last executing test programs:

2m23.32348178s ago: executing program 3 (id=571):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000000)="a8", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x2, @loopback, 0x3}, 0x1c)
recvmmsg(r0, &(0x7f0000003880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002340)=""/1, 0x1}, 0x3}], 0x1, 0x40010002, 0x0)

2m23.198290442s ago: executing program 3 (id=574):
r0 = socket$netlink(0x10, 0x3, 0xa)
sendmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400000a00120002002800", 0x24}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000010000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='mm_page_alloc\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2m23.156309543s ago: executing program 3 (id=575):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x840)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
mount$tmpfs(0x0, 0x0, &(0x7f0000000280), 0x40e06, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYRES16=r1], 0xa4}, 0x1, 0x0, 0x0, 0x48804}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
truncate(&(0x7f0000000140)='./file2\x00', 0x5c00)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0xffffffff, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)

2m23.022951425s ago: executing program 3 (id=579):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup2(r1, r1)
connect$pppl2tp(r2, &(0x7f00000000c0)=@pppol2tp={0xa, 0x1, {0xffff0000, 0xffffffffffffffff, {0x2, 0x0, @remote}, 0x0, 0x0, 0x2}}, 0x26)
getpeername$packet(r2, 0x0, &(0x7f0000000d40))
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0))
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
kexec_load(0x0, 0x0, &(0x7f0000000900), 0x0)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f0000000380), &(0x7f00000003c0)=r6}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20001f, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@delalloc}]}, 0x3, 0x54f, &(0x7f0000000600)="$eJzs3dFvW1cZAPDv3sSx02VLNvYACFgZg4KqOo27VdMeYDwhhCYh9ghSFxI3qmrXUe2MJfSh+x+QmMQL8MgfgOBtT7zzguCNl/GANKACNRNINbrX14mbxq1LnDjEv590dc851/Z3znXvPfbX1ieAqXU+Iu5GxFxEvBMRi0V7UmzxZm/LHnf/3p213Xt31pLodt/+e5Ifz9pi4DmZZ4rXrETE974V8cPk0bjt7Z2bq41G/XYv5Pxyp7m53N7euXSjubpR36jfqtWurly9/PqV12rjGehMxEvNuaLy+Y9+f/drP866tVC09MdxSFePpPd6pb04mdmI+M6Y40zKTDGeuf/t6eM+3TylNCJeiIiX8+t/MWbydxMAOMu63cXoLg7WAYCzLs1zYElaLXIBC5Gm1Wovh/dinEsbrXbn4vXW1q31Xq5sKUrp9RuN+uUiV7gUpSSrr+Tl/XrtQP1KRDwfET8pz+f16lqrsT7JDz4AMMWeOTD//6vcm/8BgDOu8nB1aVL9AABOTmXSHQAATpz5HwCmj/kfAKaP+R8Apo/5HwCmj/kfAKbKd996K9u6u8XvX6+/u711s/XupfV6+2a1ubVWXWvd3qxutFob+W/2NJ/0eo1Wa3Pl1dh6b+nrm+3Ocnt751qztXWrcy3/Xe9r9dKJjAoAeJznX/rwT0lE3H1jPsoxn7f113IwV8PZlk66A8DEzEy6A8DEWO0LptcRvuNLD8AZkS/E+qBYFOSQ45WIIjs4YMhjh/BRA06ZC5/Zz/9nW8j/w9QYyP/7V8AwZeT/YXr5Ug7Tq9tNRl3zP0Z9IABwusnxA8nhzS8U+18Vfznwg/WDj/jgOHsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1t//d9qlPO1wBciTavViGcjYilKyfUbjfrliHguIv5YLpWz+sqE+wwAHFX616RY/+vC4isLB4/OJZ+U831E/Ohnb//0vdVO5/YfsvZ/7LV3Pijaa08dfH48YwAAHqc/T+f7gS/y9+/dWetvJ9mfj78ZEZVe/N17c7G7F382ZvN9JUoRce6fSVHvSQZyF0dx9/2IuPKbIuKgfxcrJPdWPj0YP4v97Ljif/qw85/EQp6D6cdPH4qf5sd6++xcfGoMfYFp82F2/3nzsOsvjfP5vn/9xYO96+/nvbbZMcQv7n/ZS63t5vfA/fj9+9/MkPvf+VFjvPq7b/dKj37d+vj9iM/ORvRjZ1t/Leh+/GRI/FdGCX4+4s+f+8LLww53fxFxIR6Ovx9hv7TcaW4ut7d3Lt1orm7UN+q3arWrK1cvv37ltdpynqNeHj4b/O2Ni88NO5aN/9yQ+JUnjP/Lo4w/In75n3e+/8XHxP/qlw6Ln8aLj4mfzYlfGTH+6rlfV4Ydy+KvDxn/k97/iyPG/+gvO48sGw4ATE57e+fmaqNRv50VylEU9lqOp9D/IHESsU5XoRSnohv/R4X+n5VeS1Ya8em/jWPpT3noO/iNh1ruF/0+htMyF0/1rG53sCUZ9bQMu2OMI+sGnAZ7F31EfDLpzgAAAAAAAAAAAAAAAIc6vv+/le61THqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF3/DQAA///Xj86C")
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2012024, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x1e, 0x4, 0x0)

2m22.481186923s ago: executing program 3 (id=588):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="005e27ad8cb39e1e32044f000000000000000000000000000000000004004ed9732da2a3d0dbd7eed787c7c89124d02b23602a54df4dae873722c7685c6170ab78b4bbe33b2ad5d20fd0eb064c85798767b02a421c", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xf, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000495"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000000), &(0x7f0000000140)=r1}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000000)={0x3, 0xfd, {0x1, 0x29, 0x0, 0x2, 0x7, 0x60, 0x1, 0xffffffff, 0x1}})
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x98\xb0\x00\xb0=\\\'\xc8w\xfc8=\xa5X`\x00\xff\xea\x00\x02\x00\x00\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = epoll_create1(0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f00000000c0)={0xe000001a})

2m21.981417691s ago: executing program 3 (id=597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x6, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed7f0000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mount(0x0, &(0x7f00000006c0)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x4014, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)

2m21.969922622s ago: executing program 32 (id=597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x6, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed7f0000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mount(0x0, &(0x7f00000006c0)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x4014, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)

2.50737348s ago: executing program 5 (id=3196):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="11000009000000000000000000000000000000000000000080000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x802)
r3 = dup(r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000000000000dfbffffff030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)
ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000380)={0x80, 0x6, 0xf00, 0x0, 0x0, 0x0, 0x0})
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x18020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r9}, 0x10)
socketpair(0xb, 0x6, 0x0, &(0x7f00000002c0))
recvfrom$unix(r3, &(0x7f0000000240), 0x0, 0x40000020, 0x0, 0x0)
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)=""/62, 0x8c)

2.370070032s ago: executing program 5 (id=3200):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x800000, 0x0, 0x0, 0x0, 0xfffffffd}, 0x3}, [{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x20}, {}, {}, {0x0, 0x0, 0x800}, {}, {0x0, 0x0, 0x5c2, 0x0, 0x0, 0x23}, {0x0, 0x0, 0x0, 0x8}, {0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffe, 0xffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xd8}, {0x0, 0x9}, {}, {0x0, 0x0, 0x0, 0x6, 0xc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {0x2000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x20000}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {0x80000000}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x5}, {0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x1000000}, {}, {0x1}, {0x1, 0xfffffffd}, {0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xff}, {}, {0x0, 0x0, 0x8, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x2000}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0xfffffffc, 0x0, 0x4}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x633}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0xb8}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x3}, {}, {}, {0x1000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0xaef4}, {}, {0x0, 0x3}, {}, {}, {0x0, 0xa24}, {0x0, 0x0, 0x0, 0xeb9}, {0xff}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, {0xffffffff}, {0x0, 0x0, 0x0, 0x4}, {0x100000}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1c4}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x81, 0x0, 0x0, 0xfffffffd}, {}, {0x9, 0xfffffffe}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x8, 0x0, 0x0, 0x0, 0x2000000}], [{}, {}, {}, {0x5}, {}, {}, {}, {0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x1}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x4}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x4, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x3}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x3}, {}, {}, {0x4}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}], 0x4}}, @TCA_PEDIT_KEYS_EX={0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0xf, 0x14, &(0x7f00000013c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000008af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2539659acbfc6f886c7b1af8ff00000000bfa100000000000007010000f8ffffff06d476648a36fcb702000008000000b703000000000020850000001800", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0xdc}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000001480)='kmem_cache_free\x00', r2}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x0)
close(r3)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0xfff5)
syz_genetlink_get_family_id$ipvs(&(0x7f0000001380), r1)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000011}, 0x40)
r5 = syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x0, &(0x7f0000000f40)=ANY=[], 0x5, 0x2c1, &(0x7f0000000a80)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRxC7UiKoCyc4MyBJGJhCYCoYu5pP4NLv4Udw40Y/wYBbQVedReXJ+5c/mIypTRX191sd7nnn3pt32ySbnHf7pfHwzv0kzs4fR5om0TqKo3iSxH60ovFVtAMA+O94kufxS15Eb5/nlQ0r263r3RkAcF2qz/9LffADAP9yH3z08Xu94+Nb72dZGi90H036SUSMH036Vb53Lz6PUdyNm9GNi4h8porfeff4VrSzwn68Op5O+kXl+NPv6/l7P0eU9YfRjf3V9YdZZaF+OunvxrORRe/ebrPVbjy/uv71FfXR78Rrryzs/yC68cNncT9GcSeK2nn9l4dZ9lb+9fkXnxTLFPVJK/p75XWl3BckAAAAAAAAAAAAAAAAAAAAAAC26yDLkqp9T9m/pxiq++/sXJT5g6yxv9yfp6pPmomq/kB50y1nmsc3TX+dm1mW5fWF8/p2vNj2YAEAAAAAAAAAAAAAAAAAAAAonDx8fGMwGt19cPLwdFgEt+vEfOQSQdMNoPlZ/yXLZ8HRwsjLcToc7KyfcG/ztRa7DRR7ferF0W7/tZuwaXA2G3mm2M/Wl9iL2ciHUQXNwWx1referCY9HQ6yOtXc5OEg+bO10ubgvl1MdeKqG8vLP4mLfPlM09lWl6s6W7obnRsrU7/leb7ZPG/8VJ7RXj2SlC02Nlt9tw5WvsAiSIuzSGf/+EXqu/UTrn3L2LnaOw4AAAAAAAAAAAAAAAAAALDO/Ee/K5JnTy1tXdumAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBvNn/+fxOkEbE88odgWhevuubXH6tcPdKJByf/5OsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+H3AAAA//8c41ca")
prctl$PR_SET_NAME(0xf, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000016c0)=ANY=[@ANYBLOB="640000087a7d15f1a52884774f603bea113de841799b83060670a06cbfb4645bbfaa398cbf3ab16581f10c871d2d2ca659d3b49438e02266c70132ce430661e412b31e23f03bc67b763a7fb02d9fdf9ae59737017a4474aa9e360b9d550c3b085a5b8ca9336dff44859cd431e4544d01b92148783e450c52fd80460ef1d6a4a76bb2d58aebcdb9ea034cae8ce7dfd8cff883f1b3b4b21e2fcd56e8f4f1fe9be1c26910cf1995f86de565cba383c553490a0f648f80", @ANYRES16=0x0, @ANYBLOB="040025bd7000ffdbdf2506000000060002000000000014001f00fe8000000000000000000000000000aa06001a004e2200000c001600070000000000000008000c000200000006001d000500000008001100010000000800110000000000"], 0x64}, 0x1, 0x0, 0x0, 0x4040880}, 0x4000)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xc8, 0x110, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x300)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)

2.102042997s ago: executing program 2 (id=3210):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000180)={0x0, <r0=>0x0})
prlimit64(r0, 0x8, &(0x7f0000000780)={0x2, 0x5}, &(0x7f00000007c0))
sched_setaffinity(0x0, 0x0, 0x0)
io_setup(0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
unshare(0x26000400)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="ca1419605f4e85a9ec26ee20300733d61e7193626cafb1e15aa09fd0afd0416b87f8fad3970ac2ec6d894957b98444a4ecb85f0c2794cbce32c14e3d2a63daa9034e694825949522159c2e537cbb6eac1adc2c1ca4"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r8, 0x0, 0x8}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)

1.556842825s ago: executing program 5 (id=3218):
socket$inet6(0xa, 0x2, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
pwritev(r0, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020605000000000000000000000000001400078005001400090000000800124008001f000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x58}}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000040)={&(0x7f0000000280)=@caif=@dgm={0x25, 0x9, 0x9}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000580)="62042700590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7992570484d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0xda}, {&(0x7f0000000840)="294f28dfe56d2c8ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0106869a8049d2a44ce42557b2e72e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c5301001ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f5d6a9448c3206cff6d290b433f331c2399e99ee3bdecf5689eddc3e54908000000a933bbc47b65ca6e9d7efbee6e3b1dbe87313111e85336d6890002db17751b6044f964dc90ea466f90856112be7f0a54b39a3f66cc4c", 0x103}, {&(0x7f00000003c0)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdcea4714219a2d4c4b985418cc8fbcd2935f4e8b229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0bea0", 0xbf}], 0x3}, 0x8001)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="792dc08e055fe275704ddeed55b16a917cfe47b70f25bce410dc7d4b4fc2984f1a08b5e083ff5d7ee22643affd1f78a6ba7f60e92fa6040a26f5816ae28b4f4d86ed249629d38be89e712f11eddec6915bc621b886af59d01765bc0a1223580b841d395d9f9439a8b07e7cc29e478e16308f1d2a2ddb", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='kmem_cache_free\x00', r4}, 0x18)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)

1.488910546s ago: executing program 5 (id=3220):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000659f10e7f1d83e462d708fd0a46a9d4c2de7b3aa0500000000000000000d0000000000000000236838930663f45f0c32c744615c57a4d8917ba0514927b2390e2a", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800005100000000000000ffffffffffffffed00", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x2040400)
r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsmount(r2, 0x1, 0x84)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x3}, 0x8)
sendto$inet(r3, &(0x7f0000000080)="ab", 0x34000, 0x4004815, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1b, 0x9b6f, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r4 = syz_open_procfs(0x0, &(0x7f0000001240)='net/igmp6\x00')
preadv(r4, &(0x7f0000001180)=[{&(0x7f0000000000)=""/4096, 0x1000}], 0x1, 0x163, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b7050000000000006110be00000000000fa000000000000095000000000000001f495ff727520cccddfad6fab92a770b445d050000006edc1b5613c5e35079725d19e88b662c2596b2f0b40aa9de45cf931a7ddaae7bdd97a9787684a5a6bbe879d6561715a194eb15d509b1837f6d317d12dd2c98f05e43aa14b3655a78009367bac65148a671b0ffd1c946b31202b7c73e0f1c5df29d57ed708602599a04fde318753c358d42ba7c52b4e20bc5c0e91fbc96da558c38891cd5bc38b6db9863a1273811976d15ba39fe2700"/214], &(0x7f00000002c0)='GPL\x00', 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000080), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
write$selinux_load(r5, &(0x7f0000000000)=ANY=[], 0x6000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfe96, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r7, 0x0, 0x9135}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="40000000100001040000003f0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e000100776972656775617264"], 0x40}, 0x1, 0xd}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
r9 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$SG_IO(r10, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

1.25306484s ago: executing program 1 (id=3229):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000019080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file1\x00'})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019200)={0x18, 0x5, 0x0, &(0x7f00000190c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mknod$loop(0x0, 0x1, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000019180)={&(0x7f00000192c0)=@newtaction={0x18, 0x30, 0x800, 0x70bd2b, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20040087}, 0x0)
socket(0x10, 0x803, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{0x0, 0x2c}], 0x1}, 0x24000440)

1.24711153s ago: executing program 2 (id=3230):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYRES32=r1], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4c081)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000cc0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd700000000000090000000e00010008657464657673696d0000000f0002006e657464657673696d30000008000300000000001eff090000000000"], 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_DEL(r4, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x58, r6, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @handle=@pci={{0x8}, {0x11}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x54}, 0x4)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001580)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
write$char_usb(r7, &(0x7f00000008c0)='-0', 0x2)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

1.23049746s ago: executing program 1 (id=3232):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r0}, 0x10)
shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)

1.206568581s ago: executing program 1 (id=3233):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x0, &(0x7f0000000000)={[{@acl}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x74, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='mm_page_free\x00', r1}, 0x10)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffc)
sendfile(r2, r2, 0x0, 0x800000009)

1.179289061s ago: executing program 2 (id=3234):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.015307364s ago: executing program 0 (id=3238):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="11000009000000000000000000000000000000000000000080000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x802)
r3 = dup(r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000000000000dfbffffff030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)
ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000380)={0x80, 0x6, 0xf00, 0x0, 0x0, 0x0, 0x0})
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x18020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r9}, 0x10)
socketpair(0xb, 0x6, 0x0, &(0x7f00000002c0))
recvfrom$unix(r3, &(0x7f0000000240), 0x0, 0x40000020, 0x0, 0x0)
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)=""/62, 0x8c)

998.578574ms ago: executing program 1 (id=3239):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xb}, 0x8081, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8f, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x6}, 0x18)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/diskstats\x00', 0x0, 0x0)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x7)

947.294435ms ago: executing program 2 (id=3241):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000180)={0x0, <r0=>0x0})
prlimit64(r0, 0x8, &(0x7f0000000780)={0x2, 0x5}, &(0x7f00000007c0))
sched_setaffinity(0x0, 0x0, 0x0)
io_setup(0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
unshare(0x26000400)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="ca1419605f4e85a9ec26ee20300733d61e7193626cafb1e15aa09fd0afd0416b87f8fad3970ac2ec6d894957b98444a4ecb85f0c2794cbce32c14e3d2a63daa9034e694825949522159c2e537cbb6eac1adc2c1ca4"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000000500000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r8, 0x0, 0x8}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)

922.349635ms ago: executing program 0 (id=3242):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000019080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file1\x00'})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019200)={0x18, 0x5, 0x0, &(0x7f00000190c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mknod$loop(0x0, 0x1, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000019180)={&(0x7f00000192c0)=@newtaction={0x18, 0x30, 0x800, 0x70bd2b, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20040087}, 0x0)
socket(0x10, 0x803, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[], 0x2c}], 0x1}, 0x24000440)

897.074945ms ago: executing program 0 (id=3244):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYRES32=r1], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4c081)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000cc0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd700000000000090000000e00010008657464657673696d0000000f0002006e657464657673696d30000008000300000000001eff090000000000"], 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_DEL(r4, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x58, r6, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @handle=@pci={{0x8}, {0x11}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x54}, 0x4)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001580)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
write$char_usb(r7, &(0x7f00000008c0)='-0', 0x2)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

878.708486ms ago: executing program 1 (id=3245):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r0}, 0x10)
shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)

849.514636ms ago: executing program 1 (id=3246):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e106000000000000000000000080000000000000", @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/25], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
ptrace(0x10, 0x0)
ptrace$pokeuser(0x6, 0x0, 0x358, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000480)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x42000000, 0x0, 0x80000, 0x0, 0x0, 0x0)

831.338627ms ago: executing program 0 (id=3248):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8f, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r1, 0x0, 0x6}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x8008551d, &(0x7f0000000040)=ANY=[@ANYBLOB="a0f9000002"])

740.472568ms ago: executing program 0 (id=3249):
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x34, r3, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x24004040}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

740.168048ms ago: executing program 4 (id=3250):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)

739.653828ms ago: executing program 4 (id=3251):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r0}, 0x10)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000640)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0xb}, 0x9, 0x2, 0x8, 0x401, 0xffffffffffffffff, 0x0, 0x2})

708.535279ms ago: executing program 0 (id=3252):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="11000009000000000000000000000000000000000000000080000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x802)
r3 = dup(r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000000000000dfbffffff030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)
ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000380)={0x80, 0x6, 0xf00, 0x0, 0x0, 0x0, 0x0})
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x18020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r9}, 0x10)
socketpair(0xb, 0x6, 0x0, &(0x7f00000002c0))
recvfrom$unix(r3, &(0x7f0000000240), 0x0, 0x40000020, 0x0, 0x0)
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)=""/62, 0x8c)

708.332069ms ago: executing program 4 (id=3253):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x0, 0x7, 0x3, 0x1005, 0x0, 0x10001, 0x0})

656.358879ms ago: executing program 4 (id=3254):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000019080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file1\x00'})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019200)={0x18, 0x5, 0x0, &(0x7f00000190c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mknod$loop(0x0, 0x1, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000019180)={&(0x7f00000192c0)=@newtaction={0x18, 0x30, 0x800, 0x70bd2b, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20040087}, 0x0)
socket(0x10, 0x803, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[], 0x2c}], 0x1}, 0x24000440)

120.634788ms ago: executing program 5 (id=3255):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xb}, 0x8081, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8f, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x6}, 0x18)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/diskstats\x00', 0x0, 0x0)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x7)

95.504679ms ago: executing program 4 (id=3256):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r0}, 0x10)
shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)

76.964389ms ago: executing program 2 (id=3257):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r0}, 0x10)
shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)

20.48928ms ago: executing program 5 (id=3258):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYRES32=r1], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4c081)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000cc0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd700000000000090000000e00010008657464657673696d0000000f0002006e657464657673696d30000008000300000000001eff090000000000"], 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_DEL(r4, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x58, r6, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @handle=@pci={{0x8}, {0x11}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x54}, 0x4)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001580)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
write$char_usb(r7, &(0x7f00000008c0)='-0', 0x2)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

9.22118ms ago: executing program 4 (id=3259):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8f, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r1, 0x0, 0x6}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x8008551d, &(0x7f0000000040)=ANY=[@ANYBLOB="a0f9000002"])

0s ago: executing program 2 (id=3260):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a300000000038000380340000802800018023000100118c7457ff8f99b8233ba7d81496e1da69279e989c73000065399ef6cd8d80000800034000000001"], 0xf0}}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d2, 0x0)
listen(r0, 0x3)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000000)=0x3, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000006340)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a35f2", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)
syz_emit_ethernet(0xae, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "010120", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96489269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000400260004000000"}, {0x1, 0x1, "fe906d17efe3"}]}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

4967295 subj=root:sysadm_r:sysadm_t pid=10678 comm="syz.5.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  174.687835][   T29] audit: type=1326 audit(1744889738.920:4432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10678 comm="syz.5.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  174.687864][   T29] audit: type=1326 audit(1744889738.920:4433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10678 comm="syz.5.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  174.735052][   T29] audit: type=1326 audit(1744889738.920:4434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10678 comm="syz.5.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  174.758998][   T29] audit: type=1326 audit(1744889738.920:4435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10678 comm="syz.5.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  174.782573][   T29] audit: type=1326 audit(1744889738.920:4436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10678 comm="syz.5.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  174.806337][   T29] audit: type=1326 audit(1744889738.920:4437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10678 comm="syz.5.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  174.869751][T10692] validate_nla: 4 callbacks suppressed
[  174.869772][T10692] netlink: 'syz.2.2583': attribute type 10 has an invalid length.
[  174.885951][T10692] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2583'.
[  174.945573][T10694] loop4: detected capacity change from 0 to 2048
[  175.037223][T10707] netlink: 'syz.2.2590': attribute type 10 has an invalid length.
[  175.045648][T10707] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2590'.
[  175.064776][T10694] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.094066][T10713] 9pnet_virtio: no channels available for device 127.0.0.1
[  175.101932][T10713] netlink: 'syz.2.2592': attribute type 39 has an invalid length.
[  175.141917][T10694] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  175.157433][T10694] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  175.170534][T10694] EXT4-fs (loop4): This should not happen!! Data will be lost
[  175.170534][T10694] 
[  175.180309][T10694] EXT4-fs (loop4): Total free blocks count 0
[  175.186627][T10694] EXT4-fs (loop4): Free/Dirty block details
[  175.193319][T10694] EXT4-fs (loop4): free_blocks=2415919104
[  175.193339][T10694] EXT4-fs (loop4): dirty_blocks=32
[  175.193354][T10694] EXT4-fs (loop4): Block reservation details
[  175.193364][T10694] EXT4-fs (loop4): i_reserved_data_blocks=2
[  175.215228][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.246004][T10722] loop1: detected capacity change from 0 to 2048
[  175.283453][T10722] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.396791][T10722] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  175.412753][T10722] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  175.425841][T10722] EXT4-fs (loop1): This should not happen!! Data will be lost
[  175.425841][T10722] 
[  175.435724][T10722] EXT4-fs (loop1): Total free blocks count 0
[  175.442094][T10722] EXT4-fs (loop1): Free/Dirty block details
[  175.448328][T10722] EXT4-fs (loop1): free_blocks=2415919104
[  175.459433][T10722] EXT4-fs (loop1): dirty_blocks=32
[  175.464657][T10722] EXT4-fs (loop1): Block reservation details
[  175.470704][T10722] EXT4-fs (loop1): i_reserved_data_blocks=2
[  175.501652][T10744] 9pnet_virtio: no channels available for device 127.0.0.1
[  175.526184][T10744] netlink: 'syz.0.2604': attribute type 39 has an invalid length.
[  175.568462][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.594175][T10746] loop5: detected capacity change from 0 to 1024
[  175.610548][T10746] EXT4-fs: Ignoring removed nobh option
[  175.617068][T10746] EXT4-fs: Ignoring removed bh option
[  175.657870][T10746] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.686693][T10770] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2614'.
[  175.691150][T10770] loop4: detected capacity change from 0 to 1024
[  175.701082][T10770] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  175.701114][T10770] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  175.702935][T10746] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.2606: Allocating blocks 385-513 which overlap fs metadata
[  175.706045][T10746] EXT4-fs (loop5): pa ffff8881069d1540: logic 16, phys. 129, len 24
[  175.706075][T10746] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  175.706711][T10746] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  175.706738][T10746] EXT4-fs (loop5): This should not happen!! Data will be lost
[  175.706738][T10746] 
[  175.706751][T10746] EXT4-fs (loop5): Total free blocks count 0
[  175.706765][T10746] EXT4-fs (loop5): Free/Dirty block details
[  175.706777][T10746] EXT4-fs (loop5): free_blocks=128
[  175.706792][T10746] EXT4-fs (loop5): dirty_blocks=0
[  175.706805][T10746] EXT4-fs (loop5): Block reservation details
[  175.706889][T10746] EXT4-fs (loop5): i_reserved_data_blocks=0
[  175.729028][T10770] JBD2: no valid journal superblock found
[  175.729045][T10770] EXT4-fs (loop4): Could not load journal inode
[  175.732146][T10770] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  176.055103][T10782] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.063990][T10782] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.101229][T10794] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2625'.
[  176.129032][T10794] loop1: detected capacity change from 0 to 1024
[  176.153215][T10794] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  176.164344][T10794] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  176.178313][T10794] JBD2: no valid journal superblock found
[  176.184151][T10794] EXT4-fs (loop1): Could not load journal inode
[  176.211425][T10794] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  176.290526][T10805] loop1: detected capacity change from 0 to 1024
[  176.299524][T10805] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  176.308915][T10805] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  176.359723][T10805] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  176.378105][T10805] EXT4-fs (loop1): orphan cleanup on readonly fs
[  176.379286][T10811] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  176.402234][T10805] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  176.439450][T10805] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #3: comm syz.1.2629: mark_inode_dirty error
[  176.490999][T10805] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2629: Invalid block bitmap block 3 in block_group 0
[  176.526985][T10822] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  176.540118][T10805] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2629: Invalid block bitmap block 3 in block_group 0
[  176.555846][T10805] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2629: Invalid block bitmap block 3 in block_group 0
[  176.570161][T10805] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  176.581461][T10805] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #3: comm syz.1.2629: mark_inode_dirty error
[  176.595462][T10805] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 1: comm syz.1.2629: lblock 6 mapped to illegal pblock 1 (length 1)
[  176.643201][T10805] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 48: comm syz.1.2629: lblock 0 mapped to illegal pblock 48 (length 1)
[  176.659147][T10805] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.2629: Failed to acquire dquot type 0
[  176.671081][T10805] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 49: comm syz.1.2629: lblock 1 mapped to illegal pblock 49 (length 1)
[  176.690035][T10805] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.2629: Failed to acquire dquot type 0
[  176.698171][T10830] FAULT_INJECTION: forcing a failure.
[  176.698171][T10830] name failslab, interval 1, probability 0, space 0, times 0
[  176.702280][T10805] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  176.714736][T10830] CPU: 1 UID: 0 PID: 10830 Comm: syz.2.2640 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  176.714811][T10830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  176.714827][T10830] Call Trace:
[  176.714836][T10830]  <TASK>
[  176.714846][T10830]  dump_stack_lvl+0xf6/0x150
[  176.714877][T10830]  dump_stack+0x15/0x1a
[  176.714897][T10830]  should_fail_ex+0x261/0x270
[  176.714939][T10830]  should_failslab+0x8f/0xb0
[  176.714978][T10830]  kmem_cache_alloc_noprof+0x59/0x340
[  176.715059][T10830]  ? audit_log_start+0x37f/0x6e0
[  176.715096][T10830]  audit_log_start+0x37f/0x6e0
[  176.715123][T10830]  ? audit_log_end+0x1d0/0x1e0
[  176.715157][T10830]  audit_seccomp+0x4b/0x130
[  176.715216][T10830]  __seccomp_filter+0x694/0x10e0
[  176.715255][T10830]  ? __perf_event_task_sched_out+0x13c/0xf00
[  176.715281][T10830]  ? __list_add_valid_or_report+0x38/0xe0
[  176.715326][T10830]  ? _raw_spin_unlock+0x26/0x50
[  176.715438][T10830]  __secure_computing+0x7e/0x160
[  176.715474][T10830]  syscall_trace_enter+0xcf/0x1f0
[  176.715594][T10830]  do_syscall_64+0xaa/0x1c0
[  176.715660][T10830]  ? clear_bhb_loop+0x25/0x80
[  176.715760][T10830]  ? clear_bhb_loop+0x25/0x80
[  176.715788][T10830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.715815][T10830] RIP: 0033:0x7f01a9febb7c
[  176.715833][T10830] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  176.715856][T10830] RSP: 002b:00007f01a864f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  176.715879][T10830] RAX: ffffffffffffffda RBX: 00007f01aa205fa0 RCX: 00007f01a9febb7c
[  176.715952][T10830] RDX: 000000000000000f RSI: 00007f01a864f0a0 RDI: 0000000000000004
[  176.715966][T10830] RBP: 00007f01a864f090 R08: 0000000000000000 R09: 0000000000000000
[  176.715980][T10830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.715995][T10830] R13: 0000000000000000 R14: 00007f01aa205fa0 R15: 00007ffcd7aa9b48
[  176.716020][T10830]  </TASK>
[  176.789546][T10828] FAULT_INJECTION: forcing a failure.
[  176.789546][T10828] name failslab, interval 1, probability 0, space 0, times 0
[  176.806770][T10805] EXT4-fs error (device loop1): ext4_evict_inode:259: inode #15: comm syz.1.2629: mark_inode_dirty error
[  176.811874][T10828] CPU: 1 UID: 0 PID: 10828 Comm: syz.4.2639 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  176.811909][T10828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  176.811925][T10828] Call Trace:
[  176.811933][T10828]  <TASK>
[  176.811944][T10828]  dump_stack_lvl+0xf6/0x150
[  176.811975][T10828]  dump_stack+0x15/0x1a
[  176.811994][T10828]  should_fail_ex+0x261/0x270
[  176.812028][T10828]  should_failslab+0x8f/0xb0
[  176.812075][T10828]  kmem_cache_alloc_noprof+0x59/0x340
[  176.812103][T10828]  ? vm_area_alloc+0x2c/0xb0
[  176.812127][T10828]  ? vma_merge_new_range+0x2df/0x340
[  176.812169][T10828]  vm_area_alloc+0x2c/0xb0
[  176.812193][T10828]  mmap_region+0x83e/0x1490
[  176.812247][T10828]  do_mmap+0x9ef/0xc80
[  176.812288][T10828]  vm_mmap_pgoff+0x16d/0x2d0
[  176.812327][T10828]  ksys_mmap_pgoff+0xd0/0x340
[  176.812367][T10828]  ? fpregs_assert_state_consistent+0x83/0xa0
[  176.812408][T10828]  x64_sys_call+0x1945/0x2e10
[  176.812436][T10828]  do_syscall_64+0xc9/0x1c0
[  176.812472][T10828]  ? clear_bhb_loop+0x25/0x80
[  176.812498][T10828]  ? clear_bhb_loop+0x25/0x80
[  176.812525][T10828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.812550][T10828] RIP: 0033:0x7f95adf5d1a3
[  176.812569][T10828] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  176.812591][T10828] RSP: 002b:00007f95ac5c6e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  176.812614][T10828] RAX: ffffffffffffffda RBX: 00000000000004fd RCX: 00007f95adf5d1a3
[  176.812629][T10828] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  176.812644][T10828] RBP: 0000200000000f42 R08: 00000000ffffffff R09: 0000000000000000
[  176.812659][T10828] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000006
[  176.812673][T10828] R13: 00007f95ac5c6ef0 R14: 00007f95ac5c6eb0 R15: 00002000000002c0
[  176.812697][T10828]  </TASK>
[  176.880782][T10836] netlink: 'syz.0.2642': attribute type 10 has an invalid length.
[  176.885804][T10805] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  176.890178][T10836] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2642'.
[  176.899136][T10805] EXT4-fs (loop1): 1 orphan inode deleted
[  177.182022][T10805] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  177.237147][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.285287][T10849] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  177.481833][T10867] loop1: detected capacity change from 0 to 256
[  177.500450][T10867] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  177.566116][T10876] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  177.604431][T10882] 9pnet_virtio: no channels available for device 127.0.0.1
[  177.614832][T10882] netlink: 'syz.4.2662': attribute type 39 has an invalid length.
[  177.754961][T10901] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2670'.
[  177.787636][T10901] loop4: detected capacity change from 0 to 1024
[  177.800683][T10901] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  177.811665][T10901] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  177.826133][T10901] JBD2: no valid journal superblock found
[  177.832232][T10901] EXT4-fs (loop4): Could not load journal inode
[  177.842731][T10905] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  177.860218][T10901] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  177.917325][T10911] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  177.932018][T10913] loop4: detected capacity change from 0 to 512
[  177.946635][T10913] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  177.954142][T10917] FAULT_INJECTION: forcing a failure.
[  177.954142][T10917] name failslab, interval 1, probability 0, space 0, times 0
[  177.969349][T10917] CPU: 0 UID: 0 PID: 10917 Comm: syz.1.2678 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  177.969379][T10917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.969394][T10917] Call Trace:
[  177.969401][T10917]  <TASK>
[  177.969408][T10917]  dump_stack_lvl+0xf6/0x150
[  177.969495][T10917]  dump_stack+0x15/0x1a
[  177.969511][T10917]  should_fail_ex+0x261/0x270
[  177.969608][T10917]  should_failslab+0x8f/0xb0
[  177.969640][T10917]  kmem_cache_alloc_noprof+0x59/0x340
[  177.969705][T10917]  ? audit_log_start+0x37f/0x6e0
[  177.969729][T10917]  audit_log_start+0x37f/0x6e0
[  177.969815][T10917]  ? strncpy_from_user_nofault+0xdb/0xe0
[  177.969838][T10917]  audit_seccomp+0x4b/0x130
[  177.969857][T10917]  __seccomp_filter+0x694/0x10e0
[  177.969911][T10917]  ? kmem_cache_free+0x15d/0x2e0
[  177.969931][T10917]  ? __fput+0x545/0x640
[  177.969952][T10917]  ? percpu_counter_add_batch+0xc6/0x140
[  177.969982][T10917]  __secure_computing+0x7e/0x160
[  177.970045][T10917]  syscall_trace_enter+0xcf/0x1f0
[  177.970076][T10917]  do_syscall_64+0xaa/0x1c0
[  177.970109][T10917]  ? clear_bhb_loop+0x25/0x80
[  177.970130][T10917]  ? clear_bhb_loop+0x25/0x80
[  177.970150][T10917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.970171][T10917] RIP: 0033:0x7fa34562bb7c
[  177.970185][T10917] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  177.970260][T10917] RSP: 002b:00007fa343c97030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  177.970277][T10917] RAX: ffffffffffffffda RBX: 00007fa345845fa0 RCX: 00007fa34562bb7c
[  177.970289][T10917] RDX: 000000000000000f RSI: 00007fa343c970a0 RDI: 0000000000000008
[  177.970301][T10917] RBP: 00007fa343c97090 R08: 0000000000000000 R09: 0000000000000000
[  177.970312][T10917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.970323][T10917] R13: 0000000000000000 R14: 00007fa345845fa0 R15: 00007ffea09f6b68
[  177.970341][T10917]  </TASK>
[  178.201245][T10913] EXT4-fs (loop4): 1 truncate cleaned up
[  178.221741][T10913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.234914][T10913] EXT4-fs error (device loop4): empty_inline_dir:1785: inode #12: block 7: comm syz.4.2676: bad entry in directory: inode out of bounds - offset=4, inode=16777215, rec_len=16, size=60 fake=0
[  178.270220][T10913] EXT4-fs warning (device loop4): empty_inline_dir:1792: bad inline directory (dir #12) - inode 16777215, rec_len 16, name_len 5inline size 60
[  178.309235][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.376124][T10938] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2687'.
[  178.390447][T10938] loop5: detected capacity change from 0 to 1024
[  178.403239][T10938] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  178.414973][T10938] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  178.441999][T10938] JBD2: no valid journal superblock found
[  178.448620][T10938] EXT4-fs (loop5): Could not load journal inode
[  178.465674][T10938] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  178.473074][T10944] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  178.536320][T10951] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  178.579859][T10955] loop5: detected capacity change from 0 to 512
[  178.609924][T10961] loop4: detected capacity change from 0 to 1024
[  178.623020][T10955] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  178.640597][T10955] EXT4-fs (loop5): 1 truncate cleaned up
[  178.650298][T10961] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  178.662926][T10955] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.676605][T10961] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  178.678976][T10955] EXT4-fs error (device loop5): empty_inline_dir:1785: inode #12: block 7: comm syz.5.2694: bad entry in directory: inode out of bounds - offset=4, inode=16777215, rec_len=16, size=60 fake=0
[  178.707909][T10955] EXT4-fs warning (device loop5): empty_inline_dir:1792: bad inline directory (dir #12) - inode 16777215, rec_len 16, name_len 5inline size 60
[  178.722822][T10961] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  178.730915][T10961] EXT4-fs (loop4): orphan cleanup on readonly fs
[  178.738640][T10961] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  178.750062][T10961] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #3: comm syz.4.2696: mark_inode_dirty error
[  178.765798][T10961] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.2696: Invalid block bitmap block 3 in block_group 0
[  178.766055][T10972] loop1: detected capacity change from 0 to 2048
[  178.793204][T10961] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.2696: Invalid block bitmap block 3 in block_group 0
[  178.812245][T10961] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.2696: Invalid block bitmap block 3 in block_group 0
[  178.827696][T10961] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  178.844268][T10961] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #3: comm syz.4.2696: mark_inode_dirty error
[  178.849262][T10977] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  178.877684][ T5142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.890433][T10972] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.907169][T10961] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 1: comm syz.4.2696: lblock 6 mapped to illegal pblock 1 (length 1)
[  178.922010][T10972] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  178.946365][T10961] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 48: comm syz.4.2696: lblock 0 mapped to illegal pblock 48 (length 1)
[  178.972562][T10972] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  178.984484][T10961] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.2696: Failed to acquire dquot type 0
[  178.985198][T10972] EXT4-fs (loop1): This should not happen!! Data will be lost
[  178.985198][T10972] 
[  179.007148][T10972] EXT4-fs (loop1): Total free blocks count 0
[  179.013368][T10972] EXT4-fs (loop1): Free/Dirty block details
[  179.019453][T10972] EXT4-fs (loop1): free_blocks=2415919104
[  179.025411][T10972] EXT4-fs (loop1): dirty_blocks=32
[  179.030787][T10972] EXT4-fs (loop1): Block reservation details
[  179.037480][T10972] EXT4-fs (loop1): i_reserved_data_blocks=2
[  179.038488][T10961] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 49: comm syz.4.2696: lblock 1 mapped to illegal pblock 49 (length 1)
[  179.084585][T10961] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.2696: Failed to acquire dquot type 0
[  179.113607][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.122957][T10961] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  179.138425][T10961] EXT4-fs error (device loop4): ext4_evict_inode:259: inode #15: comm syz.4.2696: mark_inode_dirty error
[  179.150354][T10961] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  179.162590][T10996] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  179.193832][T10961] EXT4-fs (loop4): 1 orphan inode deleted
[  179.203012][T10961] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  179.220539][T11001] loop5: detected capacity change from 0 to 512
[  179.230892][T11001] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  179.254134][T11001] EXT4-fs (loop5): 1 truncate cleaned up
[  179.288435][T11001] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.302890][T11001] EXT4-fs error (device loop5): empty_inline_dir:1785: inode #12: block 7: comm syz.5.2715: bad entry in directory: inode out of bounds - offset=4, inode=16777215, rec_len=16, size=60 fake=0
[  179.326376][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.337240][T11009] __nla_validate_parse: 1 callbacks suppressed
[  179.337257][T11009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2717'.
[  179.338025][T11001] EXT4-fs warning (device loop5): empty_inline_dir:1792: bad inline directory (dir #12) - inode 16777215, rec_len 16, name_len 5inline size 60
[  179.414233][T11009] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  179.430690][ T5142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.499841][T11026] loop5: detected capacity change from 0 to 2048
[  179.523550][T11032] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  179.596426][T11026] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  179.617457][T11026] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  179.629813][T11026] EXT4-fs (loop5): This should not happen!! Data will be lost
[  179.629813][T11026] 
[  179.640620][T11026] EXT4-fs (loop5): Total free blocks count 0
[  179.646982][T11026] EXT4-fs (loop5): Free/Dirty block details
[  179.652950][T11026] EXT4-fs (loop5): free_blocks=2415919104
[  179.658699][T11026] EXT4-fs (loop5): dirty_blocks=32
[  179.664665][T11026] EXT4-fs (loop5): Block reservation details
[  179.670800][T11026] EXT4-fs (loop5): i_reserved_data_blocks=2
[  179.678974][T11046] xt_connbytes: Forcing CT accounting to be enabled
[  179.704237][T11046] Cannot find set identified by id 0 to match
[  179.729038][T11053] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2736'.
[  179.760842][T11053] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  179.774403][T11057] 9pnet_virtio: no channels available for device 127.0.0.1
[  179.809473][T11057] netlink: 'syz.4.2738': attribute type 39 has an invalid length.
[  179.865846][T11067] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  180.403395][T11083] loop1: detected capacity change from 0 to 2048
[  180.479048][T11090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2752'.
[  180.521705][T11090] loop4: detected capacity change from 0 to 1024
[  180.541676][T11083] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  180.563019][T11090] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  180.574255][T11090] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  180.673927][T11083] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  180.687026][T11083] EXT4-fs (loop1): This should not happen!! Data will be lost
[  180.687026][T11083] 
[  180.697290][T11083] EXT4-fs (loop1): Total free blocks count 0
[  180.703342][T11083] EXT4-fs (loop1): Free/Dirty block details
[  180.709266][T11083] EXT4-fs (loop1): free_blocks=2415919104
[  180.715768][T11083] EXT4-fs (loop1): dirty_blocks=32
[  180.720914][T11083] EXT4-fs (loop1): Block reservation details
[  180.727016][T11083] EXT4-fs (loop1): i_reserved_data_blocks=2
[  180.747454][T11090] JBD2: no valid journal superblock found
[  180.753287][T11090] EXT4-fs (loop4): Could not load journal inode
[  180.798793][T11101] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  180.816347][T11090] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  181.080640][T11117] loop5: detected capacity change from 0 to 1024
[  181.091674][T11117] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  181.108574][T11117] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  181.121939][T11117] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  181.140121][T11117] EXT4-fs (loop5): orphan cleanup on readonly fs
[  181.153285][T11117] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  181.165740][T11117] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.2764: mark_inode_dirty error
[  181.179125][T11117] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2764: Invalid block bitmap block 3 in block_group 0
[  181.193835][   T29] kauditd_printk_skb: 162 callbacks suppressed
[  181.193851][   T29] audit: type=1326 audit(1744889745.540:4584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.229467][T11117] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2764: Invalid block bitmap block 3 in block_group 0
[  181.232409][   T29] audit: type=1326 audit(1744889745.570:4585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.253375][T11117] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2764: Invalid block bitmap block 3 in block_group 0
[  181.267121][   T29] audit: type=1326 audit(1744889745.570:4586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.286130][T11117] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  181.304043][   T29] audit: type=1326 audit(1744889745.570:4587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.349598][   T29] audit: type=1326 audit(1744889745.590:4588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.373373][   T29] audit: type=1326 audit(1744889745.590:4589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.397077][   T29] audit: type=1326 audit(1744889745.590:4590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.421008][   T29] audit: type=1326 audit(1744889745.590:4591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.444877][   T29] audit: type=1326 audit(1744889745.590:4592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.468512][   T29] audit: type=1326 audit(1744889745.590:4593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.0.2768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b1a2d169 code=0x7ffc0000
[  181.494406][T11117] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.2764: mark_inode_dirty error
[  181.513701][T11131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2770'.
[  181.527958][T11117] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm syz.5.2764: lblock 6 mapped to illegal pblock 1 (length 1)
[  181.553244][T11117] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 48: comm syz.5.2764: lblock 0 mapped to illegal pblock 48 (length 1)
[  181.567707][T11117] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.2764: Failed to acquire dquot type 0
[  181.580040][T11117] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 49: comm syz.5.2764: lblock 1 mapped to illegal pblock 49 (length 1)
[  181.594399][T11131] loop4: detected capacity change from 0 to 1024
[  181.619997][T11131] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  181.631033][T11131] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  181.664642][T11117] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.2764: Failed to acquire dquot type 0
[  181.676099][T11131] JBD2: no valid journal superblock found
[  181.681867][T11131] EXT4-fs (loop4): Could not load journal inode
[  181.708890][T11117] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  181.724980][T11131] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  181.754618][T11150] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2779'.
[  181.765231][T11117] EXT4-fs error (device loop5): ext4_evict_inode:259: inode #15: comm syz.5.2764: mark_inode_dirty error
[  181.777381][T11150] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  181.802440][T11117] EXT4-fs warning (device loop5): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  181.826296][T11117] EXT4-fs (loop5): 1 orphan inode deleted
[  181.939966][T11163] loop5: detected capacity change from 0 to 512
[  181.959984][T11163] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  181.988462][T11163] EXT4-fs (loop5): 1 truncate cleaned up
[  182.011541][T11163] EXT4-fs error (device loop5): empty_inline_dir:1785: inode #12: block 7: comm syz.5.2785: bad entry in directory: inode out of bounds - offset=4, inode=16777215, rec_len=16, size=60 fake=0
[  182.052873][T11163] EXT4-fs warning (device loop5): empty_inline_dir:1792: bad inline directory (dir #12) - inode 16777215, rec_len 16, name_len 5inline size 60
[  182.147607][T11154] loop4: detected capacity change from 0 to 256
[  182.472966][T11190] FAULT_INJECTION: forcing a failure.
[  182.472966][T11190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.486262][T11190] CPU: 1 UID: 0 PID: 11190 Comm: syz.5.2794 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  182.486390][T11190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  182.486405][T11190] Call Trace:
[  182.486413][T11190]  <TASK>
[  182.486422][T11190]  dump_stack_lvl+0xf6/0x150
[  182.486454][T11190]  dump_stack+0x15/0x1a
[  182.486552][T11190]  should_fail_ex+0x261/0x270
[  182.486584][T11190]  should_fail+0xb/0x10
[  182.486612][T11190]  should_fail_usercopy+0x1a/0x20
[  182.486690][T11190]  _copy_from_user+0x1c/0xa0
[  182.486727][T11190]  copy_msghdr_from_user+0x54/0x2b0
[  182.486771][T11190]  ? __fget_files+0x186/0x1c0
[  182.486803][T11190]  __sys_sendmsg+0x141/0x240
[  182.486963][T11190]  __x64_sys_sendmsg+0x46/0x50
[  182.486996][T11190]  x64_sys_call+0x26f3/0x2e10
[  182.487023][T11190]  do_syscall_64+0xc9/0x1c0
[  182.487110][T11190]  ? clear_bhb_loop+0x25/0x80
[  182.487136][T11190]  ? clear_bhb_loop+0x25/0x80
[  182.487156][T11190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.487176][T11190] RIP: 0033:0x7fbd6a54d169
[  182.487192][T11190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.487213][T11190] RSP: 002b:00007fbd68bb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.487235][T11190] RAX: ffffffffffffffda RBX: 00007fbd6a765fa0 RCX: 00007fbd6a54d169
[  182.487296][T11190] RDX: 0000000024008004 RSI: 0000200000000180 RDI: 0000000000000005
[  182.487307][T11190] RBP: 00007fbd68bb7090 R08: 0000000000000000 R09: 0000000000000000
[  182.487321][T11190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.487335][T11190] R13: 0000000000000000 R14: 00007fbd6a765fa0 R15: 00007fff4bda5578
[  182.487356][T11190]  </TASK>
[  182.873725][T11197] FAULT_INJECTION: forcing a failure.
[  182.873725][T11197] name failslab, interval 1, probability 0, space 0, times 0
[  182.886558][T11197] CPU: 0 UID: 0 PID: 11197 Comm: syz.5.2795 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  182.886590][T11197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  182.886605][T11197] Call Trace:
[  182.886614][T11197]  <TASK>
[  182.886623][T11197]  dump_stack_lvl+0xf6/0x150
[  182.886651][T11197]  dump_stack+0x15/0x1a
[  182.886684][T11197]  should_fail_ex+0x261/0x270
[  182.886717][T11197]  should_failslab+0x8f/0xb0
[  182.886809][T11197]  __kmalloc_cache_noprof+0x55/0x320
[  182.886837][T11197]  ? audit_log_d_path+0x8e/0x150
[  182.886866][T11197]  audit_log_d_path+0x8e/0x150
[  182.886890][T11197]  audit_log_d_path_exe+0x42/0x70
[  182.886926][T11197]  audit_log_task+0x1f1/0x250
[  182.886952][T11197]  audit_seccomp+0x68/0x130
[  182.886976][T11197]  __seccomp_filter+0x694/0x10e0
[  182.887065][T11197]  ? vfs_write+0x669/0x950
[  182.887104][T11197]  ? putname+0xe1/0x100
[  182.887126][T11197]  __secure_computing+0x7e/0x160
[  182.887159][T11197]  syscall_trace_enter+0xcf/0x1f0
[  182.887213][T11197]  ? fpregs_assert_state_consistent+0x83/0xa0
[  182.887254][T11197]  do_syscall_64+0xaa/0x1c0
[  182.887290][T11197]  ? clear_bhb_loop+0x25/0x80
[  182.887316][T11197]  ? clear_bhb_loop+0x25/0x80
[  182.887361][T11197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.887386][T11197] RIP: 0033:0x7fbd6a54bb7c
[  182.887401][T11197] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  182.887421][T11197] RSP: 002b:00007fbd68bb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  182.887443][T11197] RAX: ffffffffffffffda RBX: 00007fbd6a765fa0 RCX: 00007fbd6a54bb7c
[  182.887455][T11197] RDX: 000000000000000f RSI: 00007fbd68bb70a0 RDI: 0000000000000006
[  182.887466][T11197] RBP: 00007fbd68bb7090 R08: 0000000000000000 R09: 0000000000000000
[  182.887477][T11197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  182.887571][T11197] R13: 0000000000000000 R14: 00007fbd6a765fa0 R15: 00007fff4bda5578
[  182.887598][T11197]  </TASK>
[  183.241559][T11176] chnl_net:caif_netlink_parms(): no params data found
[  183.340726][T11212] x_tables: duplicate underflow at hook 2
[  183.423752][T11176] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.430932][T11176] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.472731][T11221] 9pnet_virtio: no channels available for device 127.0.0.1
[  183.500579][T11176] bridge_slave_0: entered allmulticast mode
[  183.516572][T11221] netlink: 'syz.4.2804': attribute type 39 has an invalid length.
[  183.531213][T11176] bridge_slave_0: entered promiscuous mode
[  183.574067][T11176] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.581241][T11176] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.609063][T11225] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  183.617602][T11176] bridge_slave_1: entered allmulticast mode
[  183.627412][T11176] bridge_slave_1: entered promiscuous mode
[  183.658154][T11176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  183.685249][T11176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  183.725632][T11176] team0: Port device team_slave_0 added
[  183.732920][T11176] team0: Port device team_slave_1 added
[  183.767574][T11176] batman_adv: batadv0: Adding interface: batadv_slave_0
[  183.779002][T11176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.805877][T11176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  183.827452][T11176] batman_adv: batadv0: Adding interface: batadv_slave_1
[  183.835257][T11176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.861729][T11176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  183.897341][T11236] loop5: detected capacity change from 0 to 512
[  183.916296][T11236] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  183.931958][T11236] EXT4-fs (loop5): 1 truncate cleaned up
[  183.932776][T11176] hsr_slave_0: entered promiscuous mode
[  183.944919][T11176] hsr_slave_1: entered promiscuous mode
[  183.956932][T11236] EXT4-fs error (device loop5): empty_inline_dir:1785: inode #12: block 7: comm syz.5.2810: bad entry in directory: inode out of bounds - offset=4, inode=16777215, rec_len=16, size=60 fake=0
[  184.008172][T11236] EXT4-fs warning (device loop5): empty_inline_dir:1792: bad inline directory (dir #12) - inode 16777215, rec_len 16, name_len 5inline size 60
[  184.111792][T11253] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  184.205395][T11261] loop5: detected capacity change from 0 to 2048
[  184.276931][T11176] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  184.333170][T11280] loop4: detected capacity change from 0 to 512
[  184.349160][T11176] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  184.357481][T11280] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  184.379855][T11282] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  184.394912][T11176] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  184.418347][T11176] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  184.439569][T11280] EXT4-fs (loop4): 1 truncate cleaned up
[  184.474749][T11280] EXT4-fs error (device loop4): empty_inline_dir:1785: inode #12: block 7: comm syz.4.2826: bad entry in directory: inode out of bounds - offset=4, inode=16777215, rec_len=16, size=60 fake=0
[  184.547501][T11280] EXT4-fs warning (device loop4): empty_inline_dir:1792: bad inline directory (dir #12) - inode 16777215, rec_len 16, name_len 5inline size 60
[  184.617649][T11176] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.659300][T11176] 8021q: adding VLAN 0 to HW filter on device team0
[  184.671692][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.678893][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.738748][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.745875][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.779200][T11303] loop5: detected capacity change from 0 to 2048
[  184.799039][T11305] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  184.872076][T11315] loop4: detected capacity change from 0 to 2048
[  184.915788][T11315] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  184.957297][T11176] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.968381][T11315] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  184.981611][T11315] EXT4-fs (loop4): This should not happen!! Data will be lost
[  184.981611][T11315] 
[  184.991353][T11315] EXT4-fs (loop4): Total free blocks count 0
[  184.998074][T11315] EXT4-fs (loop4): Free/Dirty block details
[  185.004677][T11315] EXT4-fs (loop4): free_blocks=2415919104
[  185.010469][T11315] EXT4-fs (loop4): dirty_blocks=32
[  185.015700][T11315] EXT4-fs (loop4): Block reservation details
[  185.021724][T11315] EXT4-fs (loop4): i_reserved_data_blocks=2
[  185.136578][T11340] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2846'.
[  185.161687][T11176] veth0_vlan: entered promiscuous mode
[  185.205324][T11176] veth1_vlan: entered promiscuous mode
[  185.232254][T11176] veth0_macvtap: entered promiscuous mode
[  185.261703][T11176] veth1_macvtap: entered promiscuous mode
[  185.276575][T11176] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.289032][T11176] batman_adv: batadv0: Interface activated: batadv_slave_1
[  185.302154][T11176] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.311150][T11176] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.320170][T11176] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.329603][T11176] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.534833][T11365] loop1: detected capacity change from 0 to 1024
[  185.576195][T11365] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  185.588341][T11365] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  185.607492][T11365] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  185.620674][T11365] EXT4-fs (loop1): orphan cleanup on readonly fs
[  185.634390][T11365] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  185.648018][T11365] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #3: comm syz.1.2858: mark_inode_dirty error
[  185.678214][T11365] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2858: Invalid block bitmap block 3 in block_group 0
[  185.692361][T11373] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  185.712548][T11365] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2858: Invalid block bitmap block 3 in block_group 0
[  185.728590][T11366] loop4: detected capacity change from 0 to 256
[  185.735960][T11365] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2858: Invalid block bitmap block 3 in block_group 0
[  185.760143][T11365] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  185.776877][T11365] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #3: comm syz.1.2858: mark_inode_dirty error
[  185.790505][T11365] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 1: comm syz.1.2858: lblock 6 mapped to illegal pblock 1 (length 1)
[  185.807675][T11365] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 48: comm syz.1.2858: lblock 0 mapped to illegal pblock 48 (length 1)
[  185.822638][T11365] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.2858: Failed to acquire dquot type 0
[  185.836470][T11365] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 49: comm syz.1.2858: lblock 1 mapped to illegal pblock 49 (length 1)
[  185.861180][T11365] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.2858: Failed to acquire dquot type 0
[  185.903409][T11365] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  185.915659][T11365] EXT4-fs error (device loop1): ext4_evict_inode:259: inode #15: comm syz.1.2858: mark_inode_dirty error
[  185.942608][T11365] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  185.964070][T11365] EXT4-fs (loop1): 1 orphan inode deleted
[  185.976673][T11368] loop5: detected capacity change from 0 to 256
[  186.117462][T11397] netlink: 'syz.1.2866': attribute type 10 has an invalid length.
[  186.126022][T11397] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2866'.
[  186.177454][T11384] chnl_net:caif_netlink_parms(): no params data found
[  186.266685][T11384] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.273890][T11384] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.284781][T11384] bridge_slave_0: entered allmulticast mode
[  186.291549][T11384] bridge_slave_0: entered promiscuous mode
[  186.299784][T11384] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.307435][T11384] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.316208][T11384] bridge_slave_1: entered allmulticast mode
[  186.322933][T11384] bridge_slave_1: entered promiscuous mode
[  186.356779][T11384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.367627][T11384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.404116][T11384] team0: Port device team_slave_0 added
[  186.411017][   T29] kauditd_printk_skb: 177 callbacks suppressed
[  186.411030][   T29] audit: type=1326 audit(1744889750.750:4759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.412623][T11384] team0: Port device team_slave_1 added
[  186.423385][   T29] audit: type=1326 audit(1744889750.770:4760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.457195][T11414] loop1: detected capacity change from 0 to 2048
[  186.473295][   T29] audit: type=1326 audit(1744889750.820:4761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.505291][   T29] audit: type=1326 audit(1744889750.820:4762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.528876][   T29] audit: type=1326 audit(1744889750.820:4763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.560159][   T29] audit: type=1326 audit(1744889750.850:4764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.587592][   T29] audit: type=1326 audit(1744889750.850:4765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.611226][   T29] audit: type=1326 audit(1744889750.850:4766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.635090][   T29] audit: type=1326 audit(1744889750.850:4767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.658679][   T29] audit: type=1326 audit(1744889750.850:4768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11415 comm="syz.4.2872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  186.701927][T11384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.709169][T11384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.735256][T11384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.760159][T11384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.767488][T11384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.794441][T11384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.888558][T11384] hsr_slave_0: entered promiscuous mode
[  186.900182][T11384] hsr_slave_1: entered promiscuous mode
[  186.906632][T11384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.914381][T11384] Cannot create hsr debugfs directory
[  186.926123][T11428] pim6reg1: entered promiscuous mode
[  186.931633][T11428] pim6reg1: entered allmulticast mode
[  187.088186][T11442] loop1: detected capacity change from 0 to 512
[  187.106768][T11442] EXT4-fs: Ignoring removed oldalloc option
[  187.134862][T11442] EXT4-fs error (device loop1): ext4_quota_enable:7126: inode #4: comm syz.1.2883: unexpected EA_INODE flag
[  187.147172][T11442] EXT4-fs error (device loop1): ext4_quota_enable:7129: comm syz.1.2883: Bad quota inode: 4, type: 1
[  187.158701][T11442] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  187.174075][T11442] EXT4-fs (loop1): mount failed
[  187.179126][T11436] loop5: detected capacity change from 0 to 256
[  187.208652][T11442] netlink: 'syz.1.2883': attribute type 10 has an invalid length.
[  187.217351][T11442] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2883'.
[  187.370288][T11384] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  187.380061][T11384] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  187.389082][T11384] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  187.398620][T11384] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  187.440452][T11384] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.455712][T11384] 8021q: adding VLAN 0 to HW filter on device team0
[  187.465488][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.472616][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.484754][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.491874][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.567059][T11384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  187.636516][T11384] veth0_vlan: entered promiscuous mode
[  187.645174][T11384] veth1_vlan: entered promiscuous mode
[  187.666500][T11384] veth0_macvtap: entered promiscuous mode
[  187.673776][T11384] veth1_macvtap: entered promiscuous mode
[  187.684081][T11384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.694608][T11384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.705747][T11384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.717355][T11384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.727926][T11384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.738613][T11384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.748985][T11384] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.758587][T11384] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.767346][T11384] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.776407][T11384] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.845127][T11467] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2886'.
[  188.173749][T11484] loop4: detected capacity change from 0 to 2048
[  188.296994][T11484] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  188.303622][T11478] FAULT_INJECTION: forcing a failure.
[  188.303622][T11478] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.313942][T11484] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  188.324861][T11478] CPU: 0 UID: 0 PID: 11478 Comm: syz.0.2891 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  188.324951][T11478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  188.325016][T11478] Call Trace:
[  188.325024][T11478]  <TASK>
[  188.325033][T11478]  dump_stack_lvl+0xf6/0x150
[  188.325060][T11478]  dump_stack+0x15/0x1a
[  188.325079][T11478]  should_fail_ex+0x261/0x270
[  188.325112][T11478]  should_fail+0xb/0x10
[  188.325204][T11478]  should_fail_usercopy+0x1a/0x20
[  188.325236][T11478]  _copy_from_user+0x1c/0xa0
[  188.325275][T11478]  copy_msghdr_from_user+0x54/0x2b0
[  188.325315][T11478]  ? __fget_files+0x186/0x1c0
[  188.325403][T11478]  do_recvmmsg+0x24d/0x6e0
[  188.325454][T11478]  __x64_sys_recvmmsg+0xe4/0x170
[  188.325487][T11478]  x64_sys_call+0x1b90/0x2e10
[  188.325514][T11478]  do_syscall_64+0xc9/0x1c0
[  188.325564][T11478]  ? clear_bhb_loop+0x25/0x80
[  188.325594][T11478]  ? clear_bhb_loop+0x25/0x80
[  188.325622][T11478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.325660][T11478] RIP: 0033:0x7f42fd1bd169
[  188.325689][T11478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.325736][T11478] RSP: 002b:00007f42fb827038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  188.325765][T11478] RAX: ffffffffffffffda RBX: 00007f42fd3d5fa0 RCX: 00007f42fd1bd169
[  188.325781][T11478] RDX: 03fffffffffffeda RSI: 00002000000000c0 RDI: 0000000000000004
[  188.325796][T11478] RBP: 00007f42fb827090 R08: 0000000000000000 R09: 0000000000000000
[  188.325811][T11478] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  188.325825][T11478] R13: 0000000000000000 R14: 00007f42fd3d5fa0 R15: 00007ffc51850bb8
[  188.325848][T11478]  </TASK>
[  188.371210][T11475] chnl_net:caif_netlink_parms(): no params data found
[  188.375206][T11484] EXT4-fs (loop4): This should not happen!! Data will be lost
[  188.375206][T11484] 
[  188.533517][T11484] EXT4-fs (loop4): Total free blocks count 0
[  188.539530][T11484] EXT4-fs (loop4): Free/Dirty block details
[  188.546263][T11484] EXT4-fs (loop4): free_blocks=2415919104
[  188.551991][T11484] EXT4-fs (loop4): dirty_blocks=32
[  188.557263][T11484] EXT4-fs (loop4): Block reservation details
[  188.563367][T11484] EXT4-fs (loop4): i_reserved_data_blocks=2
[  188.627028][T11475] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.634376][T11475] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.641753][T11475] bridge_slave_0: entered allmulticast mode
[  188.648727][T11475] bridge_slave_0: entered promiscuous mode
[  188.660091][T11475] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.667328][T11475] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.674814][T11475] bridge_slave_1: entered allmulticast mode
[  188.681514][T11475] bridge_slave_1: entered promiscuous mode
[  188.712006][T11475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.733240][T11475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.760635][T11475] team0: Port device team_slave_0 added
[  188.773980][T11475] team0: Port device team_slave_1 added
[  188.812870][T10459] page_pool_release_retry() stalled pool shutdown: id 34, 1 inflight 60 sec
[  188.827224][T11475] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.834290][T11475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.860297][T11475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.883337][T11475] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.890442][T11475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.917265][T11475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.940583][T11501] loop4: detected capacity change from 0 to 256
[  188.966578][T11475] hsr_slave_0: entered promiscuous mode
[  188.985414][T11475] hsr_slave_1: entered promiscuous mode
[  188.991674][T11475] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  189.000389][T11475] Cannot create hsr debugfs directory
[  189.285765][T11527] netlink: 'syz.2.2904': attribute type 1 has an invalid length.
[  189.311330][T11475] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  189.340935][T11475] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  189.810936][T11475] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  189.850970][T11475] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  189.931821][T11533] netlink: 'syz.5.2906': attribute type 27 has an invalid length.
[  190.160577][T11475] 8021q: adding VLAN 0 to HW filter on device bond0
[  190.217914][T11475] 8021q: adding VLAN 0 to HW filter on device team0
[  190.335155][  T559] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.342397][  T559] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.430493][  T559] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.437878][  T559] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.607190][T11574] netlink: 'syz.0.2920': attribute type 10 has an invalid length.
[  190.615130][T11574] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2920'.
[  190.755784][T11475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.896443][T11475] veth0_vlan: entered promiscuous mode
[  190.920692][T11475] veth1_vlan: entered promiscuous mode
[  190.944794][T11475] veth0_macvtap: entered promiscuous mode
[  190.955607][T11475] veth1_macvtap: entered promiscuous mode
[  190.968488][T11475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.979195][T11475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.989057][T11475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.999538][T11475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.014495][T11475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  191.029145][T11475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.039754][T11475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.050426][T11475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.065234][T11475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.081223][T11475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  191.090634][T11568] loop5: detected capacity change from 0 to 256
[  191.234783][T11475] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.243782][T11475] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.252506][T11475] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.261551][T11475] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.933395][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  191.933416][   T29] audit: type=1400 audit(1744889756.200:4809): avc:  denied  { write } for  pid=11475 comm="syz-executor" name="cgroup.procs" dev="cgroup" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:net_conf_t:s0"
[  191.967184][   T29] audit: type=1400 audit(1744889756.200:4810): avc:  denied  { open } for  pid=11475 comm="syz-executor" path="/syzcgroup/cpu/syz1/cgroup.procs" dev="cgroup" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:net_conf_t:s0"
[  192.561629][T11646] 9pnet_virtio: no channels available for device 127.0.0.1
[  192.583011][T11646] netlink: 'syz.4.2944': attribute type 39 has an invalid length.
[  192.635395][T11651] loop5: detected capacity change from 0 to 1024
[  192.656582][T11653] 9pnet_virtio: no channels available for device 127.0.0.1
[  192.663941][T11651] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  192.680299][T11651] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  192.695721][T11653] netlink: 'syz.4.2947': attribute type 39 has an invalid length.
[  192.724192][T11651] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  192.751122][T11651] EXT4-fs (loop5): orphan cleanup on readonly fs
[  192.779221][T11666] FAULT_INJECTION: forcing a failure.
[  192.779221][T11666] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.792629][T11666] CPU: 0 UID: 0 PID: 11666 Comm: syz.1.2952 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  192.792661][T11666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  192.792676][T11666] Call Trace:
[  192.792685][T11666]  <TASK>
[  192.792694][T11666]  dump_stack_lvl+0xf6/0x150
[  192.792832][T11666]  dump_stack+0x15/0x1a
[  192.792853][T11666]  should_fail_ex+0x261/0x270
[  192.792886][T11666]  should_fail+0xb/0x10
[  192.792980][T11666]  should_fail_usercopy+0x1a/0x20
[  192.793015][T11666]  _copy_to_user+0x20/0xa0
[  192.793055][T11666]  simple_read_from_buffer+0xb2/0x130
[  192.793155][T11666]  proc_fail_nth_read+0x103/0x140
[  192.793175][T11666]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  192.793192][T11666]  vfs_read+0x1b2/0x710
[  192.793221][T11666]  ? __rcu_read_unlock+0x4e/0x70
[  192.793255][T11666]  ? __fget_files+0x186/0x1c0
[  192.793310][T11666]  ksys_read+0xeb/0x1b0
[  192.793385][T11666]  __x64_sys_read+0x42/0x50
[  192.793416][T11666]  x64_sys_call+0x2a3b/0x2e10
[  192.793437][T11666]  do_syscall_64+0xc9/0x1c0
[  192.793544][T11666]  ? clear_bhb_loop+0x25/0x80
[  192.793567][T11666]  ? clear_bhb_loop+0x25/0x80
[  192.793593][T11666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.793618][T11666] RIP: 0033:0x7fe2181fbb7c
[  192.793636][T11666] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  192.793657][T11666] RSP: 002b:00007fe216867030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  192.793690][T11666] RAX: ffffffffffffffda RBX: 00007fe218415fa0 RCX: 00007fe2181fbb7c
[  192.793705][T11666] RDX: 000000000000000f RSI: 00007fe2168670a0 RDI: 0000000000000006
[  192.793791][T11666] RBP: 00007fe216867090 R08: 0000000000000000 R09: 0000000000000000
[  192.793805][T11666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.793819][T11666] R13: 0000000000000000 R14: 00007fe218415fa0 R15: 00007fffcee9cfa8
[  192.793841][T11666]  </TASK>
[  192.802169][T11651] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  193.010477][T11671] FAULT_INJECTION: forcing a failure.
[  193.010477][T11671] name failslab, interval 1, probability 0, space 0, times 0
[  193.023974][T11671] CPU: 1 UID: 0 PID: 11671 Comm: syz.0.2955 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  193.024006][T11671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  193.024097][T11671] Call Trace:
[  193.024106][T11671]  <TASK>
[  193.024113][T11671]  dump_stack_lvl+0xf6/0x150
[  193.024164][T11671]  dump_stack+0x15/0x1a
[  193.024207][T11671]  should_fail_ex+0x261/0x270
[  193.024245][T11671]  should_failslab+0x8f/0xb0
[  193.024282][T11671]  kmem_cache_alloc_lru_noprof+0x5e/0x330
[  193.024311][T11671]  ? hugetlbfs_alloc_inode+0xbc/0x100
[  193.024402][T11671]  hugetlbfs_alloc_inode+0xbc/0x100
[  193.024436][T11671]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  193.024477][T11671]  alloc_inode+0x40/0x170
[  193.024566][T11671]  new_inode+0x1e/0xe0
[  193.024583][T11671]  hugetlbfs_get_inode+0x7d/0x380
[  193.024714][T11671]  hugetlb_file_setup+0x188/0x3c0
[  193.024743][T11671]  ksys_mmap_pgoff+0x174/0x340
[  193.024812][T11671]  x64_sys_call+0x1945/0x2e10
[  193.024838][T11671]  do_syscall_64+0xc9/0x1c0
[  193.024875][T11671]  ? clear_bhb_loop+0x25/0x80
[  193.024900][T11671]  ? clear_bhb_loop+0x25/0x80
[  193.024970][T11671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.024996][T11671] RIP: 0033:0x7f42fd1bd169
[  193.025012][T11671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.025032][T11671] RSP: 002b:00007f42fb827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  193.025054][T11671] RAX: ffffffffffffffda RBX: 00007f42fd3d5fa0 RCX: 00007f42fd1bd169
[  193.025068][T11671] RDX: 0000000002000002 RSI: 0000000000c00000 RDI: 0000200000000000
[  193.025082][T11671] RBP: 00007f42fb827090 R08: ffffffffffffffff R09: 00000000aba00000
[  193.025097][T11671] R10: 0000000000042073 R11: 0000000000000246 R12: 0000000000000001
[  193.025137][T11671] R13: 0000000000000000 R14: 00007f42fd3d5fa0 R15: 00007ffc51850bb8
[  193.025155][T11671]  </TASK>
[  193.025919][T11651] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.2945: mark_inode_dirty error
[  193.230193][T11651] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2945: Invalid block bitmap block 3 in block_group 0
[  193.244638][T11651] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2945: Invalid block bitmap block 3 in block_group 0
[  193.258482][T11651] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2945: Invalid block bitmap block 3 in block_group 0
[  193.272571][T11651] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  193.282640][T11651] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.2945: mark_inode_dirty error
[  193.296634][T11651] Quota error (device loop5): write_blk: dquota write failed
[  193.304214][T11651] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm syz.5.2945: lblock 6 mapped to illegal pblock 1 (length 1)
[  193.326562][T11651] Quota error (device loop5): write_blk: dquota write failed
[  193.334047][T11651] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  193.347693][T11651] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 48: comm syz.5.2945: lblock 0 mapped to illegal pblock 48 (length 1)
[  193.383424][T11651] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  193.392277][T11651] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.2945: Failed to acquire dquot type 0
[  193.406075][T11651] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 49: comm syz.5.2945: lblock 1 mapped to illegal pblock 49 (length 1)
[  193.432657][T11651] Quota error (device loop5): do_insert_tree: Can't read tree quota block 1
[  193.441428][T11651] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  193.451541][T11651] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.2945: Failed to acquire dquot type 0
[  193.466852][T11651] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  193.477000][T11651] EXT4-fs error (device loop5): ext4_evict_inode:259: inode #15: comm syz.5.2945: mark_inode_dirty error
[  193.490509][T11651] EXT4-fs warning (device loop5): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  193.500808][T11651] EXT4-fs (loop5): 1 orphan inode deleted
[  193.509093][T11651] EXT4-fs mount: 24 callbacks suppressed
[  193.509111][T11651] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  193.592824][ T5142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.602519][T11695] loop4: detected capacity change from 0 to 2048
[  193.685415][T11695] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.822124][   T29] audit: type=1326 audit(1744889758.160:4811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11694 comm="syz.4.2964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  193.846595][   T29] audit: type=1326 audit(1744889758.160:4812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11694 comm="syz.4.2964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f95adf5d169 code=0x7ffc0000
[  193.933731][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.470219][T11721] FAULT_INJECTION: forcing a failure.
[  194.470219][T11721] name failslab, interval 1, probability 0, space 0, times 0
[  194.500390][T11721] CPU: 1 UID: 0 PID: 11721 Comm: syz.2.2972 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  194.500442][T11721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  194.500457][T11721] Call Trace:
[  194.500465][T11721]  <TASK>
[  194.500473][T11721]  dump_stack_lvl+0xf6/0x150
[  194.500502][T11721]  dump_stack+0x15/0x1a
[  194.500518][T11721]  should_fail_ex+0x261/0x270
[  194.500548][T11721]  should_failslab+0x8f/0xb0
[  194.500726][T11721]  __kmalloc_noprof+0xad/0x410
[  194.500752][T11721]  ? genl_family_rcv_msg_attrs_parse+0x75/0x1a0
[  194.500874][T11721]  ? __pfx_genl_rcv_msg+0x10/0x10
[  194.500914][T11721]  genl_family_rcv_msg_attrs_parse+0x75/0x1a0
[  194.500960][T11721]  genl_rcv_msg+0x486/0x6f0
[  194.501075][T11721]  ? __pfx_cgroupstats_user_cmd+0x10/0x10
[  194.501103][T11721]  ? __dev_queue_xmit+0xb76/0x20b0
[  194.501138][T11721]  ? ref_tracker_free+0x3b8/0x420
[  194.501235][T11721]  netlink_rcv_skb+0x12f/0x230
[  194.501264][T11721]  ? __pfx_genl_rcv_msg+0x10/0x10
[  194.501311][T11721]  genl_rcv+0x28/0x40
[  194.501351][T11721]  netlink_unicast+0x605/0x6c0
[  194.501375][T11721]  netlink_sendmsg+0x609/0x720
[  194.501421][T11721]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.501452][T11721]  __sock_sendmsg+0x140/0x180
[  194.501474][T11721]  ____sys_sendmsg+0x350/0x4e0
[  194.501574][T11721]  __sys_sendmsg+0x1a0/0x240
[  194.501623][T11721]  __x64_sys_sendmsg+0x46/0x50
[  194.501683][T11721]  x64_sys_call+0x26f3/0x2e10
[  194.501710][T11721]  do_syscall_64+0xc9/0x1c0
[  194.501747][T11721]  ? clear_bhb_loop+0x25/0x80
[  194.501773][T11721]  ? clear_bhb_loop+0x25/0x80
[  194.501825][T11721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.501850][T11721] RIP: 0033:0x7f93839bd169
[  194.501869][T11721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.501959][T11721] RSP: 002b:00007f938201f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.501981][T11721] RAX: ffffffffffffffda RBX: 00007f9383bd5fa0 RCX: 00007f93839bd169
[  194.501996][T11721] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 000000000000000b
[  194.502011][T11721] RBP: 00007f938201f090 R08: 0000000000000000 R09: 0000000000000000
[  194.502025][T11721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.502067][T11721] R13: 0000000000000000 R14: 00007f9383bd5fa0 R15: 00007ffd126aa908
[  194.502087][T11721]  </TASK>
[  194.817094][T11726] loop1: detected capacity change from 0 to 512
[  194.850141][T11726] EXT4-fs: user quota file already specified
[  195.034918][T11732] loop5: detected capacity change from 0 to 128
[  195.049729][T11729] loop4: detected capacity change from 0 to 512
[  195.083016][T11729] EXT4-fs: Ignoring removed oldalloc option
[  195.159575][T11729] EXT4-fs error (device loop4): ext4_quota_enable:7126: inode #4: comm syz.4.2974: unexpected EA_INODE flag
[  195.184152][T11744] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2980'.
[  195.202730][T11744] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2980'.
[  195.211827][T11729] EXT4-fs error (device loop4): ext4_quota_enable:7129: comm syz.4.2974: Bad quota inode: 4, type: 1
[  195.237946][T11729] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  195.276128][T11729] EXT4-fs (loop4): mount failed
[  195.291251][T11729] netlink: 'syz.4.2974': attribute type 10 has an invalid length.
[  195.299313][T11729] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2974'.
[  195.346598][T11752] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2984'.
[  195.382587][T11752] batadv1: entered allmulticast mode
[  195.457713][T11750] netlink: 'kfree': attribute type 10 has an invalid length.
[  195.469665][T11755] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2985'.
[  195.481662][T11750] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.496791][T11750] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  195.765865][T11770] netlink: 272 bytes leftover after parsing attributes in process `syz.2.2991'.
[  195.871068][T11778] 9pnet_virtio: no channels available for device 127.0.0.1
[  195.917224][T11778] netlink: 'syz.4.2995': attribute type 39 has an invalid length.
[  196.328208][T11800] loop1: detected capacity change from 0 to 512
[  196.343786][T11802] loop5: detected capacity change from 0 to 512
[  196.395516][T11802] EXT4-fs: Ignoring removed oldalloc option
[  196.419756][T11800] EXT4-fs: Ignoring removed orlov option
[  196.444140][T11802] EXT4-fs error (device loop5): ext4_quota_enable:7126: inode #4: comm syz.5.3003: unexpected EA_INODE flag
[  196.500732][T11802] EXT4-fs error (device loop5): ext4_quota_enable:7129: comm syz.5.3003: Bad quota inode: 4, type: 1
[  196.520281][T11800] EXT4-fs error (device loop1): ext4_orphan_get:1390: inode #15: comm syz.1.2997: casefold flag without casefold feature
[  196.536069][T11802] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  196.554834][T11802] EXT4-fs (loop5): mount failed
[  196.565840][T11800] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.2997: couldn't read orphan inode 15 (err -117)
[  196.582196][T11800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.604830][T11802] netlink: 'syz.5.3003': attribute type 10 has an invalid length.
[  196.612778][T11802] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3003'.
[  196.706238][T11812] loop4: detected capacity change from 0 to 2048
[  196.738629][T11812] ext2: Unknown parameter 'fowner>18446744073709551615'
[  197.407641][T11821] 9pnet_virtio: no channels available for device 127.0.0.1
[  197.434635][T11821] netlink: 'syz.5.3009': attribute type 39 has an invalid length.
[  197.865450][T11838] netlink: 'syz.2.3015': attribute type 10 has an invalid length.
[  197.873766][T11838] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3015'.
[  197.900930][T11835] FAULT_INJECTION: forcing a failure.
[  197.900930][T11835] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  197.914265][T11835] CPU: 1 UID: 0 PID: 11835 Comm: syz.4.3016 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  197.914295][T11835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  197.914342][T11835] Call Trace:
[  197.914351][T11835]  <TASK>
[  197.914359][T11835]  dump_stack_lvl+0xf6/0x150
[  197.914388][T11835]  dump_stack+0x15/0x1a
[  197.914407][T11835]  should_fail_ex+0x261/0x270
[  197.914443][T11835]  should_fail_alloc_page+0xfd/0x110
[  197.914484][T11835]  __alloc_frozen_pages_noprof+0x11d/0x360
[  197.914523][T11835]  alloc_pages_mpol+0xb6/0x260
[  197.914554][T11835]  alloc_pages_noprof+0xe8/0x130
[  197.914663][T11835]  pte_alloc_one+0x2f/0x110
[  197.914706][T11835]  __do_fault+0x79/0x200
[  197.914731][T11835]  handle_mm_fault+0xe9b/0x2e80
[  197.914781][T11835]  exc_page_fault+0x296/0x6a0
[  197.914813][T11835]  ? selinux_file_open+0x356/0x3c0
[  197.914844][T11835]  asm_exc_page_fault+0x26/0x30
[  197.914894][T11835] RIP: 0010:__import_iovec+0x136/0x540
[  197.914917][T11835] Code: e2 6d ff 4c 89 ef e8 59 0c 88 ff 49 c7 45 00 00 00 00 00 48 89 dd e9 03 03 00 00 4c 39 f3 0f 82 80 03 00 00 0f 01 cb 0f ae e8 <4d> 8b 6e 08 49 8b 1e 45 31 e4 31 ff 4c 89 ee e8 a6 e6 6d ff 4d 85
[  197.914939][T11835] RSP: 0018:ffffc90001d37ba0 EFLAGS: 00050206
[  197.914957][T11835] RAX: 0000000000000000 RBX: 00007ffffffff000 RCX: ffff888109c1a100
[  197.914973][T11835] RDX: 0000000000000789 RSI: 0000200000000000 RDI: 00007ffffffff000
[  197.914988][T11835] RBP: ffffc90001d37d90 R08: ffffffff81e5b969 R09: 0000000000000000
[  197.915065][T11835] R10: 0001ffffffffffff R11: 0001c90001d37d00 R12: 0000000000000008
[  197.915088][T11835] R13: ffffc90001d37d00 R14: 0000200000000000 R15: ffffc90001d37cd8
[  197.915108][T11835]  ? __import_iovec+0x69/0x540
[  197.915203][T11835]  import_iovec+0xbc/0xd0
[  197.915227][T11835]  process_vm_rw+0xff/0x8a0
[  197.915328][T11835]  ? kstrtouint+0x7b/0xc0
[  197.915352][T11835]  ? kstrtouint_from_user+0xbf/0x100
[  197.915391][T11835]  ? __fget_files+0x186/0x1c0
[  197.915416][T11835]  ? fput+0x99/0xd0
[  197.915442][T11835]  ? ksys_write+0x180/0x1b0
[  197.915474][T11835]  __x64_sys_process_vm_writev+0x7a/0x90
[  197.915543][T11835]  x64_sys_call+0xaf3/0x2e10
[  197.915631][T11835]  do_syscall_64+0xc9/0x1c0
[  197.915667][T11835]  ? clear_bhb_loop+0x25/0x80
[  197.915691][T11835]  ? clear_bhb_loop+0x25/0x80
[  197.915717][T11835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.915791][T11835] RIP: 0033:0x7f95adf5d169
[  197.915805][T11835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.915822][T11835] RSP: 002b:00007f95ac5c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  197.915842][T11835] RAX: ffffffffffffffda RBX: 00007f95ae175fa0 RCX: 00007f95adf5d169
[  197.915899][T11835] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000000
[  197.915913][T11835] RBP: 00007f95ac5c7090 R08: 000000000000023a R09: 0000000000000000
[  197.915927][T11835] R10: 0000200000121000 R11: 0000000000000246 R12: 0000000000000001
[  197.915941][T11835] R13: 0000000000000000 R14: 00007f95ae175fa0 R15: 00007ffc767ed3d8
[  197.915965][T11835]  </TASK>
[  198.241650][   T29] kauditd_printk_skb: 96 callbacks suppressed
[  198.241669][   T29] audit: type=1400 audit(1744889762.580:4909): avc:  denied  { listen } for  pid=11842 comm="syz.0.3020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  198.287544][T11848] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3021'.
[  198.444751][T11865] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  198.471581][   T29] audit: type=1326 audit(1744889762.810:4910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.495223][   T29] audit: type=1326 audit(1744889762.810:4911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.519074][   T29] audit: type=1326 audit(1744889762.810:4912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.542622][   T29] audit: type=1326 audit(1744889762.810:4913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.566313][   T29] audit: type=1326 audit(1744889762.810:4914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.590161][   T29] audit: type=1326 audit(1744889762.810:4915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.613820][   T29] audit: type=1326 audit(1744889762.810:4916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.637489][   T29] audit: type=1326 audit(1744889762.810:4917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.661063][   T29] audit: type=1326 audit(1744889762.810:4918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.5.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  198.697029][T11475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.808609][T11880] FAULT_INJECTION: forcing a failure.
[  198.808609][T11880] name failslab, interval 1, probability 0, space 0, times 0
[  198.825814][T11880] CPU: 0 UID: 0 PID: 11880 Comm: syz.2.3033 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  198.825907][T11880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  198.825919][T11880] Call Trace:
[  198.825926][T11880]  <TASK>
[  198.825935][T11880]  dump_stack_lvl+0xf6/0x150
[  198.825964][T11880]  dump_stack+0x15/0x1a
[  198.825984][T11880]  should_fail_ex+0x261/0x270
[  198.826018][T11880]  should_failslab+0x8f/0xb0
[  198.826108][T11880]  __kmalloc_cache_noprof+0x55/0x320
[  198.826166][T11880]  ? rtm_new_nexthop+0x1586/0x4340
[  198.826205][T11880]  rtm_new_nexthop+0x1586/0x4340
[  198.826317][T11880]  ? nlmsg_notify+0xca/0x170
[  198.826346][T11880]  ? nlmsg_notify+0x12e/0x170
[  198.826375][T11880]  ? __rtnl_unlock+0x99/0xb0
[  198.826403][T11880]  ? netdev_run_todo+0x79c/0x800
[  198.826504][T11880]  ? security_capable+0x81/0x90
[  198.826536][T11880]  ? ns_capable+0x7d/0xb0
[  198.826560][T11880]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  198.826596][T11880]  rtnetlink_rcv_msg+0x65a/0x740
[  198.826707][T11880]  ? ref_tracker_free+0x3b8/0x420
[  198.826766][T11880]  ? __skb_clone+0x1d4/0x2f0
[  198.826801][T11880]  netlink_rcv_skb+0x12f/0x230
[  198.826830][T11880]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  198.826911][T11880]  rtnetlink_rcv+0x1c/0x30
[  198.826948][T11880]  netlink_unicast+0x605/0x6c0
[  198.826978][T11880]  netlink_sendmsg+0x609/0x720
[  198.827012][T11880]  ? __pfx_netlink_sendmsg+0x10/0x10
[  198.827103][T11880]  __sock_sendmsg+0x140/0x180
[  198.827124][T11880]  ____sys_sendmsg+0x350/0x4e0
[  198.827167][T11880]  __sys_sendmmsg+0x22a/0x4b0
[  198.827288][T11880]  __x64_sys_sendmmsg+0x57/0x70
[  198.827321][T11880]  x64_sys_call+0x2b53/0x2e10
[  198.827391][T11880]  do_syscall_64+0xc9/0x1c0
[  198.827427][T11880]  ? clear_bhb_loop+0x25/0x80
[  198.827451][T11880]  ? clear_bhb_loop+0x25/0x80
[  198.827472][T11880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.827497][T11880] RIP: 0033:0x7f93839bd169
[  198.827572][T11880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.827595][T11880] RSP: 002b:00007f938201f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  198.827652][T11880] RAX: ffffffffffffffda RBX: 00007f9383bd5fa0 RCX: 00007f93839bd169
[  198.827664][T11880] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000003
[  198.827676][T11880] RBP: 00007f938201f090 R08: 0000000000000000 R09: 0000000000000000
[  198.827687][T11880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.827700][T11880] R13: 0000000000000000 R14: 00007f9383bd5fa0 R15: 00007ffd126aa908
[  198.827781][T11880]  </TASK>
[  199.142496][T11887] netlink: 'syz.2.3036': attribute type 27 has an invalid length.
[  199.178032][T11885] netlink: 'syz.5.3035': attribute type 27 has an invalid length.
[  199.202298][T11887] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.209663][T11887] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.255544][T11887] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.266639][T11887] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.308147][T11887] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.317208][T11887] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.327135][T11887] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.336562][T11887] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.390812][T11858] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3024'.
[  199.409469][T11895] loop5: detected capacity change from 0 to 1024
[  199.507405][T11895] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.522888][T11895] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3040: bg 0: block 88: padding at end of block bitmap is not set
[  200.061423][ T5142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.388422][T11916] syz.0.3047 uses obsolete (PF_INET,SOCK_PACKET)
[  200.408170][T11920] netlink: 'syz.1.3050': attribute type 27 has an invalid length.
[  200.429340][T11916] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  200.487533][T11922] loop4: detected capacity change from 0 to 2048
[  200.536582][T11922] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.550209][T11920] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.557575][T11920] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.626383][T11929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  200.658317][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.672095][T11929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  200.727372][T11920] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  200.742201][T11920] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  200.758303][T11941] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3056'.
[  200.783922][T11920] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.792910][T11920] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.801916][T11920] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.811050][T11920] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  201.189159][T11951] FAULT_INJECTION: forcing a failure.
[  201.189159][T11951] name failslab, interval 1, probability 0, space 0, times 0
[  201.202618][T11951] CPU: 1 UID: 0 PID: 11951 Comm: syz.1.3059 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  201.202650][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  201.202665][T11951] Call Trace:
[  201.202672][T11951]  <TASK>
[  201.202682][T11951]  dump_stack_lvl+0xf6/0x150
[  201.202711][T11951]  dump_stack+0x15/0x1a
[  201.202744][T11951]  should_fail_ex+0x261/0x270
[  201.202771][T11951]  should_failslab+0x8f/0xb0
[  201.202808][T11951]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  201.202837][T11951]  ? __alloc_skb+0x10d/0x320
[  201.202881][T11951]  __alloc_skb+0x10d/0x320
[  201.202901][T11951]  ? audit_log_start+0x37f/0x6e0
[  201.202926][T11951]  audit_log_start+0x39a/0x6e0
[  201.202957][T11951]  ? kstrtouint+0x7b/0xc0
[  201.203031][T11951]  audit_seccomp+0x4b/0x130
[  201.203053][T11951]  __seccomp_filter+0x694/0x10e0
[  201.203090][T11951]  ? __perf_event_task_sched_out+0x13c/0xf00
[  201.203117][T11951]  ? switch_ldt+0x7f/0x140
[  201.203158][T11951]  ? _raw_spin_unlock+0x26/0x50
[  201.203184][T11951]  __secure_computing+0x7e/0x160
[  201.203239][T11951]  syscall_trace_enter+0xcf/0x1f0
[  201.203328][T11951]  do_syscall_64+0xaa/0x1c0
[  201.203358][T11951]  ? clear_bhb_loop+0x25/0x80
[  201.203404][T11951]  ? clear_bhb_loop+0x25/0x80
[  201.203430][T11951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.203521][T11951] RIP: 0033:0x7fe2181fd169
[  201.203539][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.203561][T11951] RSP: 002b:00007fe216867038 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[  201.203584][T11951] RAX: ffffffffffffffda RBX: 00007fe218415fa0 RCX: 00007fe2181fd169
[  201.203599][T11951] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 0000000000000005
[  201.203614][T11951] RBP: 00007fe216867090 R08: 0000000000000000 R09: 0000000000000000
[  201.203709][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.203723][T11951] R13: 0000000000000000 R14: 00007fe218415fa0 R15: 00007fffcee9cfa8
[  201.203746][T11951]  </TASK>
[  202.108545][T11966] loop5: detected capacity change from 0 to 2048
[  202.168676][T11966] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.222709][ T5142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.275360][T11935] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3055'.
[  202.315428][T11972] SELinux: ebitmap: truncated map
[  202.322042][T11972] SELinux: failed to load policy
[  202.347113][T11972] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3066'.
[  202.356779][T11972] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3066'.
[  202.615299][T11987] netlink: 'syz.5.3067': attribute type 10 has an invalid length.
[  202.623314][T11987] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3067'.
[  202.683330][T11991] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3073'.
[  202.791780][T12001] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3078'.
[  202.811741][T12001] loop5: detected capacity change from 0 to 1024
[  202.841810][T12001] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  202.853639][T12001] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  202.868034][T12001] JBD2: no valid journal superblock found
[  202.874056][T12001] EXT4-fs (loop5): Could not load journal inode
[  202.886935][T12001] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  202.996709][T12016] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  203.043997][T12020] netlink: 'syz.5.3085': attribute type 10 has an invalid length.
[  203.051889][T12020] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3085'.
[  203.061955][T12021] 9pnet_virtio: no channels available for device 127.0.0.1
[  203.070586][T12014] netlink: 'syz.2.3084': attribute type 39 has an invalid length.
[  203.233377][T12033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3092'.
[  203.249649][T12033] loop1: detected capacity change from 0 to 1024
[  203.256910][T12033] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  203.267909][T12033] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  203.281687][T12033] JBD2: no valid journal superblock found
[  203.287535][T12033] EXT4-fs (loop1): Could not load journal inode
[  203.314065][T12033] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  203.445027][T12048] netlink: 'syz.1.3098': attribute type 10 has an invalid length.
[  203.453004][T12048] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3098'.
[  203.589538][T12056] netlink: 'syz.1.3103': attribute type 3 has an invalid length.
[  203.598641][   T29] kauditd_printk_skb: 152 callbacks suppressed
[  203.598659][   T29] audit: type=1326 audit(1744889767.950:5067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2181fd169 code=0x7ffc0000
[  203.652559][T12038] netlink: '+}[@': attribute type 4 has an invalid length.
[  203.661113][T12038] netlink: '+}[@': attribute type 4 has an invalid length.
[  203.676943][T12059] loop5: detected capacity change from 0 to 2048
[  203.680141][   T29] audit: type=1326 audit(1744889767.950:5068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fe2181fd169 code=0x7ffc0000
[  203.707824][   T29] audit: type=1326 audit(1744889767.950:5069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2181fd169 code=0x7ffc0000
[  203.731372][   T29] audit: type=1326 audit(1744889767.950:5070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2181fd169 code=0x7ffc0000
[  203.825243][T12066] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3106'.
[  203.836727][T12059] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.875231][T12066] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  204.009675][   T29] audit: type=1326 audit(1744889768.350:5071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12058 comm="syz.5.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  204.034059][   T29] audit: type=1326 audit(1744889768.350:5072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12058 comm="syz.5.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  204.057673][   T29] audit: type=1326 audit(1744889768.350:5073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12058 comm="syz.5.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  204.082089][   T29] audit: type=1326 audit(1744889768.350:5074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12058 comm="syz.5.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  204.106321][   T29] audit: type=1326 audit(1744889768.350:5075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12058 comm="syz.5.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  204.130001][   T29] audit: type=1326 audit(1744889768.350:5076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12058 comm="syz.5.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7fbd6a54d169 code=0x7ffc0000
[  204.157668][T12088] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  204.189268][T12088] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  204.201773][T12088] EXT4-fs (loop5): This should not happen!! Data will be lost
[  204.201773][T12088] 
[  204.211478][T12088] EXT4-fs (loop5): Total free blocks count 0
[  204.217654][T12088] EXT4-fs (loop5): Free/Dirty block details
[  204.223682][T12088] EXT4-fs (loop5): free_blocks=2415919104
[  204.229477][T12088] EXT4-fs (loop5): dirty_blocks=32
[  204.234659][T12088] EXT4-fs (loop5): Block reservation details
[  204.240766][T12088] EXT4-fs (loop5): i_reserved_data_blocks=2
[  204.441341][T12094] netlink: 'syz.2.3114': attribute type 1 has an invalid length.
[  204.450590][ T5142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.523621][T12094] all: renamed from lo (while UP)
[  204.563177][T12057] chnl_net:caif_netlink_parms(): no params data found
[  204.683112][T12057] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.690246][T12057] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.711595][T12057] bridge_slave_0: entered allmulticast mode
[  204.719363][T12111] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  204.720693][T12057] bridge_slave_0: entered promiscuous mode
[  204.736193][T12057] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.743307][T12057] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.750631][T12057] bridge_slave_1: entered allmulticast mode
[  204.757573][T12057] bridge_slave_1: entered promiscuous mode
[  204.787082][T12057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  204.797996][T12057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  204.829348][T12099] loop5: detected capacity change from 0 to 256
[  204.841593][T12118] loop1: detected capacity change from 0 to 1024
[  204.855079][T12057] team0: Port device team_slave_0 added
[  204.870618][T12118] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  204.881586][T12057] team0: Port device team_slave_1 added
[  204.883782][T12118] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  204.900623][T12118] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  204.909759][T12118] EXT4-fs (loop1): orphan cleanup on readonly fs
[  204.919080][T12118] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  204.928862][T12118] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #3: comm syz.1.3123: mark_inode_dirty error
[  204.942186][T12057] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.943592][T12118] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.3123: Invalid block bitmap block 3 in block_group 0
[  204.949237][T12057] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.966874][T12118] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.3123: Invalid block bitmap block 3 in block_group 0
[  204.993236][T12057] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  205.020946][T12118] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.3123: Invalid block bitmap block 3 in block_group 0
[  205.043912][T12057] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.050931][T12057] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.077107][T12057] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.094128][T12118] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  205.110817][T12118] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #3: comm syz.1.3123: mark_inode_dirty error
[  205.129061][T12118] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 1: comm syz.1.3123: lblock 6 mapped to illegal pblock 1 (length 1)
[  205.150335][T12118] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 48: comm syz.1.3123: lblock 0 mapped to illegal pblock 48 (length 1)
[  205.170935][T12057] hsr_slave_0: entered promiscuous mode
[  205.178479][T12118] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.3123: Failed to acquire dquot type 0
[  205.187554][T12057] hsr_slave_1: entered promiscuous mode
[  205.193583][T12118] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 49: comm syz.1.3123: lblock 1 mapped to illegal pblock 49 (length 1)
[  205.202923][T12057] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  205.212794][T12118] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.3123: Failed to acquire dquot type 0
[  205.232194][T12057] Cannot create hsr debugfs directory
[  205.234083][T12118] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  205.253389][T12118] EXT4-fs error (device loop1): ext4_evict_inode:259: inode #15: comm syz.1.3123: mark_inode_dirty error
[  205.287479][T12118] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  205.304779][T12118] EXT4-fs (loop1): 1 orphan inode deleted
[  205.311035][T12118] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  205.379689][T11475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.417398][T12132] loop1: detected capacity change from 0 to 1024
[  205.431443][T12132] EXT4-fs: Ignoring removed i_version option
[  205.463873][T12132] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.514503][T11475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.570452][T12140] loop5: detected capacity change from 0 to 2048
[  205.602126][T12057] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  205.636792][T12057] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  205.648519][T12057] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  205.651967][T12146] netlink: 'syz.1.3132': attribute type 10 has an invalid length.
[  205.666209][T12148] all: renamed from lo (while UP)
[  205.671536][T12148] FAULT_INJECTION: forcing a failure.
[  205.671536][T12148] name failslab, interval 1, probability 0, space 0, times 0
[  205.684249][T12148] CPU: 1 UID: 0 PID: 12148 Comm: syz.2.3131 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  205.684339][T12148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  205.684354][T12148] Call Trace:
[  205.684362][T12148]  <TASK>
[  205.684370][T12148]  dump_stack_lvl+0xf6/0x150
[  205.684396][T12148]  dump_stack+0x15/0x1a
[  205.684415][T12148]  should_fail_ex+0x261/0x270
[  205.684493][T12148]  should_failslab+0x8f/0xb0
[  205.684528][T12148]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[  205.684621][T12148]  ? kstrdup_const+0x3e/0x50
[  205.684701][T12148]  kstrdup+0x3d/0xd0
[  205.684721][T12148]  kstrdup_const+0x3e/0x50
[  205.684746][T12148]  kernfs_rename_ns+0x26b/0x420
[  205.684773][T12148]  sysfs_rename_dir_ns+0x4d/0x70
[  205.684818][T12148]  kobject_rename+0x285/0x350
[  205.684839][T12148]  ? sysfs_rename_link_ns+0x105/0x120
[  205.684870][T12148]  device_rename+0x12a/0x1a0
[  205.684894][T12148]  netif_change_name+0x1fb/0x6d0
[  205.684996][T12148]  ? mark_reg_read+0x143/0x220
[  205.685024][T12148]  ? __check_reg_arg+0x284/0x2a0
[  205.685054][T12148]  ? nla_strscpy+0xef/0x120
[  205.685086][T12148]  do_setlink+0x8e3/0x2430
[  205.685183][T12148]  ? mutex_spin_on_owner+0x6b/0x170
[  205.685277][T12148]  rtnl_newlink+0xe84/0x12d0
[  205.685425][T12148]  ? __rcu_read_unlock+0x4e/0x70
[  205.685499][T12148]  ? xa_load+0xbd/0xe0
[  205.685531][T12148]  ? ___slab_alloc+0x2b9/0x980
[  205.685556][T12148]  ? mod_objcg_state+0x3f9/0x530
[  205.685592][T12148]  ? __rcu_read_unlock+0x4e/0x70
[  205.685622][T12148]  ? avc_has_perm_noaudit+0x1cc/0x210
[  205.685655][T12148]  ? selinux_capable+0x1f9/0x260
[  205.685801][T12148]  ? security_capable+0x81/0x90
[  205.685828][T12148]  ? ns_capable+0x7d/0xb0
[  205.685846][T12148]  ? __pfx_rtnl_newlink+0x10/0x10
[  205.685878][T12148]  rtnetlink_rcv_msg+0x65a/0x740
[  205.685929][T12148]  ? avc_has_perm_noaudit+0x1cc/0x210
[  205.685960][T12148]  netlink_rcv_skb+0x12f/0x230
[  205.685986][T12148]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  205.686079][T12148]  rtnetlink_rcv+0x1c/0x30
[  205.686111][T12148]  netlink_unicast+0x605/0x6c0
[  205.686138][T12148]  netlink_sendmsg+0x609/0x720
[  205.686245][T12148]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.686274][T12148]  __sock_sendmsg+0x140/0x180
[  205.686294][T12148]  ____sys_sendmsg+0x350/0x4e0
[  205.686334][T12148]  __sys_sendmsg+0x1a0/0x240
[  205.686375][T12148]  __x64_sys_sendmsg+0x46/0x50
[  205.686404][T12148]  x64_sys_call+0x26f3/0x2e10
[  205.686441][T12148]  do_syscall_64+0xc9/0x1c0
[  205.686474][T12148]  ? clear_bhb_loop+0x25/0x80
[  205.686504][T12148]  ? clear_bhb_loop+0x25/0x80
[  205.686526][T12148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.686546][T12148] RIP: 0033:0x7f93839bd169
[  205.686613][T12148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.686632][T12148] RSP: 002b:00007f938201f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.686652][T12148] RAX: ffffffffffffffda RBX: 00007f9383bd5fa0 RCX: 00007f93839bd169
[  205.686666][T12148] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000008
[  205.686679][T12148] RBP: 00007f938201f090 R08: 0000000000000000 R09: 0000000000000000
[  205.686692][T12148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  205.686778][T12148] R13: 0000000000000000 R14: 00007f9383bd5fa0 R15: 00007ffd126aa908
[  205.686798][T12148]  </TASK>
[  205.689386][T12140] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.776192][T12057] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  206.055321][ T5142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.139476][T12057] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.157821][T12155] netlink: 'syz.1.3135': attribute type 10 has an invalid length.
[  206.176599][T12057] 8021q: adding VLAN 0 to HW filter on device team0
[  206.188431][  T559] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.195546][  T559] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.208404][T12157] loop5: detected capacity change from 0 to 512
[  206.215120][T12157] EXT4-fs: Ignoring removed oldalloc option
[  206.231982][  T559] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.239155][  T559] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.249149][T12157] EXT4-fs error (device loop5): ext4_quota_enable:7126: inode #4: comm syz.5.3136: unexpected EA_INODE flag
[  206.269695][T12057] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  206.280131][T12057] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  206.291762][T12157] EXT4-fs error (device loop5): ext4_quota_enable:7129: comm syz.5.3136: Bad quota inode: 4, type: 1
[  206.331669][T12157] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  206.350870][T12157] EXT4-fs (loop5): mount failed
[  206.420634][T12057] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.569457][T12057] veth0_vlan: entered promiscuous mode
[  206.579972][T12057] veth1_vlan: entered promiscuous mode
[  206.600601][T12057] veth0_macvtap: entered promiscuous mode
[  206.612332][T12057] veth1_macvtap: entered promiscuous mode
[  206.623247][T12057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.633840][T12057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.644494][T12057] batman_adv: batadv0: Interface activated: batadv_slave_0
[  206.660145][T12057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.670717][T12057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.681246][T12183] loop1: detected capacity change from 0 to 256
[  206.682059][T12057] batman_adv: batadv0: Interface activated: batadv_slave_1
[  206.699370][T12057] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.709016][T12057] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.717841][T12057] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.726660][T12057] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.744750][T12167] IPVS: Error connecting to the multicast addr
[  206.777204][T12186] FAULT_INJECTION: forcing a failure.
[  206.777204][T12186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.790513][T12186] CPU: 0 UID: 0 PID: 12186 Comm: syz.2.3140 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  206.790541][T12186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  206.790633][T12186] Call Trace:
[  206.790640][T12186]  <TASK>
[  206.790646][T12186]  dump_stack_lvl+0xf6/0x150
[  206.790670][T12186]  dump_stack+0x15/0x1a
[  206.790689][T12186]  should_fail_ex+0x261/0x270
[  206.790719][T12186]  should_fail+0xb/0x10
[  206.790743][T12186]  should_fail_usercopy+0x1a/0x20
[  206.790794][T12186]  _copy_to_user+0x20/0xa0
[  206.790891][T12186]  simple_read_from_buffer+0xb2/0x130
[  206.790929][T12186]  proc_fail_nth_read+0x103/0x140
[  206.790954][T12186]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  206.790977][T12186]  vfs_read+0x1b2/0x710
[  206.791028][T12186]  ? __rcu_read_unlock+0x4e/0x70
[  206.791058][T12186]  ? __fget_files+0x186/0x1c0
[  206.791081][T12186]  ksys_read+0xeb/0x1b0
[  206.791169][T12186]  __x64_sys_read+0x42/0x50
[  206.791203][T12186]  x64_sys_call+0x2a3b/0x2e10
[  206.791278][T12186]  do_syscall_64+0xc9/0x1c0
[  206.791310][T12186]  ? clear_bhb_loop+0x25/0x80
[  206.791390][T12186]  ? clear_bhb_loop+0x25/0x80
[  206.791492][T12186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.791532][T12186] RIP: 0033:0x7f93839bbb7c
[  206.791547][T12186] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  206.791567][T12186] RSP: 002b:00007f938201f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  206.791590][T12186] RAX: ffffffffffffffda RBX: 00007f9383bd5fa0 RCX: 00007f93839bbb7c
[  206.791606][T12186] RDX: 000000000000000f RSI: 00007f938201f0a0 RDI: 0000000000000004
[  206.791622][T12186] RBP: 00007f938201f090 R08: 0000000000000000 R09: 0000000000000000
[  206.791635][T12186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.791647][T12186] R13: 0000000000000000 R14: 00007f9383bd5fa0 R15: 00007ffd126aa908
[  206.791741][T12186]  </TASK>
[  207.060526][T12198] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  207.135779][T12208] SELinux: ebitmap: truncated map
[  207.152305][T12208] SELinux: failed to load policy
[  207.178349][T12206] loop4: detected capacity change from 0 to 1024
[  207.185597][T12206] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  207.196608][T12206] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  207.214543][T12206] JBD2: no valid journal superblock found
[  207.220379][T12206] EXT4-fs (loop4): Could not load journal inode
[  207.245889][T12206] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  207.352324][T12221] loop4: detected capacity change from 0 to 512
[  207.360297][T12221] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  207.376922][T12221] EXT4-fs (loop4): 1 truncate cleaned up
[  207.383092][T12221] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.397643][T12221] netlink: 'syz.4.3155': attribute type 10 has an invalid length.
[  207.414856][T12221] batman_adv: batadv0: Adding interface: team0
[  207.421205][T12221] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.447185][T12221] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  207.509777][T12057] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.593956][T12228] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  207.629309][T12237] __nla_validate_parse: 10 callbacks suppressed
[  207.629329][T12237] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3163'.
[  207.661444][T12237] loop1: detected capacity change from 0 to 1024
[  207.702611][T12237] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  207.714299][T12237] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  207.752537][T12237] JBD2: no valid journal superblock found
[  207.758405][T12237] EXT4-fs (loop1): Could not load journal inode
[  207.782734][T12237] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  208.235172][T12268] 9pnet_virtio: no channels available for device 127.0.0.1
[  208.268676][T12268] netlink: 'syz.5.3175': attribute type 39 has an invalid length.
[  208.377456][T12271] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  208.406499][T12272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3168'.
[  208.426840][T12272] hsr_slave_0: left promiscuous mode
[  208.436713][T12272] hsr_slave_1: left promiscuous mode
[  208.504451][T12274] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3178'.
[  208.526536][T12274] loop5: detected capacity change from 0 to 1024
[  208.548032][T12274] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  208.559916][T12274] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  208.591316][T12274] JBD2: no valid journal superblock found
[  208.597852][T12274] EXT4-fs (loop5): Could not load journal inode
[  208.624076][T12274] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  208.665709][T12282] 9pnet_virtio: no channels available for device 127.0.0.1
[  208.676305][T12282] netlink: 'syz.2.3181': attribute type 39 has an invalid length.
[  208.771388][T12291] netlink: 'syz.2.3186': attribute type 10 has an invalid length.
[  208.779482][T12291] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3186'.
[  208.871244][T12303] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  208.900116][T12305] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3192'.
[  208.916527][T12305] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  208.993395][T12308] loop5: detected capacity change from 0 to 1024
[  209.013766][T12308] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  209.042581][T12308] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  209.070090][T12308] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  209.095731][T12308] EXT4-fs (loop5): orphan cleanup on readonly fs
[  209.122533][T12308] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  209.144856][T12308] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.3194: mark_inode_dirty error
[  209.173558][T12308] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3194: Invalid block bitmap block 3 in block_group 0
[  209.216592][T12308] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3194: Invalid block bitmap block 3 in block_group 0
[  209.235992][T12308] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3194: Invalid block bitmap block 3 in block_group 0
[  209.250798][T12308] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  209.266484][T12264] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3174'.
[  209.275925][T12264] hsr_slave_0: left promiscuous mode
[  209.281851][T12308] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.3194: mark_inode_dirty error
[  209.294996][T12264] hsr_slave_1: left promiscuous mode
[  209.295174][T12308] __quota_error: 58 callbacks suppressed
[  209.295190][T12308] Quota error (device loop5): write_blk: dquota write failed
[  209.313597][T12308] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm syz.5.3194: lblock 6 mapped to illegal pblock 1 (length 1)
[  209.338673][T12308] Quota error (device loop5): write_blk: dquota write failed
[  209.346621][T12308] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  209.359294][T12308] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 48: comm syz.5.3194: lblock 0 mapped to illegal pblock 48 (length 1)
[  209.380674][T12308] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  209.389650][T12308] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.3194: Failed to acquire dquot type 0
[  209.409515][T12302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3191'.
[  209.413111][T12308] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 49: comm syz.5.3194: lblock 1 mapped to illegal pblock 49 (length 1)
[  209.434898][T12308] Quota error (device loop5): do_insert_tree: Can't read tree quota block 1
[  209.436916][T12302] hsr_slave_0: left promiscuous mode
[  209.443737][T12308] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  209.443764][T12308] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.3194: Failed to acquire dquot type 0
[  209.464929][T12308] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  209.484240][T12302] hsr_slave_1: left promiscuous mode
[  209.484548][T12308] EXT4-fs error (device loop5): ext4_evict_inode:259: inode #15: comm syz.5.3194: mark_inode_dirty error
[  209.501654][T12308] EXT4-fs warning (device loop5): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  209.514115][T12308] EXT4-fs (loop5): 1 orphan inode deleted
[  209.520458][T12308] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  209.581173][ T5142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.823305][T12334] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3204'.
[  209.862195][T12334] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  209.927463][T12326] loop5: detected capacity change from 0 to 256
[  210.273673][T12351] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3209'.
[  210.284617][T12351] hsr_slave_0: left promiscuous mode
[  210.290733][T12351] hsr_slave_1: left promiscuous mode
[  210.356024][T12361] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  210.448892][T12367] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3217'.
[  210.474113][T12367] loop1: detected capacity change from 0 to 1024
[  210.483448][T12367] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  210.494551][T12367] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  210.513022][T12367] JBD2: no valid journal superblock found
[  210.518823][T12367] EXT4-fs (loop1): Could not load journal inode
[  210.566707][T12367] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  210.713085][T12386] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  210.728306][T12381] SELinux: ebitmap: truncated map
[  210.742266][T12381] SELinux: failed to load policy
[  210.871312][T12398] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  210.902734][T12402] loop1: detected capacity change from 0 to 2048
[  210.950813][T12402] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.984256][T12402] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  211.000230][T12402] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  211.012680][T12402] EXT4-fs (loop1): This should not happen!! Data will be lost
[  211.012680][T12402] 
[  211.022901][T12402] EXT4-fs (loop1): Total free blocks count 0
[  211.029724][T12402] EXT4-fs (loop1): Free/Dirty block details
[  211.035868][T12402] EXT4-fs (loop1): free_blocks=2415919104
[  211.041874][T12402] EXT4-fs (loop1): dirty_blocks=32
[  211.047040][T12402] EXT4-fs (loop1): Block reservation details
[  211.053830][T12402] EXT4-fs (loop1): i_reserved_data_blocks=2
[  211.091026][T11475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.111723][T12420] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  211.210644][T12431] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  211.391778][T12451] vhci_hcd: default hub control req: 0007 v0003 i0005 l0
[  212.124848][T11475] ==================================================================
[  212.132999][T11475] BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_getattr
[  212.140942][T11475] 
[  212.143283][T11475] read-write to 0xffff8881187510d0 of 8 bytes by task 12456 on cpu 0:
[  212.151454][T11475]  shmem_add_to_page_cache+0x3bb/0x4b0
[  212.156954][T11475]  shmem_get_folio_gfp+0x4dd/0xd30
[  212.162151][T11475]  shmem_write_begin+0xa7/0x190
[  212.167041][T11475]  generic_perform_write+0x189/0x4b0
[  212.172353][T11475]  shmem_file_write_iter+0xc2/0xe0
[  212.177522][T11475]  __kernel_write_iter+0x243/0x4c0
[  212.182663][T11475]  dump_user_range+0x5ed/0x8b0
[  212.187456][T11475]  elf_core_dump+0x1d61/0x1ef0
[  212.192252][T11475]  do_coredump+0x1814/0x1f50
[  212.196887][T11475]  get_signal+0xdb7/0x1080
[  212.201338][T11475]  arch_do_signal_or_restart+0x9a/0x4b0
[  212.206915][T11475]  irqentry_exit_to_user_mode+0xa7/0x120
[  212.212601][T11475]  irqentry_exit+0x12/0x50
[  212.217038][T11475]  asm_exc_page_fault+0x26/0x30
[  212.221912][T11475] 
[  212.224344][T11475] read to 0xffff8881187510d0 of 8 bytes by task 11475 on cpu 1:
[  212.232033][T11475]  shmem_getattr+0x69/0x200
[  212.236562][T11475]  vfs_getattr+0x172/0x1b0
[  212.241022][T11475]  vfs_statx+0x12c/0x310
[  212.245291][T11475]  vfs_fstatat+0xe4/0x130
[  212.249641][T11475]  __se_sys_newfstatat+0x58/0x260
[  212.254691][T11475]  __x64_sys_newfstatat+0x55/0x70
[  212.259751][T11475]  x64_sys_call+0x2d6f/0x2e10
[  212.264469][T11475]  do_syscall_64+0xc9/0x1c0
[  212.269016][T11475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.274942][T11475] 
[  212.277273][T11475] value changed: 0x00000000000038aa -> 0x00000000000038ad
[  212.284404][T11475] 
[  212.286730][T11475] Reported by Kernel Concurrency Sanitizer on:
[  212.292894][T11475] CPU: 1 UID: 0 PID: 11475 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  212.303849][T11475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.313929][T11475] ==================================================================
[  212.331074][T12464] loop5: detected capacity change from 0 to 1024
[  212.351487][T12464] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  212.362434][T12464] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  212.385896][T12464] JBD2: no valid journal superblock found
[  212.391843][T12464] EXT4-fs (loop5): Could not load journal inode
[  212.411833][T12464] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  213.802442][ T1704] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3