955161501777777777777777777777'
[  168.911971][T11145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.328344][T11173] hub 9-0:1.0: USB hub found
[  169.339001][T11173] hub 9-0:1.0: 8 ports detected
[  169.530954][T11197] loop5: detected capacity change from 0 to 128
[  169.538831][T11197] vfat: Unknown parameter '1844674407370955161501777777777777777777777'
[  169.651939][T11208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.675257][T11208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.700079][T11213] netlink: 'syz.3.2263': attribute type 10 has an invalid length.
[  169.833921][T11218] loop0: detected capacity change from 0 to 512
[  169.843010][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.065863][T11237] hub 9-0:1.0: USB hub found
[  170.071017][T11237] hub 9-0:1.0: 8 ports detected
[  170.116982][T11241] loop1: detected capacity change from 0 to 512
[  170.126045][T11241] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  170.152386][T11241] EXT4-fs (loop1): 1 truncate cleaned up
[  170.159066][T11241] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.173108][T11241] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.288330][T11254] loop2: detected capacity change from 0 to 512
[  170.312168][T11254] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.2280: Failed to acquire dquot type 1
[  170.344442][T11254] EXT4-fs (loop2): 1 truncate cleaned up
[  170.355984][T11259] bridge0: port 1(vlan0) entered blocking state
[  170.362364][T11259] bridge0: port 1(vlan0) entered disabled state
[  170.369610][T11254] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.382444][T11259] vlan0: entered allmulticast mode
[  170.390942][T11254] ext4 filesystem being mounted at /494/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.404909][T11260] loop5: detected capacity change from 0 to 512
[  170.411831][T11259] vlan0: left allmulticast mode
[  170.507060][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.599129][T11276] FAULT_INJECTION: forcing a failure.
[  170.599129][T11276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.604478][T11278] loop3: detected capacity change from 0 to 512
[  170.612374][T11276] CPU: 1 UID: 0 PID: 11276 Comm: syz.0.2287 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  170.620214][T11278] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  170.629215][T11276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  170.629234][T11276] Call Trace:
[  170.629242][T11276]  <TASK>
[  170.629252][T11276]  dump_stack_lvl+0xf2/0x150
[  170.660008][T11276]  dump_stack+0x15/0x1a
[  170.664362][T11276]  should_fail_ex+0x223/0x230
[  170.669073][T11276]  should_fail+0xb/0x10
[  170.673300][T11276]  should_fail_usercopy+0x1a/0x20
[  170.675262][T11278] EXT4-fs (loop3): 1 truncate cleaned up
[  170.678344][T11276]  _copy_from_user+0x1e/0xb0
[  170.688621][T11276]  __se_sys_mount_setattr+0x1a6/0x1330
[  170.694198][T11276]  __x64_sys_mount_setattr+0x67/0x80
[  170.699537][T11276]  x64_sys_call+0x2c0c/0x2dc0
[  170.704329][T11276]  do_syscall_64+0xc9/0x1c0
[  170.706803][T11278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.708862][T11276]  ? clear_bhb_loop+0x55/0xb0
[  170.725608][T11276]  ? clear_bhb_loop+0x55/0xb0
[  170.730316][T11276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.736313][T11276] RIP: 0033:0x7f647f0d5d29
[  170.740748][T11276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.755889][T11278] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.760463][T11276] RSP: 002b:00007f647d741038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba
[  170.760492][T11276] RAX: ffffffffffffffda RBX: 00007f647f2c5fa0 RCX: 00007f647f0d5d29
[  170.785863][T11276] RDX: 0000000000000000 RSI: 0000000020001d80 RDI: 0000000000000005
[  170.793875][T11276] RBP: 00007f647d741090 R08: 0000000000000020 R09: 0000000000000000
[  170.801871][T11276] R10: 0000000020001dc0 R11: 0000000000000246 R12: 0000000000000001
[  170.809921][T11276] R13: 0000000000000000 R14: 00007f647f2c5fa0 R15: 00007ffe38814798
[  170.817916][T11276]  </TASK>
[  170.974754][T11294] loop2: detected capacity change from 0 to 2048
[  170.994296][T11294] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  171.058862][T11300] loop5: detected capacity change from 0 to 512
[  171.096923][T11300] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.2297: Failed to acquire dquot type 1
[  171.128121][T11300] EXT4-fs (loop5): 1 truncate cleaned up
[  171.134296][T11300] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.169471][T11300] ext4 filesystem being mounted at /450/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.215743][T11306] loop3: detected capacity change from 0 to 512
[  171.262102][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.425833][T11319] loop2: detected capacity change from 0 to 128
[  171.432590][T11319] vfat: Unknown parameter '1844674407370955161501777777777777777777777'
[  171.447546][T11321] loop5: detected capacity change from 0 to 512
[  171.492796][T11327] loop0: detected capacity change from 0 to 512
[  171.500261][T11327] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  171.500697][T11321] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.512219][T11327] EXT4-fs (loop0): 1 truncate cleaned up
[  171.528720][T11327] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.532863][T11321] ext4 filesystem being mounted at /453/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.542237][T11327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.556862][T11321] EXT4-fs warning (device loop5): ext4_group_add:1716: Can't resize non-sparse filesystem further
[  171.584802][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.669121][T11332] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2305'.
[  171.689874][T11343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.704443][T11343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  172.025514][T11368] loop1: detected capacity change from 0 to 512
[  172.047559][T11368] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.060232][T11368] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.072646][T11368] EXT4-fs warning (device loop1): ext4_group_add:1716: Can't resize non-sparse filesystem further
[  172.120238][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.209386][T11385] loop5: detected capacity change from 0 to 1024
[  172.216863][T11385] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  172.260304][T11385] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.278624][T11385] 9pnet_fd: Insufficient options for proto=fd
[  172.289435][T11385] lo speed is unknown, defaulting to 1000
[  172.295848][T11385] lo speed is unknown, defaulting to 1000
[  172.301923][T11385] lo speed is unknown, defaulting to 1000
[  172.302273][T11385] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  172.302867][T11385] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  172.308682][T11385] lo speed is unknown, defaulting to 1000
[  172.333025][T11385] lo speed is unknown, defaulting to 1000
[  172.339238][T11385] lo speed is unknown, defaulting to 1000
[  172.345447][T11385] lo speed is unknown, defaulting to 1000
[  172.351715][T11385] lo speed is unknown, defaulting to 1000
[  172.378419][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.406442][T11397] loop5: detected capacity change from 0 to 512
[  172.421796][T11397] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.2328: Failed to acquire dquot type 1
[  172.436568][T11397] EXT4-fs (loop5): 1 truncate cleaned up
[  172.444184][T11397] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.456942][T11397] ext4 filesystem being mounted at /462/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.504065][ T4337] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.745367][T11413] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2334'.
[  172.793893][   T29] kauditd_printk_skb: 227 callbacks suppressed
[  172.793948][   T29] audit: type=1326 audit(1736315833.689:9732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  172.835468][   T29] audit: type=1326 audit(1736315833.717:9733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  172.859047][   T29] audit: type=1326 audit(1736315833.717:9734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  172.882586][   T29] audit: type=1326 audit(1736315833.717:9735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  172.906249][   T29] audit: type=1326 audit(1736315833.717:9736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  172.929835][   T29] audit: type=1326 audit(1736315833.717:9737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  172.953648][   T29] audit: type=1326 audit(1736315833.717:9738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  172.977465][   T29] audit: type=1326 audit(1736315833.717:9739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  173.001089][   T29] audit: type=1326 audit(1736315833.717:9740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  173.024994][   T29] audit: type=1326 audit(1736315833.717:9741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11414 comm="syz.3.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d86355d29 code=0x7ffc0000
[  173.730775][T11454] loop5: detected capacity change from 0 to 164
[  174.445926][T11478] loop1: detected capacity change from 0 to 512
[  174.541536][T11480] loop0: detected capacity change from 0 to 164
[  174.608994][T11484] loop0: detected capacity change from 0 to 164
[  174.673330][T11486] loop3: detected capacity change from 0 to 512
[  174.689175][T11486] EXT4-fs: Ignoring removed bh option
[  174.705115][T11486] journal_path: Non-blockdev passed as './bus'
[  174.711363][T11486] EXT4-fs: error: could not find journal device path
[  174.851868][T11496] loop0: detected capacity change from 0 to 512
[  174.901563][T11501] loop2: detected capacity change from 0 to 512
[  174.927611][T11501] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  174.973083][T11501] EXT4-fs (loop2): 1 truncate cleaned up
[  174.979125][T11501] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.017572][T11501] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.300456][T11533] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.319361][T11533] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.724778][T11545] loop0: detected capacity change from 0 to 128
[  175.735709][T11545] vfat: Unknown parameter '1844674407370955161501777777777777777777777'
[  175.911287][T11553] loop3: detected capacity change from 0 to 512
[  175.959229][T11554] loop0: detected capacity change from 0 to 2048
[  175.976209][T11554] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  175.981225][T11555] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2386'.
[  176.124916][T11556] ==================================================================
[  176.133053][T11556] BUG: KCSAN: data-race in try_to_migrate_one / vms_clear_ptes
[  176.140793][T11556] 
[  176.143125][T11556] write to 0xffff888115ae6af8 of 8 bytes by task 11557 on cpu 0:
[  176.150856][T11556]  vms_clear_ptes+0x1a7/0x300
[  176.155553][T11556]  vms_complete_munmap_vmas+0x16c/0x470
[  176.161152][T11556]  do_vmi_align_munmap+0x344/0x390
[  176.166277][T11556]  do_vmi_munmap+0x1eb/0x230
[  176.170878][T11556]  do_munmap+0x8b/0xc0
[  176.174967][T11556]  __se_sys_mremap+0x916/0xf10
[  176.179747][T11556]  __x64_sys_mremap+0x67/0x80
[  176.184436][T11556]  x64_sys_call+0x27e8/0x2dc0
[  176.189123][T11556]  do_syscall_64+0xc9/0x1c0
[  176.193653][T11556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.199574][T11556] 
[  176.201905][T11556] read to 0xffff888115ae6af8 of 8 bytes by task 11556 on cpu 1:
[  176.209546][T11556]  try_to_migrate_one+0x775/0x12e0
[  176.214673][T11556]  rmap_walk_anon+0x28f/0x440
[  176.219360][T11556]  try_to_migrate+0x11f/0x150
[  176.224046][T11556]  migrate_pages_batch+0x76a/0x1910
[  176.229266][T11556]  migrate_pages+0xff1/0x1820
[  176.233967][T11556]  __se_sys_mbind+0xf79/0x1160
[  176.238741][T11556]  __x64_sys_mbind+0x78/0x90
[  176.243338][T11556]  x64_sys_call+0x2662/0x2dc0
[  176.248028][T11556]  do_syscall_64+0xc9/0x1c0
[  176.252540][T11556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.258459][T11556] 
[  176.260783][T11556] value changed: 0x0000000000001eb6 -> 0x0000000000001ed6
[  176.267895][T11556] 
[  176.270219][T11556] Reported by Kernel Concurrency Sanitizer on:
[  176.276371][T11556] CPU: 1 UID: 0 PID: 11556 Comm: syz.0.2385 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  176.287199][T11556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  176.297612][T11556] ==================================================================